Security Bulletin: IBM Operational Decision Manager for January 2026 - Multiple CVEs addressed

Summary IBM Operational Decision Manager is vulnerable to multiple remote code execution and denial of service attacks in third party and open source used in the product for various functions. See full list below. The vulnerabilities have been addressed Vulnerability Details CVEID:CVE-2025-13465...

MiracleLinux 4 : krb5-1.10.3-33.AXS4 (AXSA:2014-606:02)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-606:02 advisory. Description : Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecu...

EUVD-2019-4602

Malware in sbrugna...

EUVD-2025-10826

Malicious code in bioql PyPI...

EUVD-2022-28626

Malicious code in bioql PyPI...

CVE-2023-51454

A Out-of-bounds Write issue affecting the v2sdkservice running on a set of DJI drone devices on the port 10000 could allow an attacker to overwrite a pointer in the process memory through a crafted payload triggering an unsafe memory write operation in the mytcpreceive function implemented in the...

CVE-2021-22339

There is a denial of service vulnerability in some versions of ManageOne. In specific scenarios, due to the insufficient verification of the parameter, an attacker may craft some specific parameter. Successful exploit may cause some services abnormal...

CVE-2020-1862

There is a double free vulnerability in some Huawei products. A local attacker with low privilege may perform some operations to exploit the vulnerability. Due to doubly freeing memory, successful exploit may cause some service abnormal. Affected product versions include:CampusInsight versions...

[SECURITY] [DSA 5898-1] chromium security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5898-1 [email protected] https://www.debian.org/security/ Andres Salomon April 09, 2025 https://www.debian.org/security/faq -...

CVE-2023-36268

DoS issues, or unexploitable crashes, are out of scope for vulnerabilities...

Important: samba

Issue Overview: When doing NTLM authentication, the client sends replies to cryptographic challenges back to the server. These replies have variable length. Winbind did not properly bounds-check the lan manager response length, which despite the lan manager version no longer being used is still...

Services and Virtual Servers show State: Unknown. / /var/crash filesystem full

State: Unknown. Services and Virtual Servers /shell $cat df-akin.out FilesystemSizeUsedAvail Capacity iused ifree %iusedMounted on /dev/md0429M415M5.6M99%13k44k23%/ devfs1.0k1.0k0B100%00100%/dev procfs4.0k4.0k0B100%10100%/proc /dev/ad0s1a1.6G160M1.3G11%286211k0%/flash...

CVE-2022-39012

Huawei Aslan Children's Watch has an improper input validation vulnerability. Successful exploitation may cause the watch's application service abnormal...

PT-2022-24668 · Huawei · Huawei Aslan Children'S Watch

Name of the Vulnerable Software and Affected Versions: Huawei Aslan Children's Watch affected versions not specified Description: The issue is related to improper input validation, which may cause the watch's application service to become abnormal upon successful exploitation. Recommendations: At...

HDX Adaptive Transport Configuration for Gateway Service

If you have users that use Workspace app for Linux or Android to access virtual apps or desktops through Gateway Service, they may be unable to launch sessions after Enlightened Data Transport EDT is enabled in Gateway Service...

Description of the security update for Microsoft Exchange Server 2019, 2016, and 2013: May 11, 2021 (KB5003435)

Description of the security update for Microsoft Exchange Server 2019, 2016, and 2013: May 11, 2021 KB5003435 This security update rollup resolves vulnerabilities in Microsoft Exchange Server. To learn more about these vulnerabilities, see the following Common Vulnerabilities and Exposures CVE:...

OPENSUSE-SU-2021:0079-1 Security update for ceph

This update for ceph fixes the following issues: Security issues fixed: - CVE-2020-27781: Fixed a privilege escalation via the cephvolumeclient Python interface bsc1179802 bsc1180155. Non-security issues fixed: - Fixes an issue when check in legacy collection reaches end. bsc1179139 - Fixes an...

OPENSUSE-SU-2020:1647-1 Security update for kdeconnect-kde

This update for kdeconnect-kde fixes the following issues: kdeconnect-kde was updated to fix various security issues in its default enabled network service CVE-2020-26164, boo1176268: This update was imported from the openSUSE:Leap:15.1:Update update project...

CVE-2020-1805

Huawei Honor V10 smartphones with versions earlier than 10.0.0.156C00E156R2P4 has three out of bounds vulnerabilities. Certain driver program does not sufficiently validate certain parameters received, that would lead to several bytes out of bound read. Successful exploit may cause information...

SUSE-SU-2019:1523-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: Security issues fixed: - CVE-2019-11472: Fixed a denial-of-service in ReadXWDImage bsc1133204. - CVE-2019-11470: Fixed a denial-of-service in ReadCINImage bsc1133205. - CVE-2019-11506: Fixed a heap-based buffer overflow in the WriteMATLABIma...