Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-29371 (GCVE-0-2024-29371)
Vulnerability from cvelistv5
Published
2025-12-17 00:00
Modified
2026-01-23 19:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In jose4j before 0.9.6, an attacker can cause a Denial-of-Service (DoS) condition by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-29371",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-17T18:38:20.096134Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1259",
"description": "CWE-1259 Improper Restriction of Security Token Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-17T18:48:36.126Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In jose4j before 0.9.6, an attacker can cause a Denial-of-Service (DoS) condition by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-23T19:28:10.386Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-29371",
"datePublished": "2025-12-17T00:00:00.000Z",
"dateReserved": "2024-03-19T00:00:00.000Z",
"dateUpdated": "2026-01-23T19:28:10.386Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-29371\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-12-17T18:38:20.096134Z\"}}}], \"references\": [{\"url\": \"https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack\", \"tags\": [\"exploit\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-1259\", \"description\": \"CWE-1259 Improper Restriction of Security Token Assignment\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-12-17T18:15:31.759Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"references\": [{\"url\": \"https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"In jose4j before 0.9.6, an attacker can cause a Denial-of-Service (DoS) condition by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2026-01-23T19:28:10.386Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-29371\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-01-23T19:28:10.386Z\", \"dateReserved\": \"2024-03-19T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2025-12-17T00:00:00.000Z\", \"assignerShortName\": \"mitre\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
CERTFR-2026-AVI-0372
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité des données et une atteinte à l'intégrité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
L'éditeur indique que les versions correctives suivantes seront mises à disposition ultérieurement : - WebSphere Application Server - Liberty 26.0.0.4 (deuxième trimestre 2026)
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | WebSphere | WebSphere Remote Server versions 9.1, 9.0 et 8.5 sans le dernier correctif de sécurité | ||
| IBM | WebSphere | WebSphere Application Server - Liberty sans le correctif APAR PH70510 | ||
| IBM | Sterling Connect:Direct | Sterling Connect:Direct pour UNIX versions 6.4.x antérieures à 6.4.0.5 | ||
| IBM | WebSphere | WebSphere eXtreme Scale versions 8.6.1.x antérieures à 8.6.1.6 sans le correctif APAR PH70422 | ||
| IBM | Security QRadar Log Management AQL | greffon Security QRadar Log Management AQL versions 1.x antérieures à 1.1.4 | ||
| IBM | Sterling Connect:Direct | Sterling Connect:Direct pour UNIX versions 6.3.x antérieures à 6.3.0.7 | ||
| IBM | Sterling Connect:Direct | Sterling Connect:Direct FTP+ versions 1.3.0.x antérieures à 1.3.0.4 |
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "WebSphere Remote Server versions 9.1, 9.0 et 8.5 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "WebSphere Application Server - Liberty sans le correctif APAR PH70510",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct pour UNIX versions 6.4.x ant\u00e9rieures \u00e0 6.4.0.5",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "WebSphere eXtreme Scale versions 8.6.1.x ant\u00e9rieures \u00e0 8.6.1.6 sans le correctif APAR PH70422",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "greffon Security QRadar Log Management AQL versions 1.x ant\u00e9rieures \u00e0 1.1.4",
"product": {
"name": "Security QRadar Log Management AQL",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct pour UNIX versions 6.3.x ant\u00e9rieures \u00e0 6.3.0.7",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct FTP+ versions 1.3.0.x ant\u00e9rieures \u00e0 1.3.0.4",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "L\u0027\u00e9diteur indique que les versions correctives suivantes seront mises \u00e0 disposition ult\u00e9rieurement : \n- WebSphere Application Server - Liberty 26.0.0.4 (deuxi\u00e8me trimestre 2026)",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-21933",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21933"
},
{
"name": "CVE-2026-21932",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21932"
},
{
"name": "CVE-2026-21925",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21925"
},
{
"name": "CVE-2025-7783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7783"
},
{
"name": "CVE-2026-1188",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1188"
},
{
"name": "CVE-2024-29371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29371"
},
{
"name": "CVE-2026-21945",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21945"
},
{
"name": "CVE-2026-29063",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-29063"
}
],
"initial_release_date": "2026-03-27T00:00:00",
"last_revision_date": "2026-03-27T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0372",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-03-27T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2026-03-25",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7267514",
"url": "https://www.ibm.com/support/pages/node/7267514"
},
{
"published_at": "2026-03-24",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7267346",
"url": "https://www.ibm.com/support/pages/node/7267346"
},
{
"published_at": "2026-03-24",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7267392",
"url": "https://www.ibm.com/support/pages/node/7267392"
},
{
"published_at": "2026-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7267689",
"url": "https://www.ibm.com/support/pages/node/7267689"
},
{
"published_at": "2026-03-24",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7267351",
"url": "https://www.ibm.com/support/pages/node/7267351"
},
{
"published_at": "2026-03-20",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7267058",
"url": "https://www.ibm.com/support/pages/node/7267058"
}
]
}
CERTFR-2026-AVI-0281
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Splunk. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à la confidentialité des données et une injection de code indirecte à distance (XSS).
