A stack-buffer-overflow was found in QEMU in the NVME component. The flaw lies in nvme_changed_nslist() where a malicious guest controlling certain input can read out…

An off-by-one error was found in the SCSI device emulation in QEMU. It could occur while processing MODE SELECT commands in mode_sense_page() if the 'page'…

IBM Guardium Data Encryption (GDE) 5.0.0.2 and 5.0.0.3 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP…

IBM Maximo Asset Management 7.6.1.2 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user…

A flaw was found in mbsync versions prior to 1.4.4. Due to inadequate handling of extremely large (>=2GiB) IMAP literals, malicious or compromised IMAP servers,…

A reflected cross-site scripting (XSS) vulnerability in the Symantec Layer7 API Management OAuth Toolkit (OTK) allows a remote attacker to craft a malicious URL for…

An path traversal vulnerability leading to delete arbitrary files was discovered in BigFileAgent. Remote attackers can use this vulnerability to delete arbitrary files of unspecified…

An improper input validation leading to arbitrary file creation was discovered in ToWord of ToOffice. Remote attackers use this vulnerability to execute arbitrary file included…

Missing fixes for CVE-2021-40438 and CVE-2021-26691 in the versions of httpd, as shipped in Red Hat Enterprise Linux 8.5.0, causes a security regression compared to…

A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the…