125266 matches found
EUVD-2025-209792
Improper input validation for some Intel Endpoint Management Assistant EMA software before version 1.14.5 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an unauthenticated user combined with a low complexity attack may enable escalation...
EUVD-2026-29521
Incorrect default permissions for some IntelR NPU Driver software installers before version 32.0.100.4511 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation ...
EUVD-2025-209789
Use after free for some Linux kernel driver for the IntelR Ethernet 800 series before version 2.3.14 within Ring 0: Kernel may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may...
EUVD-2025-209790
Uncontrolled search path for some IntelR Server Firmware Update Utility Software before version 16.0.12. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a high complexity attack may enable escalation of...
Security Bulletin: IBM SPSS Analytic Server is affected by a jackson-core async parser DoS vulnerability (WS-2026-0003)
Summary IBM SPSS Analytic Server is affected by a jackson-core async parser DoS vulnerability WS-2026-0003. This has been addressed in the remediation section. Vulnerability Details ID:WS-2026-0003 DESCRIPTION: The non-blocking async JSON parser in jackson-core bypasses the maxNumberLength...
CVE-2026-41103
Incorrect implementation of authentication algorithm in Microsoft SSO Plugin for Jira & Confluence allows an unauthorized attacker to elevate privileges over a network...
CVE-2026-20767
Improper input validation for some IntelR QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable escalation of privilege...
CVE-2026-20714
Out-of-bounds write for some IntelR QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow a escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable escalation of privilege. This...
Security Bulletin: IBM Financial Transaction Manager v4 is impacted by multiple vulnerabilities in WebSphere Application Server Liberty
Summary IBM Financial Transaction Manager for RedHat OpenShift has addressed the following vulnerabilities. Vulnerability Details CVEID:CVE-2025-14914 DESCRIPTION: IBM WebSphere Application Server Liberty 17.0.0.3 through 26.0.0.1 could allow a privileged user to upload a zip archive containing...
CVE-2026-20767
CVE-2026-20767 affects Intel(R) QAT software drivers for Windows prior to 1.13. The root cause is improper input validation in Ring 3 (User Applications). This can enable local, low‑complexity privilege escalation by an authenticated, unprivileged user with no required interaction, impacting conf...
CVE-2026-20767
Improper input validation for some IntelR QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable escalation of privilege...
CVE-2026-20767
Improper input validation for some IntelR QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable escalation of privilege...
CVE-2026-20767
Improper input validation for some IntelR QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable escalation of privilege...
CVE-2026-20714
Out-of-bounds write for some IntelR QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow a escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable escalation of privilege. This...
CVE-2026-20714
Out-of-bounds write for some IntelR QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow a escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable escalation of privilege. This...
CVE-2026-20714
Out-of-bounds write for some IntelR QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow a escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable escalation of privilege. This...
CVE-2026-20714
Summary: CVE-2026-20714 impacts Intel QAT software drivers for Windows, prior to version 1.13, in Ring 3 (User Applications). The flaw is an out-of-bounds write that may enable privilege escalation. An unprivileged, authenticated user with low attack complexity and no user interaction could abuse...
Security Bulletin: DevOps Test Performance contains a vulnerability related to use of netty-codec-http
Summary Due to use of netty-codec-http, DevOps Test Performance and Rational Performance Tester contain a potential CRLF injection vulnerability. Vulnerability Details CVEID:CVE-2026-41417 DESCRIPTION: Netty allows request-line validation to be bypassed when a DefaultHttpRequest or...
Improper Validation of Syntactic Correctness of Input
Overview org.apache.tomcat:coyote is a maven plugin for Tomcat Connectors and HTTP parser. Affected versions of this package are vulnerable to Improper Validation of Syntactic Correctness of Input in the processing of HTTP/2 request headers. An attacker can cause unexpected behavior or potentiall...
CVE-2026-20881
Divide by zero for some IntelR QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may...