Microsoft SQL Server SQL注入漏洞

Microsoft SQL Server is a large commercial database system from Microsoft Corporation USA that is applied under the Microsoft Windows system. A SQL injection vulnerability exists in Microsoft SQL Server. An attacker can exploit the vulnerability to elevate privileges. The following products and...

Intel Ethernet Adapter Complete Driver Pack 安全漏洞

Intel Ethernet Adapter Complete Driver Pack is a complete driver for Ethernet adapters from Intel Corporation. A security vulnerability exists in Intel Ethernet Adapter Complete Driver Pack versions prior to 1.5.1.0, which originates from a competitive condition in the user's application and coul...

SUSE SLES15 Security Update : kernel (Live Patch 32 for SUSE Linux Enterprise 15 SP4) (SUSE-SU-2025:4036-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4036-1 advisory. This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.136 fixes various security issues The following security issues were fixed: ...

Security Bulletin: Due to use of IBM WebSphere Application Server, IBM Tivoli Network Manager (ITNM) IP Edition is affected by a denial of service vulnerability.

Summary WebSphere Application Server, used by IBM Tivoli Network Manager ITNM IP Edition, is affected by a denial of service vulnerability. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products| Versions...

Security Bulletin: Due to use of IBM WebSphere Application Server, IBM Tivoli Network Configuration Manager (ITNCM) is affected by a denial of service vulnerability.

Summary WebSphere Application Server, used by IBM Tivoli Network Configuration Manager ITNCM, is affected by a denial of service vulnerability. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products| Versions...

CVE-2025-3356

IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 21 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view, overwrite, or append to arbitrary files on the system...

CVE-2021-4461 Seeyon Zhiyuan OA Web Application System < 7.0 SP1 Authentication Bypass

Seeyon Zhiyuan OA Web Application System versions up to and including 7.0 SP1 improperly decode and parse the enc parameter in thirdpartyController.do. The decoded map values can influence session attributes without sufficient authentication/authorization checks, enabling attackers to assign a...

CVE-2025-3355

IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 21 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system...

CVE-2025-3355 IBM Tivoli Monitoring is vulnerable to unauthenticated file read and write operations

IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 21 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system...

Security Bulletin: IBM Tivoli Monitoring is vulnerable to unauthenticated file read and write operations

Summary The KT1 component of ITM/ITCAM Agents, hereafter referred to as simply Agents, provides the ability to read from and write to the local file system. This facility is utilised by features such as SDA, Self-Describing Agent, which ensures that updates to a product's application support file...

IBM Tivoli Monitoring 路径遍历漏洞

IBM Tivoli Monitoring is a set of system monitoring solutions introduced by IBM, mainly used for real-time monitoring of system performance, availability and application status in the enterprise IT environment. A path traversal vulnerability exists in IBM Tivoli Monitoring that stems from not...

PT-2025-44450

Name of the Vulnerable Software and Affected Versions IBM Tivoli Monitoring versions 6.3.0.7 through 6.3.0.7 Service Pack 21 Description The software potentially allows a remote attacker to access files on the system outside of the intended directories. This is achieved by sending a crafted URL...

PT-2025-44451

Name of the Vulnerable Software and Affected Versions IBM Tivoli Monitoring versions 6.3.0.7 through 6.3.0.7 Service Pack 21 Description The software contains a directory traversal flaw. A remote attacker can exploit this by sending specially crafted URL requests containing "dot dot" sequences .....

IBM Tivoli Monitoring 路径遍历漏洞

IBM Tivoli Monitoring is a set of system monitoring solutions introduced by IBM, mainly used for real-time monitoring of system performance, availability and application status in the enterprise IT environment. A path traversal vulnerability exists in IBM Tivoli Monitoring that stems from not...

Security update for chromium (moderate)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2025:0412-1 Rating: moderate References: Affected Products: openSUSE Backports SLE-15-SP6 An update that contains security fixes can now be installed. Description: This update for chromium fixes the following...

CVE-2025-43017

HP ThinPro 8.1 System management application failed to verify user's true id. HP has released HP ThinPro 8.1 SP8, which includes updates to mitigate potential vulnerabilities...

CVE-2025-36138

IBM QRadar SIEM 7.5 through 7.5.0 Update Pack 13 Independent Fix 02 is vulnerable to stored cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure...

CVE-2025-36170

IBM QRadar SIEM 7.5 through 7.5.0 Update Pack 13 Independent Fix 02 is vulnerable to stored cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure...

Security Bulletin: A security vulnerability in IBM® Runtime Environment Java™ Technology Edition affects WebSphere eXtreme Scale

Summary IBM® SDK, Java™ Technology Edition bundled with IBM WebSphere eXtreme Scale is affected by security vulnerability. Vulnerability Details CVEID:CVE-2025-30761 DESCRIPTION: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Scripting...

Security Bulletin: IBM Maximo Application Suite Ai-Service Component uses Improper Resource Shutdown or Release vulnerability to the made you reset the attack.

Summary Security Bulletin: IBM Maximo Application Suite Ai-Service Component uses Improper Resource Shutdown or Release vulnerability to the made you reset the attack.This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-48989...