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Splunk | Splunk AppDynamics Private Synthetic Agent | Splunk AppDynamics Private Synthetic Agent versions 26.1.x antérieures à 26.1.0 | ||
| Splunk | Splunk AppDynamics On-Premises Enterprise Console | Splunk AppDynamics On-Premises Enterprise Console versions 26.1.x antérieures à 26.1.1 | ||
| Splunk | Splunk AppDynamics Database Agent | Splunk AppDynamics Database Agent versions 26.1.x antérieures à 26.1.0 | ||
| Splunk | Splunk Cloud Platform | Splunk Cloud Platform versions 10.0.2503 antérieures à 10.0.2503.12 | ||
| Splunk | Splunk Cloud Platform | Splunk Cloud Platform versions 9.3.2411 antérieures à 9.3.2411.124 | ||
| Splunk | Splunk Enterprise | Splunk Enterprise versions 9.4.x antérieures à 9.4.9 | ||
| Splunk | Splunk Enterprise | Splunk Enterprise versions 10.2.x antérieures à 10.2.1 | ||
| Splunk | Splunk AppDynamics NodeJS Agent | Splunk AppDynamics NodeJS Agent versions 25.12.x antérieures à 25.12.1 | ||
| Splunk | Splunk Enterprise | Splunk Enterprise versions 10.0.x antérieures à 10.0.4 | ||
| Splunk | Splunk Enterprise | Splunk Enterprise versions 9.3.x antérieures à 9.3.10 | ||
| Splunk | Splunk Cloud Platform | Splunk Cloud Platform versions 10.1.2507 antérieures à 10.1.2507.17 | ||
| Splunk | Splunk AppDynamics Java Agent | Splunk AppDynamics Java Agent versions 26.1.x antérieures à 26.1.0 | ||
| Splunk | Splunk Cloud Platform | Splunk Cloud Platform versions 10.2.2510 antérieures à 10.2.2510.7 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Splunk AppDynamics Private Synthetic Agent versions 26.1.x ant\u00e9rieures \u00e0 26.1.0",
"product": {
"name": "Splunk AppDynamics Private Synthetic Agent",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk AppDynamics On-Premises Enterprise Console versions 26.1.x ant\u00e9rieures \u00e0 26.1.1",
"product": {
"name": "Splunk AppDynamics On-Premises Enterprise Console",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk AppDynamics Database Agent versions 26.1.x ant\u00e9rieures \u00e0 26.1.0",
"product": {
"name": "Splunk AppDynamics Database Agent",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Cloud Platform versions 10.0.2503 ant\u00e9rieures \u00e0 10.0.2503.12",
"product": {
"name": "Splunk Cloud Platform",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Cloud Platform versions 9.3.2411 ant\u00e9rieures \u00e0 9.3.2411.124",
"product": {
"name": "Splunk Cloud Platform",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Enterprise versions 9.4.x ant\u00e9rieures \u00e0 9.4.9",
"product": {
"name": "Splunk Enterprise",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Enterprise versions 10.2.x ant\u00e9rieures \u00e0 10.2.1",
"product": {
"name": "Splunk Enterprise",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk AppDynamics NodeJS Agent versions 25.12.x ant\u00e9rieures \u00e0 25.12.1",
"product": {
"name": "Splunk AppDynamics NodeJS Agent",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Enterprise versions 10.0.x ant\u00e9rieures \u00e0 10.0.4",
"product": {
"name": "Splunk Enterprise",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Enterprise versions 9.3.x ant\u00e9rieures \u00e0 9.3.10",
"product": {
"name": "Splunk Enterprise",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Cloud Platform versions 10.1.2507 ant\u00e9rieures \u00e0 10.1.2507.17",
"product": {
"name": "Splunk Cloud Platform",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk AppDynamics Java Agent versions 26.1.x ant\u00e9rieures \u00e0 26.1.0",
"product": {
"name": "Splunk AppDynamics Java Agent",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Cloud Platform versions 10.2.2510 ant\u00e9rieures \u00e0 10.2.2510.7",
"product": {
"name": "Splunk Cloud Platform",
"vendor": {
"name": "Splunk",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-6395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6395"
},
{
"name": "CVE-2018-16864",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16864"
},
{
"name": "CVE-2025-48073",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48073"
},
{
"name": "CVE-2025-31651",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31651"
},
{
"name": "CVE-2025-11219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11219"
},
{
"name": "CVE-2026-21933",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21933"
},
{
"name": "CVE-2025-58183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58183"
},
{
"name": "CVE-2026-21932",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21932"
},
{
"name": "CVE-2025-66199",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66199"
},
{
"name": "CVE-2025-53042",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53042"
},
{
"name": "CVE-2025-9231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9231"
},
{
"name": "CVE-2025-1594",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1594"
},
{
"name": "CVE-2025-3887",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3887"
},
{
"name": "CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"name": "CVE-2025-4574",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4574"
},
{
"name": "CVE-2025-9714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9714"
},
{
"name": "CVE-2025-10148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10148"
},
{
"name": "CVE-2025-14087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14087"
},
{
"name": "CVE-2025-12433",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12433"
},
{
"name": "CVE-2025-12444",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12444"
},
{
"name": "CVE-2023-33201",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33201"
},
{
"name": "CVE-2024-38286",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38286"
},
{
"name": "CVE-2025-11213",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11213"
},
{
"name": "CVE-2025-8556",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8556"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2025-12036",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12036"
},
{
"name": "CVE-2012-0871",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0871"
},
{
"name": "CVE-2025-4056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4056"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2025-53062",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53062"
},
{
"name": "CVE-2025-0518",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0518"
},
{
"name": "CVE-2025-69223",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69223"
},
{
"name": "CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"name": "CVE-2025-12084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12084"
},
{
"name": "CVE-2018-15688",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15688"
},
{
"name": "CVE-2025-45582",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45582"
},
{
"name": "CVE-2025-12438",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12438"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2023-26464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26464"
},
{
"name": "CVE-2025-69419",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69419"
