BD Pyxis™ MedBank Security Vulnerabilities

Ciuis CRM 1.0.8 Add Administrator

...

Aures Booking And POS Terminal Local Privilege Escalation

...

Dooblou WiFi File Explorer 1.13.3 Cross Site Scripting

...

Microsoft Inspire: Partner resources to prepare for the future of security with AI

Cybersecurity is one of the most pressing challenges of our time. With an ever-changing threat landscape and siloed data across multiple security point solutions, defenders have limited visibility. It’s difficult to stay current and find cybersecurity professionals amid the global talent shortage.....

Security Bulletin: Multiple Vulnerabilities in IBM Sterling Connect:Direct Browser User Interface due to Java and Eclipse

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions 8.0 and Eclipse Openj9. IBM Sterling Connect:Direct Browser User Interface has addressed the applicable CVEs. Vulnerability Details ** CVEID: CVE-2023-21930 DESCRIPTION: **An unspecified vulnerability in Oracle...

Aures Booking & POS Terminal - Local Privilege Escalation

...

PaulPrinting CMS - (Search Delivery) Cross Site Vulnerability

...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK (April 2023) affect IBM InfoSphere Information Server

Summary There are multiple vulnerabilities in the IBM® SDK Java™ Technology Edition, Version 8 that is used by IBM InfoSphere Information Server. These issues were disclosed as part of the IBM Java SDK updates in April 2023. Vulnerability Details ** CVEID: CVE-2023-21967 DESCRIPTION: **An...

CVE-2023-30559

The firmware update package for the wireless card is not properly signed and can be...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Functional Tester

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 1.8 and IBM® Runtime Environment Java™ Version 1.8 used by Rational Functional Tester. Rational Functional Tester has addressed the applicable CVEs. Vulnerability Details ** CVEID: CVE-2023-21930 DESCRIPTION:.....

Security Bulletin: IBM® Db2® with Federated configuration is vulnerable to arbitrary code execution. (CVE-2023-35012)

Summary IBM® Db2® with Federated configuration is vulnerable to arbitrary code execution as Db2 instance owner. Vulnerability Details ** CVEID: CVE-2023-35012 DESCRIPTION: **IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) with a Federated configuration is vulnerable to a...

Security Bulletin: IBM® Db2® federated server is vulnerable to a denial of service when using a specially crafted wrapper using certain options. (CVE-2023-30442)

Summary IBM® Db2® federated server is vulnerable to a denial of service as the server may crash when using a specially crafted wrapper using certain options. Vulnerability Details ** CVEID: CVE-2023-30442 DESCRIPTION: **IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) federated...

Security Bulletin: IBM® Db2® JDBC driver is vulnerable to remote code execution. (CVE-2023-27869, CVE-2023-27867, CVE-2023-27868)

Summary IBM® Db2® JDBC driver is vulnerable to multiple remote code execution issues. These vulnerabilties are addressed. Vulnerability Details ** CVEID: CVE-2023-27869 DESCRIPTION: **IBM Db2 JDBC Driver could allow a remote authenticated attacker to execute arbitrary code on the system, caused...

CVE-2023-20575

A potential power side-channel vulnerability in some AMD processors may allow an authenticated attacker to use the power reporting functionality to monitor a program’s execution inside an AMD SEV VM potentially resulting in a leak of sensitive...

AMD SEV VM Power Side Channel Security Bulletin

Bulletin ID:AMD-SB-3004 Potential Impact:Information disclosure Severity:Low Summary Researchers have reported a potential power side-channel attack using the Running Average Power Limit (RAPL) interface on AMD SEV VMs. The researchers focused only on the first generation of AMD SEV technology and....

Security Bulletin: Multiple Vulnerabilities in IBM® Runtime Environment Java™ Technology Edition affects WebSphere eXtreme Scale

Summary There are multiple vulnerabilities in IBM Runtime Environment Java Version 8 used by WebSphere eXtreme Scale. Vulnerability Details ** CVEID: CVE-2022-21426 DESCRIPTION: **An unspecified vulnerability in Java SE related to the JAXP component could allow an unauthenticated attacker to...

Security Bulletin: IBM Sterling Connect:Direct Web Services is vulnerable to multiple vulnerabilities due to IBM Java

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions. IBM Sterling Connect:Direct Web Services has addressed the applicable CVEs. Vulnerability Details ** CVEID: CVE-2023-21930 DESCRIPTION: **An unspecified vulnerability in Oracle Java SE, Oracle GraalVM...

2023.2 IPU – BIOS Advisory

Summary: Potential security vulnerabilities in BIOS firmware for some Intel® Processors may allow escalation of privilege and information disclosure. Intel is releasing firmware updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2022-33894 Description: Improper.....

Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect Liberty for Java for IBM Cloud due to April 2023 CPU

Summary There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with Liberty for Java for IBM Cloud. The CVE(s) listed in this document might affect some configurations of Liberty for Java for IBM Cloud. These products have addressed the applicable CVE(s). If...

Tiva Events Calender v1.4 - Cross Site Scripting Vulnerability

...

