CVE-2025-70311

JEEWMS 1.0 is vulnerable to SQL Injection. The vulnerability is triggered by providing crafted values in the id1 and id2 parameters to the /systemControl.do interface, enabling attackers to inject malicious SQL statements. Root cause details are not elaborated in the available documents. Impact s...

CVE-2024-6983

mudler/localai version 2.17.1 is vulnerable to remote code execution. The vulnerability arises because the localai backend receives inputs not only from the configuration file but also from other inputs, allowing an attacker to upload a binary file and execute malicious code. This can lead to the...

VMware Releases Security Advisory for Aria Automation

VMware released a security advisory to address a vulnerability CVE-2023-34063 in Aria Automation. A cyber threat actor could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review VMware Security Advisory VMSA-2024-0001link is external...

kernel: stack overflow in do_proc_dointvec and proc_skip_spaces

A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system...

Apple Releases Security Updates for Multiple Products

Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Apple security pages for the following products and apply the...

Security Bulletin: Multiple Vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM Workload Manager (CVE-2017-10115 and CVE-2017-10116)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition and IBM® Runtime Environment Java™ that are used by IBM Workload Scheduler. These issues were disclosed as part of the IBM Java SDK updates in July 2017. Vulnerability Details CVEID: CVE-2017-10115 DESCRIPTION: An...

Security Update for Windows Vista (KB2621146)

A security issue has been identified that could allow an authenticated remote attacker to compromise your system and gain control over it. You can help protect your system by installing this update from Microsoft. After you install this update, you may have to restart your system...

Security Update for Windows 2000 (KB941693)

A security issue has been identified that could allow an authenticated local attacker to compromise your Microsoft Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your...

Security Update for Windows Vista for x64-based Systems (KB2506212)

A security issue has been identified that could allow an unauthenticated remote attacker to compromise your system and gain control over it. You can help protect your system by installing this update from Microsoft. After you install this update, you may have to restart your system...

Security Update for Windows 7 (KB2807986)

A security issue has been identified that could allow an authenticated local attacker to compromise your system and gain control over it. You can help protect your system by installing this update from Microsoft. After you install this update, you may have to restart your system...

Security Update for Windows Server 2003 (KB980232)

A security issue has been identified that could allow an unauthenticated remote attacker to compromise your system and gain control over it. You can help protect your system by installing this update from Microsoft. After you install this update, you may have to restart your system...