},
{
"name": "CVE-2025-24813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24813"
},
{
"name": "CVE-2025-12435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12435"
},
{
"name": "CVE-2025-6075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6075"
},
{
"name": "CVE-2013-4394",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4394"
},
{
"name": "CVE-2019-20386",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20386"
},
{
"name": "CVE-2025-64183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64183"
},
{
"name": "CVE-2025-13226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13226"
},
{
"name": "CVE-2025-58185",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58185"
},
{
"name": "CVE-2025-47808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47808"
},
{
"name": "CVE-2021-46877",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46877"
},
{
"name": "CVE-2026-2391",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2391"
},
{
"name": "CVE-2017-18078",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18078"
},
{
"name": "CVE-2025-55752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55752"
},
{
"name": "CVE-2025-53905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53905"
},
{
"name": "CVE-2019-17571",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17571"
},
{
"name": "CVE-2025-11207",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11207"
},
{
"name": "CVE-2021-35939",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35939"
},
{
"name": "CVE-2025-13223",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13223"
},
{
"name": "CVE-2025-12431",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12431"
},
{
"name": "CVE-2026-23745",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23745"
},
{
"name": "CVE-2025-15467",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15467"
},
{
"name": "CVE-2024-58251",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58251"
},
{
"name": "CVE-2025-9820",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9820"
},
{
"name": "CVE-2024-7246",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7246"
},
{
"name": "CVE-2025-4598",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4598"
},
{
"name": "CVE-2026-21226",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21226"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2023-33202",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33202"
},
{
"name": "CVE-2025-12726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12726"
},
{
"name": "CVE-2025-12445",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12445"
},
{
"name": "CVE-2025-12437",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12437"
},
{
"name": "CVE-2025-15284",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15284"
},
{
"name": "CVE-2025-69230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69230"
},
{
"name": "CVE-2025-49125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49125"
},
{
"name": "CVE-2025-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
},
{
"name": "CVE-2025-14512",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14512"
},
{
"name": "CVE-2025-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58057"
},
{
"name": "CVE-2025-8291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8291"
},
{
"name": "CVE-2026-22795",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22795"
},
{
"name": "CVE-2026-21925",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21925"
},
{
"name": "CVE-2025-0716",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0716"
},
{
"name": "CVE-2025-64718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64718"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2025-12434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12434"
},
{
"name": "CVE-2025-69225",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69225"
},
{
"name": "CVE-2025-47910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47910"
},
{
"name": "CVE-2025-12439",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12439"
},
{
"name": "CVE-2018-16865",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16865"
},
{
"name": "CVE-2025-14874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14874"
},
{
"name": "CVE-2020-17521",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-17521"
},
{
"name": "CVE-2024-54677",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54677"
},
{
"name": "CVE-2025-48072",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48072"
},
{
"name": "CVE-2024-51744",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-51744"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2025-12432",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12432"
},
{
"name": "CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"name": "CVE-2025-10966",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10966"
},
{
"name": "CVE-2025-47906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
},
{
"name": "CVE-2026-20165",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20165"
},
{
"name": "CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"name": "CVE-2025-22919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22919"
},
{
"name": "CVE-2024-23672",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23672"
},
{
"name": "CVE-2025-69227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69227"
},
{
"name": "CVE-2021-33910",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33910"
},
{
"name": "CVE-2025-69421",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69421"
},
{
"name": "CVE-2025-58188",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58188"
},
{
"name": "CVE-2025-48964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48964"
},
{
"name": "CVE-2025-12443",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12443"
},
{
"name": "CVE-2025-4565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4565"
},
{
"name": "CVE-2024-56433",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56433"
},
{
"name": "CVE-2023-6602",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6602"
},
{
"name": "CVE-2025-11215",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11215"
},
{
"name": "CVE-2013-4393",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4393"
},
{
"name": "CVE-2019-3842",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3842"
},
{
"name": "CVE-2025-11205",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11205"
},
{
"name": "CVE-2025-55754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55754"
},
{
"name": "CVE-2025-12725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12725"
},
{
"name": "CVE-2022-23305",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23305"
},
{
"name": "CVE-2025-11208",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11208"
},
{
"name": "CVE-2025-68161",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68161"
},
{
"name": "CVE-2024-8372",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8372"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2024-56337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56337"
},
{
"name": "CVE-2025-3360",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3360"
