17 matches found
VMware Workstation 17.x, 25H2 < 25H2u1 Multiple Vulnerabilities (VMSA-2026-0002)
The version of VMware Workstation installed on the remote host is 17.x, 25H2.x prior to 25H2u1. It is, therefore, affected by multiple vulnerabilities. - VMWare Workstation and Fusion contain a logic flaw in the management of network packets. A malicious actor with administrative privileges on a...
CVE-2025-14483
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.72, 6.2.0.0 through 6.2.0.51, 6.2.1.0 through 6.2.1.11, and 6.2.2.0 could disclose sensitive host information to authenticated users in responses that could be used in further attacks against the system...
CVE-2025-14483
CVE-2025-14483 affects IBM Sterling B2B Integrator and IBM Sterling File Gateway across multiple versions: 6.1.0.0–6.1.2.7_2, 6.2.0.0–6.2.0.5_1, 6.2.1.0–6.2.1.1_1, and 6.2.2.0. The issue is an information disclosure vulnerability where authenticated users can receive sensitive host information in...
PT-2026-25350
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.7 2, 6.2.0.0 through 6.2.0.5 1, 6.2.1.0 through 6.2.1.1 1, and 6.2.2.0 could disclose sensitive host information to authenticated users in responses that could be used in further attacks against the system...
EUVD-2026-9043
Out-of-bound read vulnerability in VMware Workstation 25H1 and below on any platform allows an actor with non-administrative privileges on a guest VM to obtain limited information disclosure from the machine where VMware Workstation is installed...
CVE-2026-22716
Out-of-bound write vulnerability in VMware Workstation 25H1 and below on any platform allows an actor with non-administrative privileges on a guest VM to terminate certain Workstation processes...
CVE-2026-22717
CVE-2026-22717 is an out-of-bounds read vulnerability in VMware Workstation
Improper Input Validation
github.com/opencontainers/runc is vulnerable to improper input validation. The vulnerability is due to insufficient verification of the bind-mount source /dev/null, which allows an attacker to exploit it via arbitrary mount manipulation, leading to host information disclosure, denial of service,...
AZL-70592 CVE-2025-31133 affecting package kubernetes for versions less than 1.30.10-16
runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7 and below, 1.3.0-rc.1 through 1.3.1, 1.4.0-rc.1 and 1.4.0-rc.2 files, runc would not perform sufficient verification that the source of the bind-mount i.e., the container's /dev/null was...
CVE-2025-31133 runc container escape via "masked path" abuse due to mount race conditions
runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7 and below, 1.3.0-rc.1 through 1.3.1, 1.4.0-rc.1 and 1.4.0-rc.2 files, runc would not perform sufficient verification that the source of the bind-mount i.e., the container's /dev/null was...
CVE-2025-31133 runc container escape via "masked path" abuse due to mount race conditions
runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7 and below, 1.3.0-rc.1 through 1.3.1, 1.4.0-rc.1 and 1.4.0-rc.2 files, runc would not perform sufficient verification that the source of the bind-mount i.e., the container's /dev/null was...
CVE-2025-31133
CVE-2025-31133 (runc) affects the runc runtime when using certain bind-mount sources, where verification of the source inode for "/dev/null" could be bypassed. Affected versions include 1.2.7 and earlier, 1.3.0-rc.1 through 1.3.1, and 1.4.0-rc.1 and 1.4.0-rc.2. The issue enables an attacker to pe...
TIBCO Security Advisory: November 19, 2024 - TIBCO API Exchange Gateway - CVE-2024-10514
TIBCO APIX - XML External Entity XXE Injection Vulnerability Original release date: November 19, 2024 Last revised: --- CVE-2024-10514 Source: TIBCO Software Inc. Products Affected TIBCO API Exchange Gateway 2.4.0 and 2.5.0 Component Affected API Exchange Gateway Description The TIBCO API Exchang...
ZITADEL 安全漏洞
ZITADEL is a modern open source alternative to Auth0, Firebase Auth, AWS Cognito, and Keycloak built for the age of containers and serverless, open sourced by ZITADEL in Switzerland. A security vulnerability exists in Zitadel that stems from the fact that Zitadel discloses internal database...
TIBCO Administrator - Enterprise Edition TIBCO Administrator server component external entity injection vulnerability
TIBCO Administrator is an application for deploying TIBCO products from TIBCO Software, USA. The program supports deploying TIBCO products, managing users, monitoring hosts, etc. TIBCO Administrator-Enterprise Edition is its enterprise edition.TIBCO Administrator server is one of the management...
CVE-2018-5433
The TIBCO Administrator server component of TIBCO Software Inc.'s TIBCO Administrator - Enterprise Edition, and TIBCO Administrator - Enterprise Edition for z/Linux contains vulnerabilities wherein a malicious user could perform XML external entity expansion XXE attacks to disclose host machine...
openSUSE Security Update : libsnmp15 (libsnmp15-1922)
This update of net-snmp fixes the following bugs : - truncated walk of hrSWRunPath bnc565586 - crash when 64-bit counters wrap bnc523553 - unknown host names in snmp traps bnc514333 - sensitive host information disclosure bnc475532, CVE-2008-6123 %NASLMINLEVEL 70300 C Tenable Network Security, In...