Lucene search
K

6 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/06/26 3:42 p.m.6 views

Security Bulletin: IBM InfoSphere Information Server is vulnerable to SQL injection (CVE-2025-0966)

Summary A SQL injection vulnerability in IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2025-0966 DESCRIPTION: IBM InfoSphere Information Server vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the...

7.6CVSS7.2AI score0.00269EPSS
Exploits0Affected Software1
OSV
OSV
added 2025/03/27 2:12 p.m.7 views

GHSA-RCW3-WMX7-CPHR Vega Cross-Site Scripting (XSS) via event filter when not using CSP mode expressionInterpeter

Impact In vega 5.30.0 and lower, vega-functions 5.15.0 and lower , it was possible to call JavaScript functions from the Vega expression language that were not meant to be supported. Patches Patched in vega 5.31.0 / vega-functions 5.16.0 Workarounds Is there a way for users to fix or remediate th...

6.9CVSS7.1AI score0.00324EPSS
Exploits1References6
NVD
NVD
added 2025/03/14 6:15 p.m.11 views

CVE-2025-29779

Post-Quantum Secure Feldman's Verifiable Secret Sharing provides a Python implementation of Feldman's Verifiable Secret Sharing VSS scheme. In versions 0.8.0b2 and prior, the secureredundantexecution function in feldmanvss.py attempts to mitigate fault injection attacks by executing a function...

5.4CVSS0.00178EPSS
Exploits0References3
OSV
OSV
added 2023/02/07 9:30 p.m.60 views

GHSA-26F8-X7CC-WQPC Apache Kafka Connect vulnerable to Deserialization of Untrusted Data

A possible security vulnerability has been identified in Apache Kafka Connect API. This requires access to a Kafka Connect worker, and the ability to create/modify connectors on it with an arbitrary Kafka client SASL JAAS config and a SASL-based security protocol, which has been possible on Kafka...

8.8CVSS8.7AI score0.95302EPSS
Exploits8References6
Qualys Blog
Qualys Blog
added 2020/11/11 1:52 a.m.68 views

Dive Deep into VMDR

Qualys devoted the second day of the QSC USA 2020 virtual conference entirely to vulnerability management, detection and response VMDR, a critical area for the security and compliance of hybrid cloud IT environments. Mehul Revankar, VP of Product Management and Engineering for VMDR at Qualys, set...

0.1AI score
Exploits0
0day.today
0day.today
added 2015/06/10 12:0 a.m.69 views

Elasticsearch 1.5.2 File Creation Vulnerability

Elasticsearch versions 1.0.0 through 1.5.2 are vulnerable to an engineered attack on other applications on the system. The snapshot API may be used indirectly to place snapshot metadata files into locations that are writeable by the user running the Elasticsearch process. It is possible to create...

6CVSS0.3AI score0.0445EPSS
Exploits1
Rows per page
Query Builder