EUVD-2016-10493

Malware in sbrugna...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM WebSphere Cast Iron Solution & App Connect Professional

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, used by IBM WebSphere Cast Iron & App Connect Professional. These issues were disclosed as part of the IBM Java SDK updates in October 2020. IBM WebSphere Cast Iron & App Connect Professional have addressed the...

Security Bulletin: IBM WebSphere Cast Iron Solution & App Connect Professional is affected by Open Source vulnerabilities

Summary IBM WebSphere Cast Iron Solution & App Connect Professional has addressed the open source vulnerabilities. Vulnerability Details CVEID: CVE-2019-9824 DESCRIPTION: tcpemu in slirp/tcpsubr.c aka slirp/src/tcpsubr.c in QEMU 3.0.0 uses uninitialized data in an snprintf call, leading to...

Security Bulletin: IBM WebSphere Cast Iron Solution & App Connect Professional is affected by Open Source vulnerabilities

Summary IBM WebSphere Cast Iron Solution & App Connect Professional has addressed the reported open source vulnerabilities. Vulnerability Details CVEID: CVE-2019-3863 DESCRIPTION: A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose...

Security Bulletin: IBM WebSphere Cast Iron Solution is affected by Apache Tomcat vulnerabilities (CVE-2016-8735, CVE-2016-6816)

Summary There are vulnerabilities CVE-2016-8735, CVE-2016-6816 reported in Apache Tomcat v6 that is used by WebSphere Cast Iron Solution. WebSphere Cast Iron has remediated the affected versions. Vulnerability Details CVEID: CVE-2016-8735 DESCRIPTION: Apache Tomcat could allow a remote attacker t...

PT-2019-16922 · Ibm · Ibm Mq

Name of the Vulnerable Software and Affected Versions: IBM MQ versions 7.1.0.0 through 7.1.0.9 IBM MQ versions 7.5.0.0 through 7.5.0.9 IBM MQ versions 8.0.0.0 through 8.0.0.11 IBM MQ versions 9.0.0.0 through 9.0.0.6 IBM MQ versions 9.1.0.0 through 9.1.0.2 IBM MQ versions 9.1.1 through 9.1.2...

Security Bulletin: IBM WebSphere Cast Iron Solution is affected by Apache Tomcat vulnerabilities (CVE-2018-11784, CVE-2018-8034)

Summary IBM WebSphere Cast Iron Solution has addressed the following vulnerabilities reported in Apache Tomcat v7. Vulnerability Details CVEID: CVE-2018-11784 DESCRIPTION: Apache Tomcat could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability in the...

Security Bulletin: IBM DataPower Gateway is affected by a CSRF vulnerability (CVE-2018-1661)

Summary IBM DataPower Gateway has addressed the following vulnerability: CVE-2018-1661 Vulnerability Details CVEID: CVE-2018-1661 DESCRIPTION: IBM DataPower Gateways is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted...

Security Bulletin: IBM DataPower Gateway is affected by a Denial of Service vulnerability (CVE-2018-12115)

Summary IBM DataPower Gateway has addressed the following vulnerability: CVE-2018-12115 Vulnerability Details CVEID: CVE-2018-12115 DESCRIPTION: Node.js is vulnerable to a denial of service, caused by an out-of-bounds write in Buffer. An attacker could exploit this vulnerability to write to memor...

Security Bulletin: A Security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Business Process Manager, WebSphere Process Server and WebSphere Lombardi Edition (CVE-2016-8934)

Summary WebSphere Application Server is shipped as a component of IBM Business Process Manager, WebSphere Process Server, and WebSphere Lombardi Edition. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability...

CVE-2016-9691

IBM WebSphere Cast Iron Solution 7.0.0 and 7.5.0.0 is vulnerable to a denial of service, caused by an XML External Entity Injection XXE error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all available memory...

Xxe

IBM WebSphere Cast Iron Solution 7.0.0 and 7.5.0.0 is vulnerable to a denial of service, caused by an XML External Entity Injection XXE error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all available memory...

CVE-2016-9691

CVE-2016-9691—IBM WebSphere Cast Iron Solution : Affected products are WebSphere Cast Iron Solution 7.0.0 and 7.5.0.0. The flaw is an XML External Entity (XXE) vulnerability in XML data processing, enabling a remote attacker to cause a denial of service and potentially expose sensitive informatio...

CVE-2016-9692

IBM WebSphere Cast Iron Solution 7.0.0 and 7.5.0.0 is vulnerable to External Service Interaction attack, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to induce the application to perform server-side DNS lookups or HTTP requests to...

CVE-2005-0081

MySQL MaxDB 7.5.0.0, and other versions before 7.5.0.21, allows remote attackers to cause a denial of service crash via an HTTP request with invalid headers...