PT-2025-46529

Name of the Vulnerable Software and Affected Versions Lite XL versions 2.1.8 and prior Description Lite XL is a lightweight, cross-platform text editor written in Lua and C, designed for extensibility via plugins and project-specific modules. The application executes project-level Lua modules and...

EUVD-2019-2122

Malware in sbrugna...

EUVD-2024-54519

Malicious code in bioql PyPI...

CVE-2023-0202

NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may modify arbitrary memory of SMRAM by exploiting the GenericSio and LegacySmmSredir SMM APIs. A successful exploit of this vulnerability may lead to denial of service, escalation of privileges, and information disclosure...

CVE-2024-11679

An input validation weakness was reported in the TpmSetup module for some legacy System x server products that could allow a local attacker with elevated privileges to read the contents of memory...

CVE-2024-11679

CVE-2024-11679 describes an input validation weakness in the TpmSetup module for some legacy System x server products. The underlying vulnerability could allow a local attacker with elevated privileges to read the contents of memory, effectively exposing sensitive memory data. The available docum...

Product Walkthrough: Silverfort's Unified Identity Protection Platform

In this article, we will provide a brief overview of Silverfort's platform, the first and currently only unified identity protection platform on the market. Silverfort's patented technology aims to protect organizations from identity-based attacks by integrating with existing identity and access...

What Are Shadow IDs, and How Are They Crucial in 2022?

Just before last Christmas, in a first-of-a-kind case, JPMorgan was fined $200M for employees using non-sanctioned applications for communicating about financial strategy. No mention of insider trading, naked shorting, or any malevolence. Just employees circumventing regulation using, well, Shado...

PT-2021-19786 · Ericsson · Ericsson Network Manager +1

Name of the Vulnerable Software and Affected Versions: OSS-RC versions 18B and older Description: The issue affects OSS-RC systems during data migration procedures, where files containing usernames and passwords are left undeleted in folders accessible by top privileged accounts only. This issue...

CVE-2020-8340

A cross-site scripting XSS vulnerability was discovered in the legacy IBM and Lenovo System x IMM2 Integrated Management Module 2, prior to version 5.60, embedded Baseboard Management Controller BMC web interface during an internal security review. This vulnerability could allow JavaScript code t...

XSS Vulnerability in Legacy System x IMM2 - Lenovo Support US

Lenovo Security Advisory: LEN-44717 Potential Impact: Code execution Severity: Medium Scope of Impact: Lenovo-specific CVE Identifier: CVE-2020-8340 Summary Description: A cross-site scripting XSS vulnerability was discovered in the legacy IBM and Lenovo System x IMM2 Integrated Management Module...

XSS Vulnerability in Legacy System x IMM2 - Lenovo Support US

No description provided...

8x8: PHPinfo page on http://█████.callstats.io

PHPInfo file was exposed on legacy system. phpinfo was available at callstats.io subdomain. It disclosing information on a server and PHP version information...

“We Need COBOL Programmers!” No, You Probably Don’t

Editor's note: While this topic isn't entirely security-specific, Trend Micro leader William Malik, has career expertise on the trending topic and shared his perspective. ---- There was a provocative report recently that the Governor of New Jersey told reporters that the state of New Jersey neede...

Scientific Linux Security Update : qemu-kvm on SL7.x x86_64 (20150305)

It was found that the Cirrus blit region checks were insufficient. A privileged guest user could use this flaw to write outside of VRAM- allocated buffer boundaries in the host's QEMU process address space with attacker-provided data. CVE-2014-8106 An uninitialized data structure use flaw was fou...