Lucene search
+L

169 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2019/12/20 4:10 p.m.57 views

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Tivoli Netcool Configuration Manager (ITNCM)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 6 that is used by ITNCM. This also includes a fix for the Padding Oracle On Downgraded Legacy Encryption POODLE SSLv3 vulnerability CVE-2014-3566. These were disclosed as part of the IBM Java...

4.3CVSS0.8AI score0.99999EPSS
Exploits7Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/10/09 12:0 a.m.28 views

Puppet Enterprise 2018.x < 2018.1.1 Code Execution Vulnerability

According to its self-reported version number, the Puppet install running on the remote host is version 5.5.x prior to 2018.1.1. It is, therefore, affected by a code execution vulnerability when upgrading the pe-razor-server component. C Tenable Network Security, Inc. include"compat.inc"; if...

9.8CVSS9AI score0.01942EPSS
Exploits0References2
NVD
NVD
added 2019/05/14 3:29 p.m.20 views

CVE-2019-6512

An issue was discovered in WSO2 API Manager 2.6.0. It is possible to force the application to perform requests to the internal workstation SSRF port-scanning, other adjacent workstations SSRF network scanning, or to enumerate files because of the existence of the file:// wrapper...

4.1CVSS4.5AI score0.01116EPSS
Exploits0References3
CVE
CVE
added 2019/05/14 2:24 p.m.49 views

CVE-2019-6512

WSO2 API Manager 2.6.0 is affected by an SSRF issue that can force the application to access internal resources via the file:// wrapper, enabling requests to internal/workstation hosts (port-scanning), neighboring systems (network scanning), or file enumeration. The root cause is the presence of ...

4.1CVSS4.4AI score0.01116EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2019/05/14 2:24 p.m.26 views

CVE-2019-6512

An issue was discovered in WSO2 API Manager 2.6.0. It is possible to force the application to perform requests to the internal workstation SSRF port-scanning, other adjacent workstations SSRF network scanning, or to enumerate files because of the existence of the file:// wrapper...

4.5AI score0.01116EPSS
Exploits0References3
Veracode
Veracode
added 2019/05/02 5:12 a.m.50 views

Privilege Escalation

The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Multiple flaws were discovered in the Libraries, 2D, and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain...

6.8CVSS4.7AI score0.04102EPSS
Exploits0References32Affected Software3
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/31 2:10 a.m.44 views

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Flex System Manager (FSM) (Multiple CVEs)

Summary There are multiple vulnerabilities in IBM Runtime Environment Java Technology Edition, Version 1.6 and 1.7 that is used by IBM Flex System Manager FSM. This also includes a fix for the Padding Oracle On Downgraded Legacy Encryption POODLE SSLv3 vulnerability CVE-2014-3566. These were...

10CVSS1AI score0.99999EPSS
Exploits7
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/31 1:55 a.m.34 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM System Networking Switch Center (CVE-2014-3566, CVE-2014-6512, CVE-2014-6457 CVE-2015-0410, CVE-2015-6593)

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition, Version 7 that is used by IBM System Networking Switch Center. This also includes a fix for the Padding Oracle On Downgraded Legacy Encryption POODLE SSLv3 vulnerabilityCVE-2014-3566. These were disclosed as part of th...

5CVSS1.4AI score0.99999EPSS
Exploits12
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/31 1:45 a.m.36 views

Security Bulletin: Vulnerability in SSLv3 and multiple vulnerabilities in IBM Java Runtime affect IBM Systems Director (CVE-2014-6512, CVE-2014-6457 and CVE-2014-3566)

Summary There are multiple vulnerabilities in IBM Runtime Environment Java Technology Edition, Version 7 Service Refresh 7 Fix Pack 1 and earlier releases that is used by affect IBM Systems Director. This also includes a fix for the Padding Oracle On DowngradedLegacy Encryption POODLE SSLv3...

4.3CVSS0.6AI score0.99999EPSS
Exploits7
NVD
NVD
added 2019/01/24 4:29 a.m.22 views

CVE-2018-17660

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

8.8CVSS8.8AI score0.03918EPSS
Exploits0References2
CVE
CVE
added 2019/01/24 4:0 a.m.53 views

CVE-2018-17660

CVE-2018-17660 affects Foxit Reader 9.2.0.9297 on Windows. The flaw resides in the resetData method of a Host object, failing to validate the existence of an object before performing operations, which can allow an attacker to execute arbitrary code in the current process. The vulnerability requir...