},
{
"name": "CVE-2026-22796",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22796"
},
{
"name": "CVE-2025-11756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11756"
},
{
"name": "CVE-2025-59730",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59730"
},
{
"name": "CVE-2025-61724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61724"
},
{
"name": "CVE-2024-5642",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5642"
},
{
"name": "CVE-2020-13776",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13776"
},
{
"name": "CVE-2025-13033",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13033"
},
{
"name": "CVE-2022-23307",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23307"
},
{
"name": "CVE-2025-61723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61723"
},
{
"name": "CVE-2025-9232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9232"
},
{
"name": "CVE-2025-11212",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11212"
},
{
"name": "CVE-2025-12495",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12495"
},
{
"name": "CVE-2025-61795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61795"
},
{
"name": "CVE-2025-46394",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46394"
},
{
"name": "CVE-2021-35937",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35937"
},
{
"name": "CVE-2025-12840",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12840"
},
{
"name": "CVE-2025-52520",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52520"
},
{
"name": "CVE-2025-61725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61725"
},
{
"name": "CVE-2025-55163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
},
{
"name": "CVE-2025-11458",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11458"
},
{
"name": "CVE-2020-1712",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1712"
},
{
"name": "CVE-2025-32990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32990"
},
{
"name": "CVE-2025-12429",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12429"
},
{
"name": "CVE-2026-20164",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20164"
},
{
"name": "CVE-2025-48989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48989"
},
{
"name": "CVE-2026-24842",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24842"
},
{
"name": "CVE-2025-11211",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11211"
},
{
"name": "CVE-2025-32989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32989"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2025-53069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53069"
},
{
"name": "CVE-2026-23950",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23950"
},
{
"name": "CVE-2023-26118",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26118"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2025-69228",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69228"
},
{
"name": "CVE-2025-59250",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59250"
},
{
"name": "CVE-2025-14104",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14104"
},
{
"name": "CVE-2025-53044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53044"
},
{
"name": "CVE-2025-47807",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47807"
},
{
"name": "CVE-2025-47806",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47806"
},
{
"name": "CVE-2025-47912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47912"
},
{
"name": "CVE-2025-64182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64182"
},
{
"name": "CVE-2023-52428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52428"
},
{
"name": "CVE-2023-6604",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6604"
},
{
"name": "CVE-2025-48988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48988"
},
{
"name": "CVE-2025-68160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68160"
},
{
"name": "CVE-2022-3821",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3821"
},
{
"name": "CVE-2017-9217",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9217"
},
{
"name": "CVE-2025-60753",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-60753"
},
{
"name": "CVE-2025-64181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64181"
},
{
"name": "CVE-2025-67735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-67735"
},
{
"name": "CVE-2025-12436",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12436"
},
{
"name": "CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"name": "CVE-2025-13230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13230"
},
{
"name": "CVE-2013-4327",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4327"
},
{
"name": "CVE-2025-58186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58186"
},
{
"name": "CVE-2025-9086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9086"
},
{
"name": "CVE-2025-12446",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12446"
},
{
"name": "CVE-2025-13228",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13228"
},
{
"name": "CVE-2013-4391",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4391"
},
{
"name": "CVE-2026-20166",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20166"
},
{
"name": "CVE-2025-58187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58187"
},
{
"name": "CVE-2025-12441",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12441"
},
{
"name": "CVE-2024-29371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29371"
},
{
"name": "CVE-2025-47183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47183"
},
{
"name": "CVE-2025-13601",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13601"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2023-6601",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6601"
},
{
"name": "CVE-2018-16888",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16888"
},
{
"name": "CVE-2025-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58056"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2025-69226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69226"
},
{
"name": "CVE-2025-32988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32988"
},
{
"name": "CVE-2025-13224",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13224"
},
{
"name": "CVE-2025-13042",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13042"
},
{
"name": "CVE-2024-34750",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34750"
},
{
"name": "CVE-2025-11460",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11460"
},
{
"name": "CVE-2024-47081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
},
{
"name": "CVE-2025-47913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47913"
},
{
"name": "CVE-2025-13229",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13229"
},
{
"name": "CVE-2024-24549",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24549"
},
{
"name": "CVE-2025-12440",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12440"
},
{
"name": "CVE-2025-58181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58181"
},
{
"name": "CVE-2025-53054",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53054"
},
{
