Security Bulletin: IBM Sterling Connect:Direct for Microsoft Windows is vulnerable to an issue in Bouncy Castle

Summary There is a vulnerability in Bouncy Castle used by IBM Sterling Connect:Direct for Microsoft Windows. IBM Sterling Connect:Direct for Microsoft Windows has addressed the applicable CVE CVE-2026-5588. Vulnerability Details CVEID:CVE-2026-5588 DESCRIPTION: Use of a Broken or Risky...

CVE-2025-60021

Apache bRPC CVE-2025-60021 is a remote command injection in the heap profiler built-in service (/pprof/heap) affecting all versions

EUVD-2023-2077

Malicious code in bioql PyPI...

EUVD-2022-0421

Malicious code in bioql PyPI...

Security Bulletin: There is a vulnerability in WebSphere Liberty used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2024-47535)

Summary There is a vulnerability in WebSphere Liberty used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2024-47535 DESCRIPTION: Netty is an asynchronous event-driven network application framework for rapid development of maintainable high...

CVE-2025-30067

Improper Control of Generation of Code 'Code Injection' vulnerability in Apache Kylin. If an attacker gets access to Kylin's system or project admin permission, the JDBC connection configuration maybe altered to execute arbitrary code from the remote. You are fine as long as the Kylin's system an...

CVE-2024-35198

TorchServe is a flexible and easy-to-use tool for serving and scaling PyTorch models in production. TorchServe 's check on allowedurls configuration can be by-passed if the URL contains characters such as ".." but it does not prevent the model from being downloaded into the model store. Once a fi...

Security Bulletin: Multiple Java DOS vulnerabilities detected

Summary java vulnerability allows unauthenticated attacker with network access via multiple protocols Vulnerability Details CVEID:CVE-2022-21426 DESCRIPTION: An unspecified vulnerability in Java SE related to the JAXP component could allow an unauthenticated attacker to cause a denial of service...

PT-2022-33883 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions 3.17 through 5.15.60 Description: The issue is related to a potential information leak in the wil write file wmi function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux...

PT-2022-33367 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v5.19 through v5.19.3 Description: The issue is related to a use-after-free error on the amdgpu bo list mutex. It was introduced in version v5.19 and fixed in version v5.19.4. The actual impact and attack plausibility ha...

Security Bulletin: A vulnerability in IBM® SDK, Java™ affects Rational Asset Analyzer (CVE-2021-35603)

Summary There is a vulnerability in IBM® Java™ version 8 used by Rational Asset Analyzer. This has been addressed. Vulnerability Details CVEID: CVE-2021-35603 DESCRIPTION: An unspecified vulnerability in Java SE related to the JSSE component could allow an unauthenticated attacker to obtain...

[ASA-202012-24] openssl: denial of service

Arch Linux Security Advisory ASA-202012-24 ========================================== Severity: High Date : 2020-12-16 CVE-ID : CVE-2020-1971 Package : openssl Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-1335 Summary ======= The package openssl before version...

Security Bulletin: A cross-site request forgery (CSRF) vulnerability may impact IBM Cúram Social Program Management (CVE-2020-4773)

Summary A cross-site request forgery CSRF vulnerability may impact IBM Cúram Social Program Management, which is an attack that forces a user to execute unwanted actions on the web application while they are currently authenticated. This applies to a single server class only, with no impact to...

[SECURITY] [DLA 2011-1] xmlrpc-epi security update

Package : xmlrpc-epi Version : 0.54.2-1.1+deb8u1 CVE ID : CVE-2016-6296 An issue in xmlrpc-epi, an XML-RPC request serialisation/deserialisation library, has been found. An integer signedness error in the simplestringaddn function in simplestring.c in xmlrpc-epi could be used for a heap based...

Security Bulletin: Vulnerabilities exist in Watson Explorer Analytical Components, Watson Explorer Annotation Administration Console, and Watson Content Analytics

Summary Security vulnerabilities have been identified in IBM Watson Explorer Analytical Components, Watson Explorer Foundational Components Annotation Administration Console, and IBM Watson Content Analytics. Vulnerability Details CVEID: CVE-2016-5986 DESCRIPTION: IBM WebSphere Application Server...

Debian: Security Advisory (DSA-3511-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 2087-1] New cabextract packages fix arbitrary code execution

------------------------------------------------------------------------ Debian Security Advisory DSA-2087-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff August 04, 2010 http://www.debian.org/security/faq -...

PHPMPS 0day-vulnerability warning-the black bar safety net

Author:Minghacker From:http://www.3est.com Blog: http://yxmhero1989.blog.163.com PHPMPS ,masterhttp://www.phpmps.com/to download. v2. 0 official version of GBK and v2. 0 full version UTF8 There are serious security risks, hope you do not destroy, and calmly wait for the official fix upgrade...

[Backports-security-announce] Security Update for pdns

Gerfried Fuchs uploaded new packages for pdns which fixed the following security problem: CVE-2008-5277 Some PowerDNS Configurations can be forced to restart remotely through receiving a HINFO CH query. For the etch-backports distribution the problem has been fixed in version 2.9.21.2-1bpo40+1. F...

[SECURITY] [DSA 690-1] New bsmtpd packages fix arbitrary command execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 690-1 [email protected] http://www.debian.org/security/ Martin Schulze February 25th, 2005 http://www.debian.org/security/faq -...