Linux Distros Unpatched Vulnerability : CVE-2024-28103

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Action Pack is a framework for handling and responding to web requests. Since 6.1.0, the application configurable Permissions-Policy is only served on responses...

Linux Distros Unpatched Vulnerability : CVE-2024-47887

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Action Pack is a framework for handling and responding to web requests. Starting in version 4.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1,...

Linux Distros Unpatched Vulnerability : CVE-2024-41128

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Action Pack is a framework for handling and responding to web requests. Starting in version 3.1.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1,...

Linux Distros Unpatched Vulnerability : CVE-2024-54133

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Action Pack is a framework for handling and responding to web requests. There is a possible Cross Site Scripting XSS vulnerability in the contentsecuritypolicy...

Security Bulletin: Multiple Vulnerabilities in Expat component shipped with IBM Rational ClearCase ( CVE-2023-52426 )

Summary libexpat is a stream-oriented XML parser library used by IBM Rational ClearCase. IBM Rational ClearCase has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2023-52426 DESCRIPTION: libexpat is vulnerable to a denial of service, caused by an XML entity expansion flaw if XMLDT...

The vulnerability of the driver for Intel 800 Series network adapters in the Intel Ethernet Adapter Complete Driver Pack allows a hacker to cause a service failure.

The vulnerability of the Intel 800 Series Ethernet Adapter driver in the Intel Ethernet Adapter Complete Driver Pack is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

IBM Cognos Analytics 路径遍历漏洞

IBM Cognos Analytics is a suite of business intelligence software from International Business Machines IBM. The software includes reports, dashboards, and scorecards, and can assist organizations in adjusting their decisions by analyzing such things as key factors and key people. A path traversal...

The vulnerability of the Intel Ethernet Adapter Complete Driver Pack driver package lies in its uncontrolled search path, which allows attackers to exploit their privileges.

The vulnerability of the Intel Ethernet Adapter Complete Driver Pack driver package is related to an uncontrolled search path element. Exploiting this vulnerability can allow attackers to gain increased privileges...

Security Bulletin: Apache Commons Collections library in WebSphere Application Server Knowledge Center is vulnerable (CVE-2015-7450)

Summary The Knowledge Center Component used in Version 9 of the WebSphere Application Server needs an updated Apache Commons Collections library. Vulnerability Details CVEID:CVE-2015-7450 DESCRIPTION: Serialized-object interfaces in certain IBM analytics, business solutions, cognitive, IT...

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to an argument injection vulnerability in go-git [CVE-2025-21613]

Summary IBM Watson Speech Services Cartridge is vulnerable to an argument injection vulnerability in go-git, allowing the setting of arbitrary values to git-upload-pack flags when file transport protocol is used CVE-2025-21613. Go-git is used in our watson-speech-catalog images. This vulnerabilit...

PT-2025-7818 · Zephyrproject Rtos · Zephyr

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The issue is related to the function dns copy qname in dns pack.c, which performs a memcpy operation with an untrusted field. It does not check if the source buffer is large enough to contai...

Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: Update to Java 8.0 Service Refresh 8 Fix Pack 40 bsc1236470: CVE-2025-21502: unauthenticated attacker can obtain unauthorized read and write access to data through the Hotspot component API bsc1236278. Patch Instructions: To install this SU...

Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: Update to Java 8.0 Service Refresh 8 Fix Pack 40 bsc1236470: CVE-2025-21502: unauthenticated attacker can obtain unauthorized read and write access to data through the Hotspot component API bsc1236278. Patch Instructions: To install this SU...

Security update for the Linux Kernel (Live Patch 53 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122194 fixes several issues. The following security issues were fixed: CVE-2024-35789: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes bsc1227320. CVE-2021-47511: ALSA: pcm: oss: fix negative period/buffer sizes bsc1227700. CVE-2024-5310...

Security update for the Linux Kernel RT (Live Patch 5 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506001017 fixes one issue. The following security issue was fixed: CVE-2024-53104: media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat bsc1236783. Patch Instructions: To install this SUSE update use the SUSE recommended installatio...

Security Bulletin: IBM Maximo Application Suite Predict Component uses CVE-2024-52304 (Low) detected in aiohttp-3.9.2-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl which is vulnerable to CVE-2024-52304

Summary IBM Maximo Application Suite Predict Component uses CVE-2024-52304 Low detected in aiohttp-3.9.2-cp39-cp39-manylinux217x8664.manylinux2014x8664.whl which is vulnerable to CVE-2024-52304. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details...

Security Bulletin: IBM Maximo Application Suite Ai-Broker Component uses CVE-2024-47874 starlette-0.27.0-py3-none-any.whl (Publicly disclosed vulnerability found by Mend) CVE-2024-47874

Summary Security Bulletin: IBM Maximo Application Suite Ai-Broker Component uses CVE-2024-47874 starlette-0.27.0-py3-none-any.whl Publicly disclosed vulnerability found by Mend CVE-2024-47874. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details...

CKEditor 安全漏洞

CKEditor is an enterprise WYSIWYG editor in the CKEditor open source. A security vulnerability exists in CKEditor version 5, which stems from a cross-site scripting XSS vulnerability discovered in the Live Collaboration Pack that could lead to unauthorized JavaScript code execution...

Microsoft High Performance Compute (HPC) Pack (CVE-2025-21198)

A remote code execution vulnerability exists in Microsoft High Performance Compute HPC Pack prior to 2019 update 3. An authenticated, adjacent attacker can exploit this to execute arbitrary commands on the target system. Note that Nessus has not tested for this issue but has instead relied only o...

CVE-2025-21198

Microsoft High Performance Compute HPC Pack Remote Code Execution Vulnerability...