19 matches found
Security Bulletin: Multiple Vulnerabilities in IBM Workload Scheduler Container component of IBM Workload Automation Container
Summary Multiple vulnerabilities were addressed in IBM Workload Scheduler Container component of IBM Workload Automation Container 10.1.0.6 and 10.2.5 Vulnerability Details CVEID:CVE-2023-6597 DESCRIPTION: An issue was found in the CPython tempfile.TemporaryDirectory class affecting versions...
Security Bulletin: Multiple vulnerabilities in IBM Cognos Command Center
Summary Multiple vulnerabilities were addressed in IBM Cognos Command Center 10.2.5 FP1 IF2 Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with commons-lang:commons-lang 2.0 to...
async_mqtt 安全漏洞
asyncmqtt is an MQTT protocol library from the individual developer Takatoshi Kondo. A security vulnerability exists in asyncmqtt version 10.2.5, which stems from a post-release reuse issue in the endpoint destructor function that could lead to a denial of service attack...
EUVD-2025-25811
Malicious code in bioql PyPI...
WordPress plugin Quiz And Survey Master 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...
CVE-2025-2697
IBM Cognos Command Center 10.2.4.1 and 10.2.5 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to...
CVE-2025-1494
IBM Cognos Command Center 10.2.4.1 and 10.2.5 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attack...
CVE-2025-1994
CVE-2025-1994 affects IBM Cognos Command Center versions 10.2.4.1 and 10.2.5. The root cause is unsafe use of the BinaryFormatter function, enabling a local user to execute arbitrary code on the system. Confirmed details from multiple sources indicate local code execution risk with high impact ac...
CVE-2025-1994 IBM Cognos Command Center code execution
IBM Cognos Command Center 10.2.4.1 and 10.2.5 could allow a local user to execute arbitrary code on the system due to the use of unsafe use of the BinaryFormatter function...
CVE-2025-2697 IBM Cognos Command Center HTTP Open Redirect
IBM Cognos Command Center 10.2.4.1 and 10.2.5 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to...
CVE-2025-1494 IBM Cognos Command Center clickjacking
IBM Cognos Command Center 10.2.4.1 and 10.2.5 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attack...
CVE-2025-1494
IBM Cognos Command Center versions 10.2.4.1 and 10.2.5 are affected by a clickjacking vulnerability (CWE-1021) that could allow a remote attacker to hijack a victim’s click actions by luring them to a malicious website. The CVE-2025-1494 vulnerability has CVSS v3.1: AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:...
IBM Cognos Command Center 安全漏洞
IBM Cognos Command Center is a solution for automating business processes that simplifies operational complexity across multiple software environments by allowing users to view, execute and monitor automated processes through a single interface. A clickjacking vulnerability exists in IBM Cognos...
Grafana 10.2.x < 10.2.5 Improper Privilege Management
According to its self-reported version, the Grafana install hosted on the remote host is 8.5.x earlier than 9.5.7, or 10.0.x earlier than 10.0.12, or 10.1.x earlier than 10.1.8, or 10.2.x earlier than 10.2.5, or 10.3.x earlier than 10.3.4. It is, therefore, affected by a improper privilege...
PT-2024-24273 · Ibm · Ibm Cognos Command Center
Name of the Vulnerable Software and Affected Versions: IBM Cognos Command Center versions 10.2.4.1 through 10.2.5 Description: The issue could disclose highly sensitive user information to an authenticated user with physical access to the device. Recommendations: For versions 10.2.4.1 and 10.2.5,...
IBM Cognos Command Center 安全漏洞
IBM Cognos Command Center is a software product from International Business Machines IBM used to help organizations manage and monitor their IBM Cognos Business Intelligence solutions. A security vulnerability exists in IBM Cognos Command Center versions 10.2.4.1 and 10.2.5, which stems from the...
CVE-2023-5052 Cross Site Scripting (XSS) in Servidor Uniforme Zero
vulnerability in Uniform Server Zero, version 10.2.5, consisting of an XSS through the /usextra/phpinfo.php page. This vulnerability could allow a remote user to send a specially crafted query to an authenticated user and partially take over their session details...
Veritas eDiscovery Platform Security Breach
Veritas eDiscovery Platform is a powerful engine from Veritas, Inc. for performing large-scale, dataset-driven searches to help organizations quickly identify critical parsed documents. A security vulnerability exists in Veritas eDiscovery Platform versions prior to 10.2.5, which stems from an...
GitLab 9.4.x - 9.5.10, 10.x - 10.1.5, 10.2.x - 10.2.5, 10.3.x - 10.3.3 SQLi Vulnerability
GitLab is prone to a SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:gitlab:gitlab"; if...