"name": "CVE-2025-11216",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11216"
},
{
"name": "CVE-2025-47914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47914"
},
{
"name": "CVE-2018-1049",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1049"
},
{
"name": "CVE-2025-69418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69418"
},
{
"name": "CVE-2025-8114",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8114"
},
{
"name": "CVE-2025-15468",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15468"
},
{
"name": "CVE-2025-58189",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58189"
},
{
"name": "CVE-2025-55668",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55668"
},
{
"name": "CVE-2025-11210",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11210"
},
{
"name": "CVE-2020-36518",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36518"
},
{
"name": "CVE-2026-21945",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21945"
},
{
"name": "CVE-2022-31159",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31159"
},
{
"name": "CVE-2025-12729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12729"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2025-46701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46701"
},
{
"name": "CVE-2025-13227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13227"
},
{
"name": "CVE-2024-30171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
},
{
"name": "CVE-2025-10256",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10256"
},
{
"name": "CVE-2026-20162",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20162"
},
{
"name": "CVE-2025-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
},
{
"name": "CVE-2025-12839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12839"
},
{
"name": "CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"name": "CVE-2025-37727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37727"
},
{
"name": "CVE-2025-53040",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53040"
},
{
"name": "CVE-2019-3844",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3844"
},
{
"name": "CVE-2025-53906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53906"
},
{
"name": "CVE-2025-12728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12728"
},
{
"name": "CVE-2025-8916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8916"
},
{
"name": "CVE-2023-6605",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6605"
},
{
"name": "CVE-2025-8885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8885"
},
{
"name": "CVE-2022-23302",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23302"
},
{
"name": "CVE-2025-12430",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12430"
},
{
"name": "CVE-2025-11187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11187"
},
{
"name": "CVE-2025-11206",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11206"
},
{
"name": "CVE-2025-62408",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62408"
},
{
"name": "CVE-2018-15686",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15686"
},
{
"name": "CVE-2021-35938",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35938"
},
{
"name": "CVE-2025-9951",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9951"
},
{
"name": "CVE-2025-53045",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53045"
},
{
"name": "CVE-2024-12243",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12243"
},
{
"name": "CVE-2025-59729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59729"
},
{
"name": "CVE-2025-48071",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48071"
},
{
"name": "CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"name": "CVE-2025-53506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53506"
},
{
"name": "CVE-2023-26604",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26604"
},
{
"name": "CVE-2025-69224",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69224"
},
{
"name": "CVE-2025-2759",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2759"
},
{
"name": "CVE-2025-53864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53864"
},
{
"name": "CVE-2025-53053",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53053"
},
{
"name": "CVE-2025-30153",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30153"
},
{
"name": "CVE-2025-59419",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59419"
},
{
"name": "CVE-2025-69229",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69229"
},
{
"name": "CVE-2024-8373",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8373"
},
{
"name": "CVE-2025-11209",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11209"
},
{
"name": "CVE-2025-30204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30204"
},
{
"name": "CVE-2024-21490",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21490"
},
{
"name": "CVE-2024-50379",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50379"
},
{
"name": "CVE-2023-49501",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49501"
},
{
"name": "CVE-2019-3843",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3843"
},
{
"name": "CVE-2018-6954",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-6954"
},
{
"name": "CVE-2025-53057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53057"
},
{
"name": "CVE-2026-26981",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-26981"
},
{
"name": "CVE-2025-12447",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12447"
},
{
"name": "CVE-2025-53066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53066"
},
{
"name": "CVE-2013-4392",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4392"
},
{
"name": "CVE-2025-48074",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48074"
},
{
"name": "CVE-2024-52316",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52316"
},
{
"name": "CVE-2016-7795",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7795"
},
{
"name": "CVE-2025-12727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12727"
},
{
"name": "CVE-2025-69420",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69420"
},
{
"name": "CVE-2025-12428",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12428"
},
{
"name": "CVE-2026-20163",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20163"
},
{
"name": "CVE-2025-11226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11226"
}
],
"initial_release_date": "2026-03-12T00:00:00",
"last_revision_date": "2026-03-12T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0281",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-03-12T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Splunk. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une injection de code indirecte \u00e0 distance (XSS).",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Splunk",
"vendor_advisories": [
{
"published_at": "2026-03-11",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0302",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0302"
},
{
"published_at": "2026-03-11",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0311",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0311"
},
{
