CVE-2024-42206

HCL iReflection Third party vulnerable and outdated components issue was detected in the web application...

CVE-2024-42206

Technical details are not publicly available in the provided documents. Monitor for updates on affected components, root cause, and remediation.

CVE-2024-42206 HCL iReflection Use of Third party vulnerable and outdated components issue was detected in the web application.

HCL iReflection Third party vulnerable and outdated components issue was detected in the web application...

CVE-2024-42206 HCL iReflection Use of Third party vulnerable and outdated components issue was detected in the web application.

HCL iReflection Third party vulnerable and outdated components issue was detected in the web application...

Security Bulletin: IBM Maximo Application Suite uses multiple third party dependencies which is vulnerable to multiple CVEs.

Summary IBM Maximo Application Suite uses cryptography-46.0.5-cp311-abi3-manylinux234x8664.whl, axios-1.13.5.tgz, protobufjs-7.3.2.tgz and axios-1.15.0.tgz which are vulnerable to CVE-2026-34073, CVE-2026-39892, CVE-2025-62718, CVE-2026-40175, PSIRT-WS-2026-0004, CVE-2026-41242, CVE-2026-42033,...

EUVD-2026-30155

The HCL BigFix SCM Reporting site contains an outdated and unsupported version of the jQuery 1.x library. Since jQuery 1.x has reached end-of-life and no longer receives security updates, it may expose the application to publicly known security weaknesses and increase the risk of client-side...

PT-2026-40799

The HCL BigFix SCM Reporting site contains an outdated and unsupported version of the jQuery 1.x library. Since jQuery 1.x has reached end-of-life and no longer receives security updates, it may expose the application to publicly known security weaknesses and increase the risk of client-side...

HCL BigFix SCM Reporting 安全漏洞

HCL BigFix SCM Reporting is a security configuration management reporting component developed by the Indian company HCL. HCL BigFix SCM Reporting has a security vulnerability that stems from the use of outdated and unsupported jQuery 1.x libraries. This vulnerability may increase the risk of...

Adobe Commerce 安全漏洞

Adobe Commerce is a leading global digital business solution for businesses and brands offered by Adobe in the United States. There is a security vulnerability in Adobe Commerce, which stems from reliance on vulnerable third-party components, potentially causing application denial-of-service...

Security Bulletin: IBM Operational Decision Manager for March 2026 - Multiple CVEs addressed

Summary IBM Operational Decision Manager is vulnerable to multiple remote code execution and denial of service attacks in third party and open source used in the product for various functions. See full list below. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2025-41254...

Siemens SINEC OS

SUMMARY SINEC OS before V3.3 contains third-party components with multiple vulnerabilities. Siemens has released new versions for the affected products and recommends to update to the latest versions. 2. GENERAL RECOMMENDATIONS As a general security measure, Siemens strongly recommends to...

Security Bulletin: Enterprise Content Managemant System Monitor for December 2025 - multiple CVEs

Summary Enterprise Content Management System Monitor is vulnerable to multiple remote code execution and denial of service attacks in third party and open source used in the product for various functions. See full list below. The vulnerabilities have been addressed. Vulnerability Details...

Oracle Critical Patch Update Advisory - January 2026

A Critical Patch Update is a collection of patches for multiple security vulnerabilities. These patches address vulnerabilities in Oracle code and in third party components included in Oracle products. These patches are usually cumulative, but each advisory describes only the security patches add...

[R2] Nessus Versions 10.11.1 and 10.9.6 Fix Multiple Vulnerabilities

R2 Nessus Versions 10.11.1 and 10.9.6 Fix Multiple Vulnerabilities Arnie Cabral Mon, 12/15/2025 - 09:48 Nessus leverages third-party software to help provide underlying functionality. Several of the third-party components expat, libxml2, libxslt were found to contain vulnerabilities, and updated...

Security Bulletin: IBM Automation Decision Services for October 2025 - Multiple CVEs addressed

Summary IBM Automation Decision Services is vulnerable to multiple remote code execution and denial of service attacks in third party and open source used in the product for various functions. See full list below. The vulnerabilities have been addressed Vulnerability Details CVEID:CVE-2025-46653...

CVE-2025-20010

CVE-2025-20010 affects Intel\u00ae Processor Identification Utility prior to version 8.0.43. The issue arises from use of unmaintained third-party components, enabling local privilege escalation by an authenticated user with low attack complexity. Reported impacts are high for confidentiality, in...

EUVD-2025-36751

Malicious code in xo-third-party-components npm...

Malicious Package

Overview xo-third-party-components is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

Malicious code in xo-third-party-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f8be28c49d694fc1f5050cb2878693f651e4fd877c7c3e0ea83d08cf9a28cb5d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-49072 Malicious code in xo-third-party-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f8be28c49d694fc1f5050cb2878693f651e4fd877c7c3e0ea83d08cf9a28cb5d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...