Security Bulletin: Multiple CVEs may affect IBM® SDK, Java™ Technology Edition shipped with IBM CICS TX Advanced

Summary CVE-2023-21930, CVE-2023-21967, CVE-2023-21954, CVE-2023-21939, CVE-2023-21968, CVE-2023-21937, CVE-2023-21938 and CVE-2023-2597 may affect IBM® SDK, Java™ Technology Edition shipped with IBM CICS TX Advanced. IBM CICS TX Advanced has addressed the applicable CVEs. Vulnerability Details...

Security Bulletin: Multiple CVEs may affect IBM® SDK, Java™ Technology Edition shipped with IBM CICS TX Standard

Summary CVE-2023-21930, CVE-2023-21967, CVE-2023-21954, CVE-2023-21939, CVE-2023-21968, CVE-2023-21937, CVE-2023-21938 and CVE-2023-2597 may affect IBM® SDK, Java™ Technology Edition shipped with IBM CICS TX Standard. IBM CICS TX Standard has addressed the applicable CVEs. Vulnerability Details...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM License Metric Tool v9.

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 used by IBM License Metric Tool. These issues were disclosed as part of the IBM Java SDK updates in Apr 2023. Vulnerability Details ** CVEID: CVE-2023-21930 DESCRIPTION: **An unspecified vulnerability in...

Active Super Shop CMS v2.5 - HTML Injection Vulnerabilities

...

Citrix Gateway And Cloud MFA Insufficient Session Validation

...

Dooblou WiFi File Explorer 1.13.3 - Multiple Vulnerabilities

...

Security Bulletin: Multiple vulnerabilities in IBM® Java SDK affects IBM WebSphere Application Server April 2023 CPU that is bundled with IBM WebSphere Application Server Patterns

Summary IBM WebSphere Application Server is shipped as a component of IBM WebSphere Application Server Patterns. There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server. These issues were disclosed in the IBM® Java SDK...

Security Bulletin: Multiple vulnerabilities of Apache Ant (ant-1.7.0.jar, ant-1.8.4.jar) have affected APM JBoss, APM WebLogic and APM SAP NetWeaver Java™ Stack Agents.

Summary APM JBoss, APM WebLogic and APM SAP NetWeaver Java™ Stack Agents are vulnerable to Apache Ant(ant-1.7.0.jar, ant-1.8.4.jar) CVE-2021-36373, CVE-2020-1945, CVE-2012-2098, CVE-2020-11979, CVE-2021-36374. The fix includes ant jar upgraded to ant-1.10.13.jar. Vulnerability Details ** CVEID:...

Citrix Gateway&Cloud MFA - Session Validation Vulnerability

...

Webile v1.0.1 - Multiple Cross Site Web Vulnerabilities

...

Boom CMS v8.0.7 - Cross Site Scripting Vulnerability

...

Citrix Gateway & Cloud - Session Validation Vulnerability

...

Security Bulletin: Vulnerability in IBM Java SDK and IBM Java Runtime affects TPF Toolkit

Summary A vulnerability in IBM® SDK Java™ Technology Edition and IBM® Runtime Environment Java™ that is used by TPF Toolkit has been addressed. Vulnerability Details ** CVEID: CVE-2023-21967 DESCRIPTION: **An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related...

Security Bulletin: NVIDIA DGX A100 and DGX A800 - June 2023

NVIDIA has released a firmware security update for the NVIDIA DGX™ A100 system and the NVIDIA DGX A800 system. This update addresses issues that may lead to code execution, denial of service, data tampering, escalation of privileges, and information disclosure. To protect your system, download and....

Security Bulletin: Multiple vulnerabilities may affect CICS Transaction Gateway for Multiplatforms and CICS Transaction Gateway Desktop Edition.

Summary IBM® Runtime Environment Java™ is used by CICS Transaction Gateway for Multiplatforms and CICS Transaction Gateway Desktop Edition. The fix updates the Java Runtime Environment to resolve the following vulnerabilities. Vulnerability Details ** CVEID: CVE-2022-21426 DESCRIPTION: **An...

Security Bulletin: IBM OpenPages with Watson has addressed a IBM SDK, Java Technology Edition (CVE-2023-30441)

Summary IBM OpenPages with Watson has addressed sensitive information exposure vulnerability caused by CVE-2023-30441. There is a vulnerability in the IBM® SDK, Java™ Technology Edition that is shipped with IBM OpenPages with Watson. The CVE(s) listed in this document might affect some...

Security Bulletin: NVIDIA CUDA Toolkit - June 2023

NVIDIA has released a software update for NVIDIA® CUDA® Toolkit software. This update addresses security issues that may lead to partial denial of service. To protect your system, download and install this software update from the CUDA Toolkit Downloads page. Go to NVIDIA Product Security. Details....

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM Tivoli Netcool Configuration Manager (CVE-2018-3180, CVE-2018-3139)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 6, 8 and IBM® Runtime Environment Java™ Technology Edition, Versions 6, 8 used by IBM Tivoli Netcool Configuration Manager. These issues were disclosed as part of the IBM Java SDK updates in October 2018. ...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM Tivoli Netcool Configuration Manager

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 6, 8 and IBM® Runtime Environment Java™ Technology Edition, Versions 6, 8 used by IBM Tivoli Netcool Configuration Manager. These issues were disclosed as part of the IBM Java SDK updates in July 2018. ...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM Tivoli Netcool Configuration Manager (CVE-2018-2783, CVE-2018-2800, CVE-2018-2790).

