42 matches found
CVE-2026-11420
Two path traversal vulnerabilities in the Network Installation Service NIS of Altium Enterprise Server allow an unauthenticated network attacker to write arbitrary files to any writable location on the server filesystem and to read package archive files from the server. No authentication, session...
CVE-2026-11420
Two path traversal vulnerabilities in the Network Installation Service NIS of Altium Enterprise Server allow an unauthenticated network attacker to write arbitrary files to any writable location on the server filesystem and to read package archive files from the server. No authentication, session...
CVE-2026-11420
Two path traversal vulnerabilities in the Network Installation Service (NIS) of Altium Enterprise Server allow an unauthenticated network attacker to write arbitrary files to any writable location on the server filesystem and to read package archive files from the server. The issue can potentiall...
CVE-2026-11420
Two path traversal vulnerabilities in the Network Installation Service NIS of Altium Enterprise Server allow an unauthenticated network attacker to write arbitrary files to any writable location on the server filesystem and to read package archive files from the server. No authentication, session...
EUVD-2026-34914
Two path traversal vulnerabilities in the Network Installation Service NIS of Altium Enterprise Server allow an unauthenticated network attacker to write arbitrary files to any writable location on the server filesystem and to read package archive files from the server. No authentication, session...
CVE-2026-11420 Path Traversal in Altium Enterprise Server NIS Allows Unauthenticated Arbitrary File Write and File Read
Two path traversal vulnerabilities in the Network Installation Service NIS of Altium Enterprise Server allow an unauthenticated network attacker to write arbitrary files to any writable location on the server filesystem and to read package archive files from the server. No authentication, session...
CVE-2026-11420 Path Traversal in Altium Enterprise Server NIS Allows Unauthenticated Arbitrary File Write and File Read
Two path traversal vulnerabilities in the Network Installation Service NIS of Altium Enterprise Server allow an unauthenticated network attacker to write arbitrary files to any writable location on the server filesystem and to read package archive files from the server. No authentication, session...
PT-2026-47044
Name of the Vulnerable Software and Affected Versions Altium Enterprise Server affected versions not specified Description Two path traversal issues in the Network Installation Service NIS allow an unauthenticated network attacker to read package archive files and write arbitrary files to any...
Altium Enterprise Server 安全漏洞
Altium Enterprise Server is a localization data management server developed by Altium Corporation in the United States. There is a security vulnerability in the Altium Enterprise Server Network Installation Service. This vulnerability stems from path traversal, allowing unauthenticated network...
Security Bulletin: AIX is vulnerable to arbitrary command execution (CVE-2025-36251, CVE-2025-36250), insufficiently protected credentials (CVE-2025-36096), and path traversal (CVE-2025-36236)
Summary Vulnerabilities in AIX could allow a remote attacker to execute arbitrary commands CVE-2025-36251, CVE-2025-36250, obtain Network Installation Manager NIM private keys CVE-2025-36096, or traverse directories CVE-2025-36236. These vulnerabilities are addressed through the fixes referenced ...
EUVD-2025-180540
IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 stores NIM private keys used in NIM environments in an insecure way which is susceptible to unauthorized access by an attacker using man in the middle techniques...
EUVD-2025-180539
IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server formerly known as NIM master service nimesis could allow a remote attacker to execute arbitrary commands due to improper process controls. This addresses additional attack vectors for a vulnerability that was previously addressed in...
CVE-2025-36236
IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server formerly known as NIM master service nimesis could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request to write arbitrary files on the system...
CVE-2025-36250
IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server formerly known as NIM master service nimesis could allow a remote attacker to execute arbitrary commands due to improper process controls. This addresses additional attack vectors for a vulnerability that was previously addressed in...
CVE-2025-36236 AIX Path Traversal
IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server formerly known as NIM master service nimesis could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request to write arbitrary files on the system...
CVE-2025-36250 AIX Code Execution
IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server formerly known as NIM master service nimesis could allow a remote attacker to execute arbitrary commands due to improper process controls. This addresses additional attack vectors for a vulnerability that was previously addressed in...
CVE-2025-36096
CVE-2025-36096 concerns IBM AIX (versions 7.2/7.3) and IBM VIOS (3.1/4.1) where NIM private keys are stored insecurely in NIM environments, enabling unauthorized access via man-in-the-middle techniques. IBM’s Security Bulletin confirms this in conjunction with related CVEs (CVE-2025-36251, CVE-20...
CVE-2025-36096 AIX Insufficiently Protected Credentials
IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 stores NIM private keys used in NIM environments in an insecure way which is susceptible to unauthorized access by an attacker using man in the middle techniques...
CVE-2025-36096 AIX Insufficiently Protected Credentials
IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 stores NIM private keys used in NIM environments in an insecure way which is susceptible to unauthorized access by an attacker using man in the middle techniques...
IBM AIX和IBM VIOS 安全漏洞
IBM AIX and IBM VIOS are both products of the International Business Machines IBM Corporation.IBM AIX is an open standards-based UNIX operating system developed for the IBM Power architecture.IBM VIOS is part of the PowerVm® Editions hardware feature set.IBM AIX is an open standards-based UNIX...