25 matches found
CVE-2026-7254
IBM OPENBMC firmware FW1110.00–FW1110.11 is vulnerable to denial of service via the BMC HTTPS interface by unauthenticated network users. The IBM bulletin identifies the affected product as OPENBMC and specifies that the vulnerability stems from improper validation in the HTTPS service, with CVSS...
EUVD-2025-33894
IBM Engineering Requirements Management Doors Next 7.0.2, 7.0.3, and 7.1 could allow an authenticated user on the network to delete reviews from other users due to client-side enforcement of server-side security...
EUVD-2024-37502
Malicious code in bioql PyPI...
EUVD-2024-37503
Malicious code in bioql PyPI...
Security Bulletin: This Power System update is being released to address CVE-2024-45656
Summary IBM Flexible Service Processor FSP has static credentials which may allow network users to gain service privileges to the FSP. Vulnerability Details CVEID:CVE-2024-45656 DESCRIPTION: IBM Flexible Service Processor FSP has static credentials which may allow network users to gain service...
CVE-2024-45656
IBM Flexible Service Processor FSP FW860.00 through FW860.B3, FW950.00 through FW950.C0, FW1030.00 through FW1030.61, FW1050.00 through FW1050.21, and FW1060.00 through FW1060.10 has static credentials which may allow network users to gain service privileges to the FSP...
CVE-2024-45656 IBM Flexible Service Processor hard coded credentials
IBM Flexible Service Processor FSP FW860.00 through FW860.B3, FW950.00 through FW950.C0, FW1030.00 through FW1030.61, FW1050.00 through FW1050.21, and FW1060.00 through FW1060.10 has static credentials which may allow network users to gain service privileges to the FSP...
CVE-2024-45656 IBM Flexible Service Processor hard coded credentials
IBM Flexible Service Processor FSP FW860.00 through FW860.B3, FW950.00 through FW950.C0, FW1030.00 through FW1030.61, FW1050.00 through FW1050.21, and FW1060.00 through FW1060.10 has static credentials which may allow network users to gain service privileges to the FSP...
CVE-2024-38641
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow local network users to execute commands via unspecified vectors. We have already fixed the vulnerability in the following versions: QTS 5.1.8.2823...
CVE-2024-38642
An improper certificate validation vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow local network users to compromise the security of the system via unspecified vectors. We have already fixed the vulnerability in the following version: QuMagie 2.3.1 a...
CVE-2024-38642
An improper certificate validation vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow local network users to compromise the security of the system via unspecified vectors. We have already fixed the vulnerability in the following version: QuMagie 2.3.1 a...
CVE-2024-38642 QuMagie
An improper certificate validation vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow local network users to compromise the security of the system via unspecified vectors. We have already fixed the vulnerability in the following version: QuMagie 2.3.1 a...
CVE-2024-38641 QTS, QuTS hero
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow local network users to execute commands via unspecified vectors. We have already fixed the vulnerability in the following versions: QTS 5.1.8.2823...
CVE-2024-38641
CVE-2024-38641 is an OS command injection vulnerability affecting QNAP QTS and QuTS hero. The issue could allow local network users to execute commands via unspecified vectors; impact is described as high (confidentiality, integrity, and availability). Fixed in QTS 5.1.8.2823 build 20240712 and l...
CVE-2024-38641 QTS, QuTS hero
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow local network users to execute commands via unspecified vectors. We have already fixed the vulnerability in the following versions: QTS 5.1.8.2823...
PT-2024-28095 · Qnap · Qnap Qts +1
Name of the Vulnerable Software and Affected Versions: QNAP QTS versions prior to 5.1.8.2823 build 20240712 QNAP QuTS hero versions prior to h5.1.8.2823 build 20240712 Description: An OS command injection issue has been reported to affect several QNAP operating system versions. If exploited, the...
CVE-2022-21820
NVIDIA DCGM contains a vulnerability in nvhostengine, where a network user can cause detection of error conditions without action, which may lead to limited code execution, some denial of service, escalation of privileges, and limited impacts to both data confidentiality and integrity...
Update for event log channel in System Center Operations Manager 2019 (KB4601269)
Update for event log channel in System Center Operations Manager 2019 KB4601269 Introduction This article describes an issue that is fixed for System Center Operations Manager 2019. This article also contains the installation instructions for this update. For more information, see the following...
CVE-2018-5241
Symantec Advanced Secure Gateway ASG 6.6 and 6.7, and ProxySG 6.5, 6.6, and 6.7 are susceptible to a SAML authentication bypass vulnerability. The products can be configured with a SAML authentication realm to authenticate network users in intercepted proxy traffic. When parsing SAML responses, A...
CVE-2018-5241
Symantec Advanced Secure Gateway ASG 6.6 and 6.7, and ProxySG 6.5, 6.6, and 6.7 are susceptible to a SAML authentication bypass vulnerability. The products can be configured with a SAML authentication realm to authenticate network users in intercepted proxy traffic. When parsing SAML responses, A...