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 6, 8 and IBM® Runtime Environment Java™ Technology Edition, Versions 6, 8 used by IBM Tivoli Netcool Configuration Manager. These issues were disclosed as part of the IBM Java SDK updates in April 2018. ...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM Tivoli Netcool Configuration Manager (ITNCM)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 6, 7, 8 and IBM® Runtime Environment Java™ Technology Edition, Versions 6, 7, 8 used by IBM Tivoli Netcool Configuration Manager. These issues were disclosed as part of the IBM Java SDK updates in October...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM Tivoli Netcool Configuration Manager (ITNCM)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 6, 7, 8 and IBM® Runtime Environment Java™ Technology Edition, Versions 6, 7, 8 used by IBM Tivoli Netcool Configuration Manager. These issues were disclosed as part of the IBM Java SDK updates in January...

Security Bulletin: CVE-2022-21426 may affect IBM® SDK, Java™ Technology Edition shipped with IBM CICS TX Standard

Summary CVE-2022-21426 may affect IBM® SDK, Java™ Technology Edition shipped with IBM CICS TX Standard. IBM CICS TX Standard has addressed the applicable CVE. Vulnerability Details ** CVEID: CVE-2022-21426 DESCRIPTION: **An unspecified vulnerability in Java SE related to the JAXP component could...

Security Bulletin: CVE-2022-21426 may affect IBM® SDK, Java™ Technology Edition shipped with IBM CICS TX Advanced

Summary CVE-2022-21426 may affect IBM® SDK, Java™ Technology Edition shipped with IBM CICS TX Advanced. IBM CICS TX Advanced has addressed the applicable CVE. Vulnerability Details ** CVEID: CVE-2022-21426 DESCRIPTION: **An unspecified vulnerability in Java SE related to the JAXP component could...

Security Bulletin: CVE-2023-21830 and CVE-2023-21843 may affect IBM® SDK, Java™ Technology Edition shipped with IBM CICS TX Standard

Summary CVE-2023-21830 and CVE-2023-21843 may affect IBM® SDK, Java™ Technology Edition shipped with IBM CICS TX Standard. IBM CICS TX Standard has addressed the applicable CVEs. Vulnerability Details ** CVEID: CVE-2023-21830 DESCRIPTION: **An unspecified vulnerability in Java SE related to the...

Security Bulletin: CVE-2023-21830 and CVE-2023-21843 may affect IBM® SDK, Java™ Technology Edition shipped with IBM CICS TX Advanced

Summary CVE-2023-21830 and CVE-2023-21843 may affect IBM® SDK, Java™ Technology Edition shipped with IBM CICS TX Advanced. IBM CICS TX Advanced has addressed the applicable CVEs. Vulnerability Details ** CVEID: CVE-2023-21830 DESCRIPTION: **An unspecified vulnerability in Java SE related to the...

Security Bulletin: Vulnerabilities in IBM Java SDK affect IBM Tivoli Business Service Manager (CVE-2023-21830, CVE-2023-21843)

Summary IBM® SDK Java™ Technology Edition is shipped as a component of IBM Tivoli Business Service Manager. IBM Tivoli Business Service Manager has addressed the applicable issues: CVE-2023-21830, CVE-2023-21843. Vulnerability Details ** CVEID: CVE-2023-21830 DESCRIPTION: **An unspecified...

Security Bulletin: Security vulnerabilities in IBM Java SDK affect IBM Tivoli Netcool Impact (CVE-2023-21830, CVE-2023-21843)

Summary IBM® SDK Java™ Technology Edition is shipped as a component of IBM Tivoli Netcool Impact. IBM Tivoli Netcool Impact has addressed the applicable issues: CVE-2023-21830, CVE-2023-21843. Vulnerability Details ** CVEID: CVE-2023-21830 DESCRIPTION: **An unspecified vulnerability in Java SE...

Security Bulletin: Vulnerability in IBM Java SDK affects IBM Tivoli Business Service Manager (CVE-2022-21426)

Summary IBM® SDK Java™ Technology Edition is shipped as a component of IBM Tivoli Business Service Manager. IBM Tivoli Business Service Manager has addressed the applicable issue, CVE-2022-21426. Vulnerability Details ** CVEID: CVE-2022-21426 DESCRIPTION: **An unspecified vulnerability in Java SE.....

Security Bulletin: A security vulnerability in IBM Java SDK affects IBM Tivoli Netcool Impact (CVE-2022-21426)

Summary IBM® SDK Java™ Technology Edition is shipped as a component of IBM Tivoli Netcool Impact. IBM Tivoli Netcool Impact has addressed the applicable issue, CVE-2022-21426. Vulnerability Details ** CVEID: CVE-2022-21426 DESCRIPTION: **An unspecified vulnerability in Java SE related to the JAXP.....