Security Bulletin: IBM Integration Designer is vulnerable to incorrect Calculation of Buffer Size (CVE-2026-1188)

Summary Vulnerability in the IBM® Runtime Environment Java™ Version 8 used by IBM Integration Designer. IBM Integration Designer has addressed CVE-2026-1188. Vulnerability Details CVEID:CVE-2026-1188 DESCRIPTION: In the Eclipse OMR port library component since release 0.2.0, an API function to...

CVE-2025-62161

creationtimestamp| type| source ---|---|--- 2025-11-06 01:35:42+00:00| seen| https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3m4wgealc2zj2 2025-11-06 03:46:56+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m4wnpd2aiu2b...

CVE-2025-6533

creationtimestamp| type| source ---|---|--- 2025-06-24 00:46:12+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/19276 2025-06-24 04:19:51+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lsdalvamqs2i...

CVE-2025-25032

IBM Cognos Analytics is affected by a memory-resource exhaustion denial-of-service vulnerability (CVE-2025-25032) impacting versions 11.2.0 through 12.0.4. An authenticated user can trigger a crafted request that exhausts memory, potentially impacting availability. Affected products/versions incl...

CVE-2011-5303

Cross-site scripting XSS vulnerability in Spitfire CMS 1.0.436 allows remote attackers to inject arbitrary web script or HTML via a cmsusername cookie...

SUSE-SU-2025:1408-1 Security update for the Linux Kernel (Live Patch 64 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122244 fixes one issue. The following security issue was fixed: - CVE-2024-56650: netfilter: xtables: fix LED ID check in ledtgcheck bsc1235431...

Debian: Security Advisory (DLA-4135-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Joomla! Authentication Bypass Vulnerability (20250402)

Joomla! is prone to an authentication bypass vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:joomla:joomla";...

GitHub Action Compromise Puts CI/CD Secrets at Risk in Over 23,000 Repositories

Cybersecurity researchers are calling attention to an incident in which the popular GitHub Action tj-actions/changed-files was compromised to leak secrets from repositories using the continuous integration and continuous delivery CI/CD workflow. The incident involved the tj-actions/changed-files...

Linux Distros Unpatched Vulnerability : CVE-2024-41075

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cachefiles: add consistency check for copen/cread This prevents malicious processes from completing random copen/cread requests and crashing the system. Added...

SUSE-SU-2025:0758-1 Security update for libxkbfile

This update for libxkbfile fixes the following issues: - CVE-2025-26595: Fixed buffer overflow in XkbVModMaskText bsc1237429...

CVE-2022-49465

In the Linux kernel, the following vulnerability has been resolved: blk-throttle: Set BIOTHROTTLED when bio has been throttled 1.In current process, all bio will set the BIOTHROTTLED flag after blkthrotlbio. 2.If bio needs to be throttled, it will start the timer and stop submit bio directly. Bio...

SUSE-SU-2025:0636-1 Security update for postgresql16

This update for postgresql16 fixes the following issues: Upgrade to 16.8: - CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-encoded input strings bsc1237093...

CVE-2024-57055

creationtimestamp| type| source ---|---|--- 2025-02-18 19:16:08+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lihxwlgrss23 2025-02-18 20:59:42+00:00| seen| https://t.me/cvedetector/18344 2025-02-18 21:56:18+00:00| seen|...

CVE-2025-25354

creationtimestamp| type| source ---|---|--- 2025-02-13 16:17:13+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3li33lzywbx2a 2025-02-13 17:14:54+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/4285 2025-02-13 18:50:42+00:00| seen|...

CVE-2024-56947

An issue in Xiamen Meitu Technology Co., Ltd. BeautyCam iOS v12.3.60 allows attackers to access sensitive user information via supplying a crafted link...

CVE-2025-22907

RE11S v1.11 contains a stack overflow in the formWlSiteSurvey function triggered by the selSSID parameter. CVSS v3.1 base score 9.8 (CRITICAL) with NETWORK attack vector, no user interaction. An advisory indicates a PoC exists and potential automation. A remediation path from PT-2025-4742 suggest...

CVE-2025-22779

creationtimestamp| type| source ---|---|--- 2025-01-15 16:17:36+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfs63znpyb2t 2025-01-15 16:57:58+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lfsae7ptav2e 2025-01-15 17:38:19+00:00| seen|...

CVE-2024-13041

Removed by vendor...

CVE-2024-21688

creationtimestamp| type| source ---|---|--- 2025-01-01 00:15:59+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lenbtn26b32f...