150 matches found
CVE-2019-4516
CVE-2019-4516 affects IBM Security Key Lifecycle Manager (SKLM) v3.0 through v3.0.0.3 and v3.0.1 through v3.0.1.2. The vulnerability arises from the use of weaker than expected cryptographic algorithms, which could allow an attacker to decrypt highly sensitive information. Mitigation provided by ...
SUSE CVE-2016-8880
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-4516. Reason: This candidate is a duplicate of CVE-2011-4516. Notes: All CVE users should reference CVE-2011-4516 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage...
CVE-2022-4516
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none...
CVE-2022-4516
A flaw was found in OpenShift kube-apiserver. This flaw allows a user to exec into a pod for which they do not have permission, resulting in a loss of confidentiality and integrity...
Security Bulletin: Cross-site scripting vulnerability affects IBM Business Automation Workflow and IBM Business Process Manager (BPM) - CVE-2020-4516
Summary IBM Business Process Manager and IBM Business Automation Workflow are vulnerable to a cross-site scripting attack. Vulnerability Details CVEID: CVE-2020-4516 DESCRIPTION: IBM Business Process Manager and IBM Business Automation Workflow is vulnerable to cross-site scripting. This...
Ubuntu: Security Advisory (USN-4516-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 18.04 LTS : GnuPG vulnerability (USN-4516-1)
The remote Ubuntu 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4516-1 advisory. It was discovered that GnuPG signatures could be forged when the SHA-1 algorithm is being used. This update removes validating signatures based on SHA-1 that were...
CVE-2020-4516
IBM Business Process Manager 8.5, 8.6 and IBM Business Automation Workflow 18.0, 19.0, and 20.0 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials...
CVE-2020-4516
CVE-2020-4516 affects IBM BPM (8.5, 8.6) and IBM Business Automation Workflow (18.0, 19.0, 20.0). Root cause: cross-site scripting due to improper input neutralization in the Web UI, enabling attackers to inject arbitrary JavaScript and potentially disclose credentials within a trusted session. A...
Debian: Security Advisory (DSA-4516-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-4516-1 : firefox-esr - security update
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, cross-site scripting, bypass of the same-origin policy, sandbox escape, information disclosure or denial of service. C Tenable Network Security, Inc. The...
CVE-2017-4516
CVE-2017-4516 is rejected/not used according to the Initial Description.
CVE-2017-4516
...
CVE-2016-8880
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-4516. Reason: This candidate is a duplicate of CVE-2011-4516. Notes: All CVE users should reference CVE-2011-4516 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...
Design/Logic Flaw
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-4516. Reason: This candidate is a duplicate of CVE-2011-4516. Notes: All CVE users should reference CVE-2011-4516 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...
UBUNTU-CVE-2016-8880
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-4516. Reason: This candidate is a duplicate of CVE-2011-4516. Notes: All CVE users should reference CVE-2011-4516 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...
CVE-2016-8880
REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-4516. Reason: This candidate is a duplicate of CVE-2011-4516. Notes: All CVE users should reference CVE-2011-4516 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usag...
CVE-2016-4516
CVE-2016-4516 affects ABB PCM600 (pre-2.7) where the main application password is stored insecurely after a change, allowing local attackers with access to obtain the password from the configuration/file storage. Multiple sources (NVD/NIST, ICS-CERT advisory ICSA-16-152-02, CNVD/CVEs, and Positiv...
CVE-2013-4516
The mpgetcount function in drivers/staging/sb105x/sbpcimp.c in the Linux kernel before 3.12 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call...
[slackware-security] jasper
New jasper packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/jasper-1.900.1-i486-4slack14.1.txz: Rebuilt. Applied many security and bug fixes. Thanks to Heinz Wiesinger...