Apache SIS has Improper Restriction of XML External Entity Reference vulnerability

Improper Restriction of XML External Entity Reference vulnerability in Apache SIS. It is possible to write XML files in such a way that, when parsed by Apache SIS, an XML file reveals to the attacker the content of a local file on the server running Apache SIS. This vulnerability impacts the...

CVE-2025-68280 Apache SIS: XML External Entity (XXE) vulnerability

Improper Restriction of XML External Entity Reference vulnerability in Apache SIS. It is possible to write XML files in such a way that, when parsed by Apache SIS, an XML file reveals to the attacker the content of a local file on the server running Apache SIS. This vulnerability impacts the...

Unity Linux 20.1060a / 20.1070a Security Update: tomcat (UTSA-2025-986129)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986129 advisory. Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Commons FileUpload. This issue affects Apache Commons...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: apache-commons-fileupload (UTSA-2025-279266)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-279266 advisory. Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Commons FileUpload. This issue affects Apache Commons...

EUVD-2025-27087

Malicious code in bioql PyPI...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2025-48976)

Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Industry Solutions including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas, and Maximo for Utilities, Maximo Adapter for Primavera,...

IBM WebSphere Application Server 8.5.x < 8.5.5.29 / 9.x < 9.0.5.26 / Liberty 17.0.0.3 < 25.0.0.9 DoS (7242088)

The version of IBM WebSphere Application Server running on the remote host is affected by a DoS vulnerability as referenced in the 7242088 advisory. - Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Commons FileUpload. This issue affect...

OESA-2025-1706 apache-commons-fileupload security update

The javax.servlet package lacks support for RFC-1867, HTML file upload. This package provides a simple to use API for working with such data. The scope of this package is to create a package of Java utility classes to read multipart/form-data within a javax.servlet.http.HttpServletRequest. Securi...

INN < 1.6 Multiple Vulnerabilities

According to its banner, the remote version of INN is older than version 1.6. A number of security holes have been found older versions of INN, some of which may allow arbitrary command execution. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10129;...