"published_at": "2026-03-11",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0308",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0308"
},
{
"published_at": "2026-03-11",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0309",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0309"
},
{
"published_at": "2026-03-11",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0305",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0305"
},
{
"published_at": "2026-03-11",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0310",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0310"
},
{
"published_at": "2026-03-11",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0304",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0304"
},
{
"published_at": "2026-03-11",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0301",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0301"
},
{
"published_at": "2026-03-11",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0313",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0313"
},
{
"published_at": "2026-03-11",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0306",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0306"
},
{
"published_at": "2026-03-11",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0303",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0303"
},
{
"published_at": "2026-03-11",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0307",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0307"
},
{
"published_at": "2026-03-11",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0312",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0312"
}
]
}
CERTFR-2026-AVI-0327
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Sterling B2B Integrator | Sterling B2B Integrator et Sterling File Gateway versions 6.1.x antérieures à 6.1.2.8 | ||
| IBM | Sterling | Sterling Control Center versions 6.4.2.x antérieures à 6.4.2.0 iFix01 | ||
| IBM | Sterling B2B Integrator | Sterling B2B Integrator et Sterling File Gateway versions 6.2.2.x antérieures à 6.2.2.0_1 | ||
| IBM | Informix Dynamic Server | Informix Dynamic Server versions 12.10.x antérieures à 12.10.xC16W6 | ||
| IBM | WebSphere | WebSphere Hybrid Edition version 5.1 sans les correctifs de sécurité PH69757 et PH69729 | ||
| IBM | Sterling B2B Integrator | Sterling B2B Integrator et Sterling File Gateway versions 6.2.x antérieures à 6.2.0.5_2 | ||
| IBM | QRadar SIEM | QRadar SIEM versions 7.5.x antérieures à 7.5.0 UP15 | ||
| IBM | QRadar Suite Software | QRadar Suite Software versions 1.10.12.x antérieures à 1.11.9.0 | ||
| IBM | Sterling | Sterling Control Center versions 6.3.1.x antérieures à 6.3.1.0 iFix07 | ||
| IBM | Cloud Pak | Cloud Pak for Security versions 1.10.x antérieures à 1.11.9.0 | ||
| IBM | Sterling | Sterling Control Center versions 6.4.1.x antérieures à 6.4.1.0 iFix01 | ||
| IBM | Sterling B2B Integrator | Sterling B2B Integrator et Sterling File Gateway versions 6.2.1.x antérieures à 6.2.1.1_2 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Sterling B2B Integrator et Sterling File Gateway versions 6.1.x ant\u00e9rieures \u00e0 6.1.2.8",
"product": {
"name": "Sterling B2B Integrator",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Control Center versions 6.4.2.x ant\u00e9rieures \u00e0 6.4.2.0 iFix01",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling B2B Integrator et Sterling File Gateway versions 6.2.2.x ant\u00e9rieures \u00e0 6.2.2.0_1",
"product": {
"name": "Sterling B2B Integrator",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Informix Dynamic Server versions 12.10.x ant\u00e9rieures \u00e0 12.10.xC16W6",
"product": {
"name": "Informix Dynamic Server",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "WebSphere Hybrid Edition version 5.1 sans les correctifs de s\u00e9curit\u00e9 PH69757 et PH69729",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling B2B Integrator et Sterling File Gateway versions 6.2.x ant\u00e9rieures \u00e0 6.2.0.5_2",
"product": {
"name": "Sterling B2B Integrator",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar SIEM versions 7.5.x ant\u00e9rieures \u00e0 7.5.0 UP15",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar Suite Software versions 1.10.12.x ant\u00e9rieures \u00e0 1.11.9.0",
"product": {
"name": "QRadar Suite Software",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Control Center versions 6.3.1.x ant\u00e9rieures \u00e0 6.3.1.0 iFix07",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cloud Pak for Security versions 1.10.x ant\u00e9rieures \u00e0 1.11.9.0",
"product": {
"name": "Cloud Pak",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Control Center versions 6.4.1.x ant\u00e9rieures \u00e0 6.4.1.0 iFix01",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling B2B Integrator et Sterling File Gateway versions 6.2.1.x ant\u00e9rieures \u00e0 6.2.1.1_2",
"product": {
"name": "Sterling B2B Integrator",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-32996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32996"
},
{
"name": "CVE-2025-62727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62727"
},
{
"name": "CVE-2026-21933",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21933"
},
{
"name": "CVE-2026-21932",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21932"
},
{
"name": "CVE-2025-68349",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68349"
},
{
"name": "CVE-2025-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9287"
},
{
"name": "CVE-2025-14242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14242"
},
{
"name": "CVE-2024-47831",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47831"
},
{
"name": "CVE-2025-32421",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32421"
},
{
"name": "CVE-2025-12084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12084"
},
{
"name": "CVE-2025-53905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53905"
},
{
"name": "CVE-2025-6176",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6176"
},
{
"name": "CVE-2024-51479",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-51479"
},
{
"name": "CVE-2025-15367",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15367"
},
{
"name": "CVE-2025-39933",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39933"
},
{
"name": "CVE-2025-22150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22150"
},
{
"name": "CVE-2022-46337",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46337"
},
{
"name": "CVE-2025-38022",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38022"
},
{
"name": "CVE-2025-5372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5372"
},
{
"name": "CVE-2025-40322",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40322"
},
{
"name": "CVE-2025-38459",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38459"
},
{
"name": "CVE-2025-40271",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40271"
},
{
"name": "CVE-2024-11831",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11831"
},
{
"name": "CVE-2026-21925",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21925"
},
{
"name": "CVE-2022-50673",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50673"
},
{
