Security Bulletin: Security vulnerability has been found in IBM Security Verify Directory (Container) used by IBM Security Verify Governance Identity Manager Adapters

Summary IBM Security Verify Governance Identity Manager Adapters uses IBM Security Verify Directory Container. Information about security vulnerability affecting IBM Security Verify Directory Container has been published in security bulletin. Vulnerability Details Refer to the security bulletins...

EUVD-2022-32408

Malicious code in bioql PyPI...

CVE-2025-33077

IBM Engineering Systems Design Rhapsody 9.0.2, 10.0, and 10.0.1 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local user could overflow the buffer and execute arbitrary code on the system...

IBM Engineering Systems Design Rhapsody 安全漏洞

IBM Engineering Systems Design Rhapsody is a model-driven development MDD environment for systems engineering and software development provided by IBM. An information disclosure vulnerability exists in IBM Engineering Systems Design Rhapsody, which arises from the transmission of sensitive...

CVE-2024-20787

CVE-2024-20787 affects Substance 3D Painter (versions ≤ 10.0.1). It is an out-of-bounds read vulnerability in Painter’s code that can disclose memory contents and bypass ASLR. Exploitation requires user interaction (opening a malicious file). Affected guidance indicates remediation via updates to...

CVE-2024-20787 Substance3D - Painter | Out-of-bounds Read (CWE-125)

Substance3D - Painter versions 10.0.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a...

PT-2024-8753 · Mendix · Mendix Encryption

Name of the Vulnerable Software and Affected Versions: Mendix Encryption versions 10.0.0 through 10.0.1 Description: A vulnerability has been identified in the Mendix Encryption module, where affected versions define a specific hard-coded default value for the EncryptionKey constant. This default...

SUSE CVE-2018-2964

Vulnerability in the Java SE component of Oracle Java SE subcomponent: Deployment. Supported versions that are affected are Java SE: 8u172 and 10.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful...

Vulnerabilities fixed in HCL Lotus Notes

HCL has fixed vulnerabilities in Lotus Notes. A unauthenticated malicious person could exploit the vulnerabilities to cause a denial-of-service, or to potentially execute arbitrary execute arbitrary code with user privileges. HCL has released updates to fix the vulnerabilities in Lotus Notes 9.0....

CVE-2022-31773

IBM DataPower Gateway V10CD, 10.0.1, and 2018.4.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 228357...

Design/Logic Flaw

HCL iNotes is susceptible to a sensitive cookie exposure vulnerability. This can allow an unauthenticated remote attacker to capture the cookie by intercepting its transmission within an http session. Fixes are available in HCL Domino and iNotes versions 10.0.1 FP6 and 11.0.1 FP2 and later...

CVE-2020-9564

Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution...

CVE-2020-9561

Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution...

Out-of-bounds

Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure...

Design/Logic Flaw

Adobe Bridge versions 10.0.1 and earlier version have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution...

JDK: unspecified vulnerability fixed in 8u171 and 10.0.1 (Install)

Vulnerability in the Java SE component of Oracle Java SE subcomponent: Install. Supported versions that are affected are Java SE: 8u162 and 10. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE executes to compromise Java SE...