ROS-20251031-03

A vulnerability in the Apache ActiveMQ software platform is related to the recovery of invalid data in memory data. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code by creating an OpenWire class. arbitrary code by creating a class over the OpenWire protoco...

CVE-2025-42976

SAP NetWeaver Application Server ABAP BIC Document allows an authenticated attacker to craft a request that, when submitted to a BIC Document application, could cause a memory corruption error. On successful exploitation, this results in the crash of the target component. Multiple submissions can...

CVE-2025-42976 Multiple vulnerabilities in SAP NetWeaver Application Server ABAP (BIC Document)

SAP NetWeaver Application Server ABAP BIC Document allows an authenticated attacker to craft a request that, when submitted to a BIC Document application, could cause a memory corruption error. On successful exploitation, this results in the crash of the target component. Multiple submissions can...

Important: Red Hat Security Advisory: redis:7 security update

An update for the redis:7 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: redis:7 security update

Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, ...

Important: Red Hat Security Advisory: redis security update

An update for redis is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Important: Red Hat Security Advisory: redis security update

An update for redis is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

IBM Cloud Pak System 安全漏洞

IBM Cloud Pak System is a full-stack, converged infrastructure with configurable, pre-integrated software from International Business Machines IBM. The product supports deploying, managing, and moving application environments across hybrid clouds. A security vulnerability exists in IBM Cloud Pak...

RHEL 8 : redis:6 (RHSA-2025:0640)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:0640 advisory. Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and...

Important: Red Hat Security Advisory: redis security update

An update for redis is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

The vulnerability of Veeam Backup & Replication’s protection mechanism for cloud, virtual, and physical systems lies in its ability to allow unauthorized access to read, modify, or delete data stored in memory. This vulnerability enables attackers to gain unauthorized access to these data.

The vulnerability of Veeam Backup & Replication’s protection for cloud, virtual, and physical systems stems from the restoration of unreliable data in memory due to the lack of authenticity verification for a critical function. Exploiting this vulnerability can allow an attacker operating remotel...

The vulnerability of the ColdFusion software platform, related to the restoration of unreliable data in memory, allows a hacker to execute arbitrary code.

The vulnerability of the ColdFusion software platform lies in the recovery of unreliable data in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially created malicious file...

The vulnerability of the Windows Telephony Server server allows attackers to increase their privileges.

The vulnerability of the Windows Telephony Server server for Windows operating systems is related to the use of unsafe mechanisms for processing authentication data in the operating system’s memory. Exploiting this vulnerability can allow an attacker to increase their privileges...

Important: Red Hat Security Advisory: GitOps 1.12.1- Argo CD CLI and MicroShift GitOps security update

An update is now available for Red Hat OpenShift GitOps v1.12.1 for Argo CD CLI and MicroShift GitOps. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...

CVE-2024-21652

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Prior to versions 2.8.13, 2.9.9, and 2.10.4, an attacker can exploit a chain of vulnerabilities, including a Denial of Service DoS flaw and in-memory data storage weakness, to effectively bypass the application's brute forc...

GHSA-X32M-MVFJ-52XV Bypassing Brute Force Protection via Application Crash and In-Memory Data Loss

Summary An attacker can exploit a chain of vulnerabilities, including a Denial of Service DoS flaw and in-memory data storage weakness, to effectively bypass the application's brute force login protection. This makes the application susceptible to brute force attacks, compromising the security of...

The vulnerability of the Apache InLong data integration platform, related to the recovery of unreliable data in memory, allows attackers to gain unauthorized access to protected information.

The vulnerability of the Apache InLong data integration platform lies in the recovery of unreliable data in memory. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain unauthorized access to protected information by sending specially created data...

Important: Red Hat Enhancement Advisory: redis:7 update

An update for the redis:7 module is now available for Red Hat Enterprise Linux 9. Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set...

The vulnerability of the JDBC URL Handler component of the Apache InLong data integration platform allows a attacker to execute arbitrary code.

The vulnerability of the JDBC URL Handler component of the Apache InLong data integration platform relates to the recovery of unreliable data in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Apache Arrow Deserialization Vulnerability

Apache Arrow is a cross-language development platform for in-memory data processing from the U.S. Apache Apache Foundation. The platform supports programming languages such as C, C++, C, Go and Java, and provides features such as inter-process communication. A deserialization vulnerability exists...