Security Bulletin: IBM Sterling Connect:Direct for Unix is impacted by vulnerabilities due to IBM Java 17

Summary IBM Java 17 is used by IBM Sterling Connect:Direct for UNIX in product configuration and data transmission. IBM Sterling Connect:Direct for UNIX is impacted by vulnerabilities in IBM Java 17. IBM Sterling Connect:Direct for UNIX has upgraded IBM Java 17 to address the issues. Vulnerabilit...

CVE-2025-13867

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 through 11.5.9 and 12.1.0 through 12.1.3 could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic...

Linux Distros Unpatched Vulnerability : CVE-2025-2668

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 is vulnerable to a denial of service as the server may crash when an authenticat...

PT-2026-5458

Name of the Vulnerable Software and Affected Versions IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server versions 11.5.0 through 11.5.9 IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server versions 12.1.0 through 12.1.3 Description The software may allow a local user to...

CVE-2025-36065 Multiple vulnerabilities were addressed in IBM Sterling Connect:Express for UNIX.

IBM Sterling Connect:Express Adapter for Sterling B2B Integrator 5.2.0 5.2.0.00 through 5.2.0.12 does not invalidate session after a browser closure which could allow an authenticated user to impersonate another user on the system...

CVE-2025-11021 affecting package libsoup for versions less than 3.0.4-10

CVE-2025-11021 affecting package libsoup for versions less than 3.0.4-10. A patched version of the package is available...

EUVD-2007-4122

Malware in sbrugna...

Security Bulletin: IBM Sterling Connect:Direct for UNIX is vulnerable to Uncontrolled Resource Consumption due to Eclipse Jetty.

Summary Eclipse Jetty is used by IBM Sterling Connect:Direct for UNIX in upgrade management. IBM Sterling Connect:Direct for UNIX is impacted by vulnerability in Eclipse Jetty. Vulnerability Details CVEID:CVE-2025-1948 DESCRIPTION: In Eclipse Jetty versions 12.0.0 to 12.0.16 included, an HTTP/2...

How to Configure Windows 2003 Network File Share as Authenticated Storage Repository for XenServer

This document describes how to configure Windows Server 2003 Release 2 Server Network File Share NFS as an authenticated storage repository for XenServer. The NFS component is only included in Windows Server 2003 Release 2. If you do not have this edition, you can achieve the same results by...

SUSE CVE-2007-4138

The Winbind nssinfo extension nsswitch/idmapad.c in idmapad.so in Samba 3.0.25 through 3.0.25c, when the "winbind nss info" option is set to rfc2307 or sfu, grants all local users the privileges of gid 0 when the 1 RFC2307 or 2 Services for UNIX SFU primary group attribute is not defined...

Security Bulletin: IBM Sterling Connect:Direct for UNIX is vulnerable to remote code execution due to Apache Commons Text [CVE-2022-42889]

Summary IBM Sterling Connect:Direct for UNIX components Install Agent and File Agent are vulnerable to remote code execution due to Apache Commons Text CVE-2022-42889. Apache Commons Text has been upgraded to version 1.10.0 in IBM Sterling Connect:Direct for UNIX Install Agent and File Agent...

Security Bulletin: IBM Sterling Connect:Direct for UNIX Container is vulnerable to execute arbitrary commands due to OpenSSL (CVE-2022-1292)

Summary There is a vulnerability in the OpenSSL library used by IBM Sterling Connect:Direct for UNIX Container. IBM Sterling Connect:Direct for UNIX Container has addressed the applicable issue by upgrading OpenSSL to 1.1.1k. Vulnerability Details CVEID:CVE-2022-1292 DESCRIPTION: OpenSSL could...

CVE-2022-39843

123elf Lotus 1-2-3 before 1.0.0rc3 for Linux, and Lotus 1-2-3 R3 for UNIX and other platforms through 9.8.2, allow attackers to execute arbitrary code via a crafted worksheet. This occurs because of a stack-based buffer overflow in the cell format processing routines, as demonstrated by a certain...

CVE-2022-30788

A crafted NTFS image can cause a heap-based buffer overflow in ntfsmftrecalloc in NTFS-3G through 2021.8.22...

Security Bulletin: December 2015 OpenSSL Vulnerabilities in Multiple N series Products

Summary Multiple N series products incorporate the OpenSSL software libraries to provide cryptographic capabilities. OpenSSL versions below 1.0.2e, 1.0.1q, 1.0.0t, and 0.9.8zh are susceptible to vulnerabilities that could lead to a denial of service attack or information disclosure. Multiple N...

[SECURITY] Fedora 34 Update: python-urllib3-1.25.10-5.fc34

Python HTTP module with connection pooling and file POST abilities...

Security Bulletin: Authentication mechanism vulnerability affects IBM Connect:Direct for UNIX (CVE-2020-4747)

Summary IBM Connect:Direct for UNIX can allow a local or remote user to obtain an authenticated CLI session due to improper authentication methods. Vulnerability Details CVEID: CVE-2020-4747 DESCRIPTION: IBM Connect:Direct for UNIX can allow a local or remote user to obtain an authenticated CLI...

Security Bulletin: Multiple Vulnerabilities in OpenSSL affect IBM Sterling Connect:Express for Unix

Summary OpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by IBM Sterling Connect:Express for UNIX. IBM Sterling Connect:Express for UNIX has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-2107 DESCRIPTION: OpenSSL could allow a...

Security Bulletin: Vulnerability in RC4 stream cipher affects Connect:Express for UNIX (CVE-2015-2808)

Summary The RC4 “Bar Mitzvah” Attack for SSL/TLS affects Connect:Express for UNIX Vulnerability Details CVEID: CVE-2015-2808 DESCRIPTION: The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this...

Security Bulletin: Vulnerabilities in OpenSSL affect Sterling Connect:Express for UNIX (CVE-2016-7055, CVE-2017-3731 and CVE-2017-3732)

Summary OpenSSL vulnerabilities were disclosed on January 26, 2017 by the OpenSSL Project. OpenSSL is used by IBM Sterling Connect:Express for UNIX. IBM Sterling Connect:Express for UNIX has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-7055 DESCRIPTION: OpenSSL is vulnerab...