Security Bulletin: Multiple vulnerabilities that affect IBM Db2 Data management console

Summary IBM Db2 Data management console has several dependent packages with vulnerabilities. This bulletin describes the upgrades necessary to address the vulnerabilities. Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This iss...

MiracleLinux 8 : firefox-102.10.0-1.el8.ML.1 (AXSA:2023-5298:15)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5298:15 advisory. MFSA-TMP-2023-0001 Mozilla: Double-free in libwebp Mozilla: Fullscreen notification obscured CVE-2023-29533 Mozilla: Potential Memory Corruption...

MiracleLinux 9 : pcs-0.11.3-4.el9.2.ML.1 (AXSA:2023-5189:06)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5189:06 advisory. sinatra: Reflected File Download attack CVE-2022-45442 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...

Security Bulletin: Multiple Security Vulnerabilities in IBM Sterling Partner Engagement Manager

Summary Multiple vulnerabilities were addressed in IBM Sterling Partner Engagement Manager versions 6.2.3.5 and 6.2.4.2. Vulnerability Details CVEID:CVE-2025-41234 DESCRIPTION: Description In Spring Framework, versions 6.0.x as of 6.0.5, versions 6.1.x and 6.2.x, an application is vulnerable to a...

Security Bulletin: Multiple Security Vulnerabilities in IBM Sterling Partner Engagement Manager

Summary Multiple vulnerabilities were addressed in IBM Sterling Partner Engagement Manager versions 6.2.3.5 and 6.2.4.2. Vulnerability Details CVEID:CVE-2025-41234 DESCRIPTION: Description In Spring Framework, versions 6.0.x as of 6.0.5, versions 6.1.x and 6.2.x, an application is vulnerable to a...

Security Bulletin: Reflected File Download (RFD) Vulnerability in Spring Framework Content-Disposition Header Handling (CWE-113), which affects IBM watsonx.data

Summary A Reflected File Download RFD vulnerability has been identified in VMware Spring Framework versions 6.0.5 to 6.2.7. The issue arises when an application sets a Content-Disposition response header using ContentDisposition.BuilderfilenameString, Charset with a non-ASCII charset and...

Security Bulletin: IBM Sterling Connect:Direct Web Services is affected by a vulnerability in spring-web-6.2.3.jar(CVE-2025-41234)

Summary IBM Sterling Connect:Direct Web Services is vulnerable to a reflected file download RFD attack in spring-web-6.2.3. This has been addressed in new fixpacks available from Fix Central. Vulnerability Details CVEID:CVE-2025-41234 DESCRIPTION: Description In Spring Framework, versions 6.0.x a...

EUVD-2016-10276

Malware in sbrugna...

EUVD-2015-5240

Malware in sbrugna...

EUVD-2016-5854

Malware in sbrugna...

EUVD-2018-0652

Malware in sbrugna...

EUVD-2025-18218

Malicious code in bioql PyPI...

EUVD-2022-5018

Malicious code in bioql PyPI...

EUVD-2021-6720

Malicious code in bioql PyPI...

EUVD-2021-6716

Malicious code in bioql PyPI...

EUVD-2022-52090

Malicious code in bioql PyPI...

EUVD-2022-7200

Malicious code in bioql PyPI...

EUVD-2021-6717

Malicious code in bioql PyPI...

EUVD-2022-0092

Malicious code in bioql PyPI...

EUVD-2023-33081

Malicious code in bioql PyPI...