"name": "CVE-2025-38024",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38024"
},
{
"name": "CVE-2024-51744",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-51744"
},
{
"name": "CVE-2025-6545",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6545"
},
{
"name": "CVE-2025-40269",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40269"
},
{
"name": "CVE-2025-55173",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55173"
},
{
"name": "CVE-2025-4897",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4897"
},
{
"name": "CVE-2025-48068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48068"
},
{
"name": "CVE-2025-27152",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27152"
},
{
"name": "CVE-2025-57752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57752"
},
{
"name": "CVE-2025-32997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32997"
},
{
"name": "CVE-2026-1188",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1188"
},
{
"name": "CVE-2023-53552",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53552"
},
{
"name": "CVE-2024-45296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45296"
},
{
"name": "CVE-2025-66471",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66471"
},
{
"name": "CVE-2026-21441",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21441"
},
{
"name": "CVE-2025-57350",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57350"
},
{
"name": "CVE-2025-66453",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66453"
},
{
"name": "CVE-2025-9288",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9288"
},
{
"name": "CVE-2025-15366",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15366"
},
{
"name": "CVE-2026-0865",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0865"
},
{
"name": "CVE-2025-40158",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40158"
},
{
"name": "CVE-2025-58457",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58457"
},
{
"name": "CVE-2025-48913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48913"
},
{
"name": "CVE-2025-59250",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59250"
},
{
"name": "CVE-2025-14104",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14104"
},
{
"name": "CVE-2024-52798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52798"
},
{
"name": "CVE-2025-64775",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64775"
},
{
"name": "CVE-2025-39760",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39760"
},
{
"name": "CVE-2025-40135",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40135"
},
{
"name": "CVE-2025-9086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9086"
},
{
"name": "CVE-2020-7660",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7660"
},
{
"name": "CVE-2024-29371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29371"
},
{
"name": "CVE-2025-38403",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38403"
},
{
"name": "CVE-2025-14031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14031"
},
{
"name": "CVE-2025-23184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23184"
},
{
"name": "CVE-2025-38415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38415"
},
{
"name": "CVE-2022-50865",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50865"
},
{
"name": "CVE-2025-29927",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29927"
},
{
"name": "CVE-2025-27533",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27533"
},
{
"name": "CVE-2023-44483",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44483"
},
{
"name": "CVE-2026-1299",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1299"
},
{
"name": "CVE-2025-40170",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40170"
},
{
"name": "CVE-2026-21945",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21945"
},
{
"name": "CVE-2026-1264",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1264"
},
{
"name": "CVE-2025-53906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53906"
},
{
"name": "CVE-2025-48924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
},
{
"name": "CVE-2025-8916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8916"
},
{
"name": "CVE-2025-66675",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66675"
},
{
"name": "CVE-2025-68301",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68301"
},
{
"name": "CVE-2025-38051",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38051"
},
{
"name": "CVE-2026-22998",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22998"
},
{
"name": "CVE-2025-40258",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40258"
},
{
"name": "CVE-2025-6547",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6547"
},
{
"name": "CVE-2025-40096",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40096"
},
{
"name": "CVE-2025-57352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57352"
},
{
"name": "CVE-2024-26766",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26766"
},
{
"name": "CVE-2025-66418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66418"
}
],
"initial_release_date": "2026-03-20T00:00:00",
"last_revision_date": "2026-03-20T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0327",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-03-20T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF)"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2026-03-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7266518",
"url": "https://www.ibm.com/support/pages/node/7266518"
},
{
"published_at": "2026-03-13",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7263574",
"url": "https://www.ibm.com/support/pages/node/7263574"
},
{
"published_at": "2026-03-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7266520",
"url": "https://www.ibm.com/support/pages/node/7266520"
},
{
"published_at": "2026-03-18",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7266678",
"url": "https://www.ibm.com/support/pages/node/7266678"
},
{
"published_at": "2026-03-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7266497",
"url": "https://www.ibm.com/support/pages/node/7266497"
},
{
"published_at": "2026-03-16",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7266324",
"url": "https://www.ibm.com/support/pages/node/7266324"
},
{
"published_at": "2026-03-18",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7266711",
"url": "https://www.ibm.com/support/pages/node/7266711"
},
{
"published_at": "2026-03-18",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7266677",
"url": "https://www.ibm.com/support/pages/node/7266677"
},
{
"published_at": "2026-03-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7266399",
"url": "https://www.ibm.com/support/pages/node/7266399"
},
{
"published_at": "2026-03-16",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7266321",
"url": "https://www.ibm.com/support/pages/node/7266321"
}
]
}
CERTFR-2026-AVI-0224
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
IBM indique les versions correctives 9.0.5.27 et 26.0.0.3 pour WebSphere Application Server seront disponibles au cours du premier trimestre 2026. La version 8.5.5.30 sera disponible au troisième trimestre 2026.
