IBM Cloud APM 安全漏洞

IBM Cloud APM is an application performance monitoring and operations analysis platform provided by the American multinational company IBM. There are security vulnerabilities in the IBM Cloud APM Base Private 8.1.4 version and the IBM Cloud APM Advanced Private 8.1.4 version. These vulnerabilitie...

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.1.5 update

An update is now available for Red Hat JBoss Enterprise Application Platform 8.1. Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.1.5 serves as a replaceme...

EUVD-2023-32422

Malicious code in bioql PyPI...

CVE-2023-28787

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ExpressTech Quiz And Survey Master.This issue affects Quiz And Survey Master: from n/a through 8.1.4...

PT-2025-2015 · Roxy-Wi · Roxy-Wi

Name of the Vulnerable Software and Affected Versions: Roxy-WI versions up to 8.1.3 Description: A critical issue has been found in Roxy-WI, affecting the action service function of the file app/modules/roxywi/roxy.py. The manipulation of the action/service argument leads to os command injection...

CVE-2024-36626

In prestashop 8.1.4, a NULL pointer dereference was identified in the mathround function within Tools.php...

PrestaShop 安全漏洞

PrestaShop is an open source e-commerce solution from the American company PrestaShop. The solution provides multiple payment methods, short message alerts and product image scaling. A security vulnerability exists in PrestaShop version 8.1.4, which stems from a NULL pointer dereference in the...

PT-2024-27102

Name of the Vulnerable Software and Affected Versions: Prestashop version 8.1.4 Description: A NULL pointer dereference was identified in the math round function within Tools.php. Recommendations: For Prestashop version 8.1.4, consider disabling the math round function within Tools.php until a...

CVE-2024-36626

CVE-2024-36626 affects PrestaShop 8.1.4. The vulnerability is a NULL pointer dereference in the math_round function within Tools.php, as identified across multiple sources. Impact is described as potential application crash or denial of service (per Veracode) with a low availability impact in CVS...

CVE-2024-36626

In prestashop 8.1.4, a NULL pointer dereference was identified in the mathround function within Tools.php...

Path traversal

PrestaShop is an open-source e-commerce platform. Starting in version 8.1.0 and prior to version 8.1.4, PrestaShop is vulnerable to path disclosure in a JavaScript variable. A patch is available in version 8.1.4...

PT-2024-21289 · Unknown · Prestashop

Name of the Vulnerable Software and Affected Versions: PrestaShop versions 8.1.0 through 8.1.3 Description: The issue concerns path disclosure in a JavaScript variable. A patch is available to resolve this problem. Recommendations: For PrestaShop versions 8.1.0 through 8.1.3, update to version...

PrestaShop Path Traversal Vulnerability

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides multiple payment methods, short message alerts and product image scaling. A path traversal vulnerability exists in PrestaShop versions 8.1.0 through prior to 8.1.4, which stems from...

PT-2023-21961 · Unknown · Solid Security

Name of the Vulnerable Software and Affected Versions: Solid Security – Password, Two Factor Authentication, and Brute Force Protection versions n/a through 8.1.4 Description: The issue is related to a URL Redirection to Untrusted Site, also known as an 'Open Redirect' vulnerability. This...

Security Bulletin: Multiple vulnerabilities in Akka affect IBM Application Performance Management products.

Summary Akka actor jar is used by IBM Application Performance Management. The vulnerabilities in the product component have been addressed. Vulnerability Details CVEID:CVE-2017-1000034 DESCRIPTION: Akka could allow a remote attacker to execute arbitrary code on the system, caused by a Java...

Security Bulletin: Multiple vulnerabilities in Apache POI affect IBM Application Performance Management products

Summary Apache POI is used by IBM Application Performance Management. The vulnerabilities in the product component have been addressed. Vulnerability Details CVEID:CVE-2017-12626 DESCRIPTION: Apache POI is vulnerable to a denial of service, caused by an error while parsing malicious WMF, EMF, MSG...

Security Bulletin: Multiple vulnerabilities in Apache Xerces2 Java XML Parser affect IBM Application Performance Management products

Summary Apache Xerces2 Java XML Parser is used by IBM Application Performance Management. Vulnerability Details CVEID:CVE-2022-23437 DESCRIPTION: Apache Xerces2 Java XML Parser is vulnerable to a denial of service, caused by an infinite loop in the XML parser. By persuading a victim to open a...

Security Bulletin: Multiple vulnerabilities in Apache Commons IO affect IBM Application Performance Management products

Summary Apache Commons IO is used by IBM Application Performance Management. Vulnerability Details CVEID:CVE-2021-29425 DESCRIPTION: Apache Commons IO could allow a remote attacker to traverse directories on the system, caused by improper input validation by the FileNameUtils.normalize method. An...

Security Bulletin: Multiple vulnerabilities in hadoop-hdfs-2.7.3.jar affect IBM Application Performance Management products

Summary There are multiple vulnerabilities in hadoop-hdfs-2.7.3.jar used by IBM Application Performance Management. IBM Application Performance Management has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2018-11768 DESCRIPTION: Apache Hadoop is vulnerable to a denial of service,...

Security Bulletin: Multiple vulnerabilities in pmml-model-1.2.15.jar affect IBM Application Performance Management products

Summary There are multiple vulnerabilities in pmml-model-1.2.15.jar used by IBM Application Performance Management. IBM Application Performance Management has addressed the applicable CVEs. Vulnerability Details IBM X-Force ID: 234344 DESCRIPTION: Java PMML JPMML-Model is vulnerable to an XML...