4.3

CVSS3.1

CVE-2025-14687 - Client-Side Enforcement of Server-Side Security in IBM Db2 Intelligence Center

IBM Db2 Intelligence Center 1.1.0, 1.1.1, 1.1.2 could allow an authenticated user to perform unauthorized actions due to client-side enforcement of sever side security mechanisms.

πŸ“… Published: Dec. 26, 2025, 1:21 p.m. πŸ”„ Last Modified: Jan. 14, 2026, 8:46 p.m.

9.8

CVSS3.1

CVE-2025-13915 - Authentication bypass in IBM API Connect

IBM API Connect 10.0.8.0 through 10.0.8.5, and 10.0.11.0 could allow a remote attacker to bypass authentication mechanisms and gain unauthorized access to the application.

πŸ“… Published: Dec. 26, 2025, 1:16 p.m. πŸ”„ Last Modified: Feb. 26, 2026, 4:07 p.m.

7.8

CVSS3.1

CVE-2025-12771 - IBM Concert Software Improper Restriction of Operations within the Bounds of a Memory Buffer.

IBM Concert 1.0.0 through 2.1.0 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local user could overflow the buffer and execute arbitrary code on the system.

πŸ“… Published: Dec. 26, 2025, 1:01 p.m. πŸ”„ Last Modified: Feb. 26, 2026, 4:07 p.m.

5.9

CVSS3.1

CVE-2025-1721 - BM Concert Software Improper Clearing of Heap Memory Before Release.

IBM Concert 1.0.0 through 2.1.0 could allow a remote attacker to obtain sensitive information from allocated memory due to improper clearing of heap memory.

πŸ“… Published: Dec. 26, 2025, 12:55 p.m. πŸ”„ Last Modified: Dec. 29, 2025, 6:15 p.m.

7.8

CVSS3.1

CVE-2025-67450 -

Due to insecure library loading in the Eaton UPS Companion software executable,Β an attacker with access to the software package could perform arbitrary code execution .Β This security issue has been fixed in the latest version of EUC which is available on the Eaton download center.

πŸ“… Published: Dec. 26, 2025, 6:59 a.m. πŸ”„ Last Modified: Feb. 18, 2026, 2:38 p.m.

6.7

CVSS3.1

CVE-2025-59888 -

Improper quotation in search paths in the Eaton UPS Companion software installer could lead to arbitrary code execution of an attacker with the access to the file system. This security issue has been fixed in the latest version of EUC which is available on the Eaton download center.

πŸ“… Published: Dec. 26, 2025, 6:53 a.m. πŸ”„ Last Modified: Feb. 18, 2026, 2:39 p.m.

8.6

CVSS3.1

CVE-2025-59887 -

Improper authentication of library files in the Eaton UPS Companion software installer could lead to arbitrary code execution of an attacker with the access to the software package. This security issue has been fixed in the latest version of EUC which is available on the Eaton download center.

πŸ“… Published: Dec. 26, 2025, 6:48 a.m. πŸ”„ Last Modified: Feb. 18, 2026, 2:37 p.m.

7.2

CVSS4.0

CVE-2025-62578 - DVP-12SE - Modbus/TCP Cleartext Transmission of Sensitive Information

DVP-12SE - Modbus/TCP Cleartext Transmission of Sensitive Information

πŸ“… Published: Dec. 26, 2025, 6:05 a.m. πŸ”„ Last Modified: Jan. 8, 2026, 10:02 p.m.

5.8

CVSS4.0

CVE-2025-8075 - Improper Input Validation

Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems (ICS) and OT/IoT security, has discovered that validation of incoming XML format request messages is inadequate. This vulnerability could allow an attacker to XSS on the user's browser. The manu…

πŸ“… Published: Dec. 26, 2025, 4:31 a.m. πŸ”„ Last Modified: Jan. 7, 2026, 6:48 p.m.

6.3

CVSS4.0

CVE-2025-52601 - Hardcoding sensitive information

Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems (ICS) and OT/IoT security, has discovered a vulnerability in Device Manager that a hardcoded encryption key for sensitive information. An attacker can use key to decrypt sensitive information. T…

πŸ“… Published: Dec. 26, 2025, 4:29 a.m. πŸ”„ Last Modified: Jan. 7, 2026, 6:46 p.m.
Total resulsts: 343923
Page 1876 of 34,393
Β« previous page Β» next page
Filters