366 matches found
IBM Operations Analytics-Log Analysis 安全漏洞
IBM Operations Analytics-Log Analysis is a suite of semi-structured data analysis solutions from International Business Machines IBM. The product is primarily used for application log analysis and problem diagnosis, among other things. A security vulnerability exists in IBM Operations Analytics-L...
Security Bulletin: Host Header Injection Vulnerability in IBM Operations Analytics - Log Analysis (CVE-2024-40686)
Summary Host header vulnerability in IBM Operations Analytics - Log Analysis allows remote attackers to execute scripts within the application context via remote file inclusion. This has been addressed. Vulnerability Details CVEID:CVE-2024-40686 DESCRIPTION: IBM SmartCloud Analytics - Log Analysi...
Security Bulletin: A Function Level Control vulnerability in IBM Operations Analytics - Log Analysis (CVE-2024-41751)
Summary A privilege escalation vulnerability exists in IBM Operations Analytics - Log Analysis. It allows low-privilege users to change the password of high-privilege accounts through intercepting the request. This has been addressed. Vulnerability Details CVEID:CVE-2024-41751 DESCRIPTION: IBM...
Vulnerabilities fixed in Citrix NetScaler ADC and NetScaler Gateway
Citrix has fixed vulnerabilities in NetScaler ADC and NetScaler Gateway. The vulnerability with reference CVE-2025-5777 involves an Out-of-Bounds Read. This vulnerability arises from insufficient input validation in systems configured as Gateway services. These include VPN virtual servers, ICA...
Exploit for Out-of-bounds Read in Citrix Netscaler_Application_Delivery_Controller
CVE-2025-5777-CitrixBleed CitrixBleed-2 CVE-2025-5777 – proo...
Trustworthy Artificial Intelligence for Cyber Threat Analysis
Artificial Intelligence brings innovations into the society. However, bias and unethical exist in many algorithms that make the applications less trustworthy. Threats hunting algorithms based on machine learning have shown great advantage over classical methods. Reinforcement learning models are...
NetScaler-13.1-EPA scan failed with "Error while parsing client security configuration"
EPA scan failed with "Error while parsing client security configuration" in EPA log. ---------------------------- 2025-02-19 09:03:50.706 | 21708 | DEBUG | D | PRE AUTH EPA | token: |^M 2025-02-19 09:03:50.706 | 21708 | DEBUG | D | PRE AUTH EPA | Policy MACADDRanyofF8BXXXXXX28A returned 2004 |^M...
Security Bulletin: Multiple Vulnerabilities in WebSphere Application Server Liberty affect IBM Operations Analytics - Log Analysis (CVE-2025-23184, CVE-2025-25193)
Summary Vulnerabilities in the Apache CXF and Netty libraries affect IBM WebSphere Application Server Liberty, which is shipped in IBM Operations Analytics - Log Analysis. Vulnerability Details CVEID:CVE-2025-23184 DESCRIPTION: A potential denial of service vulnerability is present in versions of...
CVE-2022-4336
In BAOTA linux panel there exists a stored xss vulnerability attackers can use to obtain sensitive information via the log analysis feature...
CVE-2020-8446
In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis ossec-analysisd is vulnerable to path traversal with write access via crafted syscheck messages written directly to the analysisd UNIX domain socket by a local user...
CVE-2020-8442
In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis ossec-analysisd is vulnerable to a heap-based buffer overflow in the rootcheck decoder component via an authenticated client...
CVE-2020-8447
In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis ossec-analysisd is vulnerable to a use-after-free during processing of syscheck formatted msgs received from authenticated remote agents and delivered to the analysisd processing queue by ossec-remoted...
CVE-2020-8444
In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis ossec-analysisd is vulnerable to a use-after-free during processing of ossec-alert formatted msgs received from authenticated remote agents and delivered to the analysisd processing queue by ossec-remoted...
CVE-2020-8443
In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis ossec-analysisd is vulnerable to an off-by-one heap-based buffer overflow during the cleaning of crafted syslog msgs received from authenticated remote agents and delivered to the analysisd processing queue by...
CVE-2025-23145
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix NULL pointer in canacceptnewsubflow When testing valkey benchmark tool with MPTCP, the kernel panics in 'mptcpcanacceptnewsubflow' because subflowreq-msk is NULL. Call trace: mptcpcanacceptnewsubflow...
Security Bulletin: Denial of Service in Logback used by Apache Zookeeper affect IBM Operations Analytics - Log Analysis (CVE-2023-6481)
Summary There is a potential denial of service in Logback that is used by Apache Zookeeper. This is caused by serialization vulnerability in Logback. Vulnerability Details CVEID:CVE-2023-6481 DESCRIPTION: QOS.ch Sarl Logback is vulnerable to a denial of service, caused by a serialization flaw in...
Security Bulletin: Denial of Service in Apache Commons Compress used by Apache Solr affect IBM Operations Analytics - Log Analysis (CVE-2024-25710, CVE-2024-26308)
Summary There is a potential denial of service in Apache Commons Compress that is used by Apache Solr and IBM Operations Analytics - Log Analysis. This is caused by loop with unreachable exit condition and allocation of resources without limits. Vulnerability Details CVEID:CVE-2024-25710...
Security Bulletin: Vulnerability in Apache Solr (lucene), Apache ZooKeeper and Logstash affect IBM Operations Analytics - Log Analysis (CVE-2024-9823, CVE-2024-47554)
Summary There is a potential denial of service with Apache Commons IO, Eclipse Jetty that affect Apache Solr lucene, Apache ZooKeeper and Logstash used by IBM Operations Analytics - Log Analysis Vulnerability Details CVEID:CVE-2024-9823 DESCRIPTION: There exists a security vulnerability in Jetty'...
Security Bulletin: Multiple vulnerabilities in Apache Solr (lucene) affects IBM Operations Analytics - Log Analysis (CVE-2023-50386, CVE-2023-50298, CVE-2023-50292, CVE-2023-50291)
Summary There are vulnerabilities in backup/restore APIs, Solr streaming expressions, and Apache Solr schema designer that affect Apache Solr used by IBM Operations Analytics - Log Analysis. Vulnerability Details CVEID:CVE-2023-50386 DESCRIPTION: Improper Control of Dynamically-Managed Code...
Linux Distros Unpatched Vulnerability : CVE-2023-52761
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - riscv: VMAPSTACK overflow detection thread-safe commit 31da94c25aea riscv: add VMAPSTACK overflow detection added support for CONFIGVMAPSTACK. If overflow is...