CVE-2023-48682

Stored cross-site scripting XSS vulnerability in unit name. The following products are affected: Acronis Cyber Protect 16 Linux, Windows before build 37391...

CVE-2023-48678

Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Cyber Protect 16 Linux, Windows before build 37391...

CVE-2023-44161

Sensitive information manipulation due to cross-site request forgery. The following products are affected: Acronis Cyber Protect 15 Linux, Windows before build 35979...

CVE-2021-26829

OpenPLC ScadaBR through 0.9.1 on Linux and through 1.12.4 on Windows allows stored XSS via systemsettings.shtm...

CVE-2025-2830 Information Disclosure of /tmp directory listing

By crafting a malformed file name for an attachment in a multipart message, an attacker can trick Thunderbird into including a directory listing of /tmp when the message is forwarded or edited as a new message. This vulnerability could allow attackers to disclose sensitive information from the...

CVE-2025-27142 LocalSend path traversal vulnerability in the file upload endpoint allows nearby devices to execute arbitrary commands

LocalSend is a free, open-source app that allows users to securely share files and messages with nearby devices over their local network without needing an internet connection. Prior to version 1.17.0, due to the missing sanitization of the path in the POST /api/localsend/v2/prepare-upload and th...

Security Bulletin: Loss of confidentiality in IBM WebSphere Application Server Liberty may affect IBM Storage Protect Operations Center (CVE-2023-50314).

Summary IBM Storage Protect Operations Center may be affected by loss of confidentiality caused by using a certificate issues by trusted authority in IBM WebSphere Application Server Liberty. Vulnerability Details CVEID:CVE-2023-50314 DESCRIPTION: IBM WebSphere Application Server Liberty 17.0.0.3...

CVE-2024-1545 Fault Injection of RSA encryption in WolfCrypt

Fault Injection vulnerability in RsaPrivateDecryption function in wolfssl/wolfcrypt/src/rsa.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker co-resides in the same system with a victim process to disclose information and escalate privileges via Rowhammer fault injection to the...

Security Bulletin: IBM Storage Protect Server may be vlunerable to machine-in-the-middle attack due to Golang Go (CVE-2023-48795)

Summary Golang Go is used by the IBM Storage Protect Server OSSM component. Golang Go is vulnerable to a machine-in-the-middle attack, caused by a flaw in the extension negotiation process in the SSH transport protocol when used with certain OpenSSH extensions. Vulnerability Details...

Security Bulletin: IBM Storage Protect Server is susceptible to numerous vulnerabilities due to Golang Go

Summary Golang Go is used by the IBM Storage Protect Server OSSM component. Golang Go is vulnerable to execution of arbitrary code caused by improper enforvement of line directive restrictions, and denial of service caused by an uncontrolled resource consumption flaw in the net/http and x/net/htt...

CVE-2024-0095

NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where a user can inject forged logs and executable commands by injecting arbitrary data as a new log entry. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of...

CVE-2020-11862

Allocation of Resources Without Limits or Throttling vulnerability in OpenText NetIQ Privileged Account Manager on Linux, Windows, 64 bit allows Flooding.This issue affects NetIQ Privileged Account Manager: before 3.7.0.2...

CVE-2023-48681

Self cross-site scripting XSS vulnerability in storage nodes search field. The following products are affected: Acronis Cyber Protect 16 Linux, Windows before build 37391...

CVE-2023-48678

Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Cyber Protect 16 Linux, Windows before build 37391...

GTKWave FST fstReaderIterBlocks2 vesc allocation integer overflow vulnerability

Talos Vulnerability Report TALOS-2023-1790 GTKWave FST fstReaderIterBlocks2 vesc allocation integer overflow vulnerability January 8, 2024 CVE Number CVE-2023-35992 SUMMARY An integer overflow vulnerability exists in the FST fstReaderIterBlocks2 vesc allocation functionality of GTKWave 3.3.115,...

CVE-2023-44155

Sensitive information leak through log files. The following products are affected: Acronis Cyber Protect 15 Linux, Windows before build 35979...

CVE-2023-44154

Sensitive information disclosure and manipulation due to improper authorization. The following products are affected: Acronis Cyber Protect 15 Linux, Windows before build 35979...

IBM DB2 安全漏洞

IBM DB2 is a relational database management system from International Business Machines IBM. The main execution environments for this system are UNIX, Linux, IBMi, z/OS, and Windows server versions. A denial of service vulnerability exists in IBM Db2, which can be exploited by an attacker to caus...

Security Bulletin: IBM Storage Protect server is vulnerable to a denial of service attack due to Golang Go (CVE-2022-41723)

Summary IBM Storage Protect Server component OSSM may be vulnerable in Golang Go, causing denial of service Vulnerability Details CVEID:CVE-2022-41723 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by a flaw in the HPACK decoder. By sending a specially-crafted HTTP/2 stream, ...

CVE-2023-25930

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 10.1, 11.1, and 11.5 is vulnerable to a denial of service. Under rare conditions, setting a special register may cause the Db2 server to terminate abnormally. IBM X-Force ID: 247862...