CVE-2025-3354
published 2025-08-06CVE-2025-3354: IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 20 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. A remote…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 20 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. A remote attacker could overflow a buffer and execute arbitrary code on the system or cause the server to crash.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | tivoli_monitoring | — | — |
| ibm | tivoli_monitoring | 6.3.0.7 – 6.3.0.7 SP20 | — |
| msrc | azl3_qemu_6.2.0-18_on_azure_linux_3.0 | — | — |
| msrc | azl3_qemu_8.2.0-1_on_azure_linux_3.0 | — | — |
| msrc | azure_linux_3.0_arm | — | — |
| msrc | azure_linux_3.0_x64 | — | — |
| msrc | cbl2_qemu_6.2.0-19_on_cbl_mariner_2.0 | — | — |
| msrc | cbl_mariner_2.0_arm | — | — |
| msrc | cbl_mariner_2.0_x64 | — | — |