6 matches found
EUVD-2026-34918
A path traversal vulnerability exists in the Git Service component shared by Altium Enterprise Server and Altium 365. The service accepts a sequence of post-clone file-manipulation operations that use user-supplied paths without validation, allowing an authenticated user with basic git access to...
Security Bulletin: A vulnerability in cert-manager affects IBM Robotic Process Automation for Cloud Pak and could result in a denial of service (CVE-2024-12401).
Summary A vulnerability in cert-manager affects IBM Robotic Process Automation for Cloud Pak and could result in a denial of service CVE-2024-12401. Cert-manager is used by IBM Robotic Process Automation for Cloud Pak as part of it's container deployment. This security bulletin identifies the fix...
Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to a vulnerability found in Node.js
Summary There is a vulnerability in Node.js used by IBM Cloud Transformation Advisor CVE-2024-57699. Vulnerability Details CVEID:CVE-2024-57699 DESCRIPTION: A security issue was found in Netplex Json-smart 2.5.0 through 2.5.1. When loading a specially crafted JSON input, containing a large number...
Security Bulletin: This Power System update is being released to address CVE-2023-52340
Summary The Linux kernel is used by the Virtualization Management Interface in PowerVM to support network communication with the Hardware Management Console. This bulletin provides a remediation for the impacted vulnerability, CVE-2023-52340, by upgrading PowerVM and thus addressing the exposure ...
Security Bulletin: A vulnerability in body-parser-1.20.2.tgz affects IBM Db2 Big SQL on Cloud Pak for Data
Summary A vulnerability in open source package expressjs body-parser-1.20.2.tgz affects IBM Db2 Big SQL 7.x on Cloud Pak for Data 5.x Vulnerability Details CVEID:CVE-2024-45590 DESCRIPTION: expressjs body-parser is vulnerable to a denial of service, caused by a flaw when url encoding is enabled. ...
/usr/libexec/vi.recover script contains vulnerability allowing arbitrary zero-length files to be removed
Overview The /usr/libexec/vi.recover script in OpenBSD has a vulnerability that could allow an attacker to remove arbitrary zero-length files, including device nodes. Description The /usr/libexec/vi.recover script in OpenBSD cleans up vi temp files and informs a user via email if a recovery file...