EUVD-2025-27779

Malicious code in bioql PyPI...

CVE-2025-30263

A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.0...

CVE-2025-30263 Qsync Central

A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.0...

CVE-2025-30263 Qsync Central

A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.0...

CVE-2025-30263

CVE-2025-30263 describes a NULL pointer dereference in QNAP Qsync Central . The flaw can be triggered when a remote attacker, after obtaining a user account, exploits the condition to cause a denial-of-service. Affected component is the Qsync Central service; the underlying impact stated is avail...

CVE-2025-30262 Qsync Central

A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.0...

CVE-2025-30261 Qsync Central

An allocation of resources without limits or throttling vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We hav...

Security Bulletin: IBM API Connect is impacted by reflected cross site scripting (CVE-2020-4707)

Summary IBM API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2020-4707 DESCRIPTION: IBM API Connect is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionali...

Hexagon Intergraph G!NIUS SQL注入漏洞

Hexagon Intergraph G!NIUS is an industrial control device from the Swedish company Hexagon. A sensor. A SQL injection vulnerability exists in Hexagon Intergraph G!NIUS prior to version 5.0.0.0. The vulnerability stems from a lack of validation of externally entered SQL statements in database-base...

Security Bulletin: IBM Spectrum Scale GUI is affected by cross-site scripting (CVE-2020-4358)

Summary A security vulnerability has been identified in all levels of IBM Spectrum Scale GUI. A fix for this vulnerability is available. Vulnerability Details CVEID: CVE-2020-4358 DESCRIPTION: IBM Spectrum Scale is vulnerable to cross-site scripting. This vulnerability allows users to embed...

Security Bulletin: IBM Watson IoT MessageGateway Server is affected by a buffer overflow vulnerability (CVE-2020-4207)

Summary IBM Watson IoT MessageGateway Server is vulnerable to a buffer overflow isse that can result in denial of service and possible code execution. Vulnerability Details CVEID: CVE-2020-4207 DESCRIPTION: IBM Watson IoT Message Gateway is vulnerable to a buffer overflow, caused by improper boun...

Security Bulletin: IBM API Connect's Developer Portal(V5) is impacted by a a confidential information leak(CVE-2019-4600)

Summary IBM API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2019-4600 DESCRIPTION: IBM API Connect could reveal sensitive information to an attacker using a specially crafted HTTP request. CVSS Base Score: 5.3 CVSS Temporal Score: See for the current score...

IBM API Connect Information Disclosure Vulnerability (CNVD-2019-25511)

IBM API Connect APIConnect is a suite of integrated solutions for managing the API lifecycle from IBM USA. The product supports creating, running, managing, and securing APIs, microservices, and more. A vulnerability exists in IBM API Connect versions 5.0.0.0 through 5.0.8.6 for cryptographic...

IBM API Connect Information Disclosure Vulnerability (CNVD-2019-40899)

IBM API Connect APIConnect is a suite of integrated solutions for managing the API lifecycle from IBM USA. The product supports creating, running, managing, and securing APIs, microservices, and more. An information disclosure vulnerability exists in IBM API Connect versions 5.0.0.0 through...

Security Bulletin: IBM API Connect V5 is vulnerable to horizontal privilege escalation (CVE-2018-1859)

Summary IBM API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2018-1859 DESCRIPTION: IBM API Connect V5 could allow a user authenticated as an administrator with limited rights to escalate their privileges. CVSS Base Score: 4.3 CVSS Temporal Score: See for th...

Security Bulletin: IBM API Connect is vulnerable to CSV Injection (CVE-2018-1774)

Summary IBM API Connect has addressed the following vulnerability. IBM API Connect is vulnerable to CSV Injection via the Developer Portal and analytics that could contain malicious commands that would be executed once opened by an administrator. Vulnerability Details CVEID: CVE-2018-1774...

Security Bulletin: IBM API Connect is affected by multiple vulnerabilities in Drupal (CVE-2018-7603)

Summary API Connect has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2018-7603 DESCRIPTION: The Search Autocomplete for Drupal is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerabili...

Security Bulletin: IBM API Connect is affected by a Missing HTTP Strict Transport Security vulnerability (CVE-2018-1546)

Summary IBM API Connect has addressed the following vulnerability. IBM API Connect could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information...

Security Bulletin: API Connect Developer Portal is affected by cross-site scripting vulnerability (CVE-2018-1430)

Summary API Connect Developer Portal has addressed the following vulnerability. IBM API Connect Developer Portal is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI, thus altering the intended functionality and potentially leadin...

Security Bulletin: IBM API Connect is affected by an information disclosure vulnerability (CVE-2017-1379).

Summary IBM API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2017-1379 DESCRIPTION: IBM API Connect could allow a remote attacker to obtain sensitive information, caused by improper handling of requests to the Developer Portal. CVSS Base Score: 5.3 CVSS...