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | WebSphere | WebSphere Application Server versions 8.x antérieures à 8.5.5.30 | ||
| IBM | WebSphere | WebSphere Application Server - Liberty versions antérieures à 26.0.0.3 | ||
| IBM | QRadar Assistant | QRadar AI Assistant versions antérieures à 1.3.1 | ||
| IBM | Sterling | Sterling Secure Proxy versions 6.1.x antérieures à 6.1.0.3 GA | ||
| IBM | QRadar | QRadar SIEM versions 7.5.x antérieures à 7.5.0 UP14 IF05 | ||
| IBM | Sterling | Sterling Transformation Extender sans l'application des mesures de contournement décrites par l'éditeur | ||
| IBM | Sterling | Sterling Secure Proxy versions 6.2.1.x antérieures à 6.2.1.1 GA | ||
| IBM | Db2 | Db2 mirror pour i sans les derniers correctifs de sécurité | ||
| IBM | WebSphere | WebSphere Application Server versions 9.x antérieures à 9.0.5.27 | ||
| IBM | Sterling | Sterling Secure Proxy versions 6.2.x antérieures à 6.2.0.3 GA | ||
| IBM | Cognos Command Center | Cognos Command Center versions antérieures à 10.2.5 FP1 IF3 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "WebSphere Application Server versions 8.x ant\u00e9rieures \u00e0 8.5.5.30",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "WebSphere Application Server - Liberty versions ant\u00e9rieures \u00e0 26.0.0.3",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar AI Assistant versions ant\u00e9rieures \u00e0 1.3.1",
"product": {
"name": "QRadar Assistant",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Secure Proxy versions 6.1.x ant\u00e9rieures \u00e0 6.1.0.3 GA",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar SIEM versions 7.5.x ant\u00e9rieures \u00e0 7.5.0 UP14 IF05",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Transformation Extender sans l\u0027application des mesures de contournement d\u00e9crites par l\u0027\u00e9diteur",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Secure Proxy versions 6.2.1.x ant\u00e9rieures \u00e0 6.2.1.1 GA",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Db2 mirror pour i sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "WebSphere Application Server versions 9.x ant\u00e9rieures \u00e0 9.0.5.27",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Secure Proxy versions 6.2.x ant\u00e9rieures \u00e0 6.2.0.3 GA",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Command Center versions ant\u00e9rieures \u00e0 10.2.5 FP1 IF3",
"product": {
"name": "Cognos Command Center",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "IBM indique les versions correctives 9.0.5.27 et 26.0.0.3 pour WebSphere Application Server seront disponibles au cours du premier trimestre 2026. La version 8.5.5.30 sera disponible au troisi\u00e8me trimestre 2026.",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-21933",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21933"
},
{
"name": "CVE-2026-21932",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21932"
},
{
"name": "CVE-2025-12816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12816"
},
{
"name": "CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"name": "CVE-2025-65106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-65106"
},
{
"name": "CVE-2026-22610",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22610"
},
{
"name": "CVE-2025-66412",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66412"
},
{
"name": "CVE-2025-40240",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40240"
},
{
"name": "CVE-2025-69223",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69223"
},
{
"name": "CVE-2025-66035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66035"
},
{
"name": "CVE-2025-68664",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68664"
},
{
"name": "CVE-2026-22701",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22701"
},
{
"name": "CVE-2026-23745",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23745"
},
{
"name": "CVE-2026-22690",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22690"
},
{
"name": "CVE-2025-15284",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15284"
},
{
"name": "CVE-2025-69230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69230"
},
{
"name": "CVE-2025-66019",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66019"
},
{
"name": "CVE-2026-21925",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21925"
},
{
"name": "CVE-2025-66031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66031"
},
{
"name": "CVE-2025-69225",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69225"
},
{
"name": "CVE-2026-21860",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21860"
},
{
"name": "CVE-2025-40277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40277"
},
{
"name": "CVE-2023-53673",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53673"
},
{
"name": "CVE-2026-1615",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1615"
},
{
"name": "CVE-2025-69227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69227"
},
{
"name": "CVE-2026-1188",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1188"
},
{
"name": "CVE-2025-66471",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66471"
},
{
"name": "CVE-2025-68146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68146"
},
{
"name": "CVE-2025-66030",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66030"
},
{
"name": "CVE-2025-61140",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61140"
},
{
"name": "CVE-2025-66221",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66221"
},
{
"name": "CVE-2025-69228",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69228"
},
{
"name": "CVE-2025-39993",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39993"
},
{
"name": "CVE-2024-29371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29371"
},
{
"name": "CVE-2025-40154",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40154"
},
{
"name": "CVE-2025-13601",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13601"
},
{
"name": "CVE-2025-69226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69226"
},
{
"name": "CVE-2026-21945",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21945"
},
{
"name": "CVE-2025-40248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40248"
},
{
"name": "CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"name": "CVE-2025-69224",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69224"
},
{
"name": "CVE-2025-64756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64756"
},
{
"name": "CVE-2025-69229",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69229"
},
{
"name": "CVE-2025-68480",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68480"
},
{
"name": "CVE-2025-14847",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14847"
},
{
"name": "CVE-2025-68285",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68285"
},
{
"name": "CVE-2025-68615",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68615"
},
{
"name": "CVE-2026-22691",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22691"
},
{
"name": "CVE-2025-66418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66418"
}
],
"initial_release_date": "2026-02-27T00:00:00",
"last_revision_date": "2026-02-27T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0224",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-02-27T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2026-02-26",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7261959",
"url": "https://www.ibm.com/support/pages/node/7261959"
},
{
"published_at": "2026-02-25",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7261794",
"url": "https://www.ibm.com/support/pages/node/7261794"
},
{
"published_at": "2026-02-25",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7261890",
"url": "https://www.ibm.com/support/pages/node/7261890"
},
{
"published_at": "2026-02-25",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7261887",
"url": "https://www.ibm.com/support/pages/node/7261887"
},
{
"published_at": "2026-02-26",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7261935",
"url": "https://www.ibm.com/support/pages/node/7261935"
},
{
"published_at": "2026-02-20",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7261436",
"url": "https://www.ibm.com/support/pages/node/7261436"
},
{
"published_at": "2026-02-25",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7261774",
"url": "https://www.ibm.com/support/pages/node/7261774"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…