8.8CVSS7.8AI score0.03918EPSS
Exploits0References2Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 12:9 a.m.37 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Virtualization Engine TS7700 - October 2014 & January 2015

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7, IBM SDK Java Technology Edition, Version 6, and IBM SDK Java 2 Technology Edition, Version 5 that are used by IBM Virtualization Engine TS7700. These issues were disclosed as part of the IBM Java SDK updat...

5CVSS1.3AI score0.99999EPSS
Exploits12Affected Software5
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:23 p.m.31 views

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Security SiteProtector System (CVE-2014-6512, CVE-2014-6457)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 7 that is used by IBM Security SiteProtector System. These issues were disclosed as part of the IBM Java SDK updates in October 2014. Vulnerability Details CVEID: CVE-2014-6512 DESCRIPTION: An...

4.3CVSS1.3AI score0.03422EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:22 p.m.33 views

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Security Network Protection (CVE-2014-6512, CVE-2014-6457, CVE-2014-6558, CVE-2014-3065)

Summary There are multiple vulnerabilities in IBM Runtime Environment Java Technology Edition, Version 7 that is used by IBM Security Network Protection. These issues were disclosed as part of the IBM Java SDK updates in October 2014. Vulnerability Details CVEID:CVE-2014-6512 DESCRIPTION:An...

6.9CVSS1.5AI score0.03422EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:2 a.m.36 views

Security Bulletin: Multiple vulnerabilities in IBM SDK for Java Technology Edition affect WebSphere Dynamic Process Edition (CVE-2014-6512, CVE-2014-6457, CVE-2014-6558, CVE-2014-3566)

Summary There are multiple vulnerabilities in IBM® SDK for Java™ Technology Edition that is used by WebSphere Dynamic Process Edition. This also includes a fix for the Padding Oracle On Downgraded Legacy Encryption POODLE SSLv3 vulnerability CVE-2014-3566. These issues were disclosed as part of t...

4.3CVSS6.5AI score0.99999EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:2 a.m.41 views

Security Bulletin: Multiple vulnerabilities in IBM SDK for Java Technology Edition affect IBM Business Process Manager and WebSphere Lombardi Edition (CVE-2014-6512, CVE-2014-6457, CVE-2014-6558, CVE-2014-3566)

Summary There are multiple vulnerabilities in IBM SDK for Java Technology Edition that is used by IBM Business Process Manager and WebSphere Lombardi Edition. This also includes a fix for the Padding Oracle On Downgraded Legacy Encryption POODLE SSLv3 vulnerability CVE-2014-3566. These issues wer...

4.3CVSS0.4AI score0.99999EPSS
Exploits7Affected Software4
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:1 a.m.34 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect WebSphere Application Server October 2014 CPU

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped with IBM WebSphere Application Server. This also includes a fix for the Padding Oracle On Downgraded Legacy Encryption POODLE SSLv3 vulnerability CVE-2014-3566. These issues were disclosed as part of t...

10CVSS0.8AI score0.99999EPSS
Exploits8Affected Software1
CVE
CVE
added 2018/06/11 8:0 p.m.57 views

CVE-2018-6512

CVE-2018-6512 affects Puppet Enterprise 2018.1.x prior to 2018.1.1 and razor-server/pe-razor-server prior to 1.9.0.0, enabling unsafe code execution when upgrading pe-razor-server. Connected sources confirm affected versions and components. Exploitation status is not specified in the documents. R...

9.8CVSS9.7AI score0.01942EPSS
Exploits0References1Affected Software3
Ubuntu
Ubuntu
added 2018/04/17 9:0 p.m.71 views

USN-3625-2: Perl vulnerabilities

USN-3625-1 fixed a vulnerability in Perl. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that Perl incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause Perl to hang, resulting in a...

9.8CVSS7.5AI score0.10866EPSS
Exploits1
Ubuntu
Ubuntu
added 2018/04/16 12:47 p.m.80 views

USN-3625-1: Perl vulnerabilities

It was discovered that Perl incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause Perl to hang, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS. CVE-2015-8853 It was discovered that Perl incorrectly loaded libraries from th...

9.8CVSS7.4AI score0.10866EPSS
Exploits1
Rows per page
Query Builder