Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses logback-core-1.5.21.jar which is vulnerable to CVE-2026-1225

Summary IBM Maximo Application Suite - Visual Inspection component uses logback-core-1.5.21.jar which is vulnerable to CVE-2026-1225, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-1225 DESCRIPTION: ACE vulnerability in...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

Demonstration of the Log4jShell Exploit This code may contain...

dst-admin 安全漏洞

dst-admin is a web application developed by Qinming99 using the Java language. Versions of dst-admin prior to 1.5.0 contained security vulnerabilities. These vulnerabilities stemmed from incorrect operations on the deleteBackup function in the FileHandler component within the...

CVE-2009-4776

Buffer overflow in Hitachi Cosminexus V4 through V8, Processing Kit for XML, and Developer's Kit for Java, as used in products such as uCosminexus, Electronic Form Workflow, Groupmax, and IBM XL C/C++ Enterprise Edition 7 and 8, allows remote attackers to have an unknown impact via vectors relate...

EUVD-2009-4739

Malware in sbrugna...

EUVD-2007-3778

Malware in sbrugna...

EUVD-2005-2344

Malware in sbrugna...

EUVD-2019-1048

Malware in sbrugna...

EUVD-2008-6790

Malware in sbrugna...

EUVD-2006-4939

Malware in sbrugna...

EUVD-2018-14226

Malware in sbrugna...

EUVD-2019-1091

Malware in sbrugna...

EUVD-2022-48771

Malicious code in bioql PyPI...

EUVD-2023-32363

Malicious code in bioql PyPI...

EUVD-2023-46917

Malicious code in bioql PyPI...

EUVD-2022-5012

Malicious code in bioql PyPI...

CVE-2022-45927

An issue was discovered in OpenText Content Suite Platform 22.1 16.2.19.1803. The Java application server can be used to bypass the authentication of the QDS endpoints of the Content Server. These endpoints can be used to create objects and execute arbitrary code...

CVE-2020-6313

SAP NetWeaver Application Server JAVAXML Forms versions 7.30, 7.31, 7.40, 7.50 does not sufficiently encode user controlled inputs, which allows an authenticated User with special roles to store malicious content, that when accessed by a victim, can perform malicious actions by executing...

CVE-2019-0327

SAP NetWeaver for Java Application Server - Web Container, engineapi, versions 7.1, 7.2, 7.3, 7.31, 7.4 and 7.5, servercode, versions 7.2, 7.3, 7.31, 7.4, 7.5, allows an attacker to upload files including script files without proper file format validation...

CVE-2019-5326

An administrative application user of or application user with write access to Aruba Airwave VisualRF is able to obtain code execution on the AMP platform. This is possible due to the ability to overwrite a file on disk which is subsequently deserialized by the Java application component...