11 matches found
Security Bulletin: IBM MQ Blockchain bridge is vulnerable to an issue identified in snakeyaml (CVE-2022-25857)
Summary An issue was identified with the snakeyaml package that is used by the fabric gateway package that is used by the IBM MQ Blockchain bridge package to provide Blockchain functionality in IBM MQ. Vulnerability Details CVEID:CVE-2022-25857 DESCRIPTION: Java package org.yaml:snakeyam is...
Security Bulletin: An issue was identified in IBM WebSphere Application Server Liberty that IBM MQ ships (CVE-2022-34165)
Summary An issue was identified in IBM WebSphere Application Server Liberty that IBM MQ ships to provide MQ Console and MQ REST API functionality. Vulnerability Details CVEID:CVE-2022-34165 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 and IBM WebSphere Application Server...
Security Bulletin: An issue was identified with IBM® Runtime Environment Java™ Technology Edition, Version 8 supplied by IBM MQ (CVE-2021-2163)
Summary An issue was identified with IBM® Runtime Environment Java™ Technology Edition, Versions 7 and 8 supplied by IBM MQ versions. The IBM® Runtime Environment Java™ Technology Edition, Version 8 is used for Java Client, JMS Client, AMQP, MQTT, Blockchain Bridge, Salesforce Bridge, Java AMS, M...
Security Bulletin: IBM MQ Appliance is vulnerable to cross-site request forgery (CVE-2022-31773)
Summary IBM MQ Appliance has resolved a cross-site request forgery vulnerability. Vulnerability Details CVEID:CVE-2022-31773 DESCRIPTION: IBM DataPower Gateway V10CD, 10.0.1, and 2018.4.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthoriz...
Security Bulletin: IBM MQ Appliance is affected by a Kernel vulnerability (CVE-2020-25705)
Summary IBM MQ Appliance has resolved a Kernel vulnerability. Vulnerability Details CVEID:CVE-2020-25705 DESCRIPTION: Linux Kernel could allow a remote attacker to bypass security restrictions, caused by a flaw in the way reply ICMP packets are limited. By sending a specially-crafted request, an...
Security Bulletin: IBM MQ Blockchain bridge dependencies are vulnerable to issues in SnakeYAML (CVE-2022-38749, CVE-2022-38750, CVE-2022-38751 & CVE-2022-38752)
Summary A denial of service issue was identified within SnakeYAML that is used by Fabric Gateway. Fabric Gateway is used by the IBM MQ blockchain bridge component of IBM MQ to provide connection capability between IBM MQ queue managers and Hyperledger Fabric. Vulnerability Details...
Oracle Database Server Multiple Vulnerabilities (Oct 2006)
Oracle database is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:databaseserver";...
CVE-2007-2110
Unspecified vulnerability in the Core RDBMS component for Oracle Database 9.0.1.5+, 9.2.0.7, and 10.1.0.4 on Windows systems has unknown impact and attack vectors, aka DB03. NOTE: as of 20070424, Oracle has not disputed reliable claims that DB03 occurs because RDBMS uses a NULL Discretionary Acce...
Buffer overflow
Unspecified vulnerability in the Upgrade/Downgrade component of Oracle Database 9.0.1.5 and 9.2.0.7 has unknown impact and attack vectors, aka DB13. NOTE: as of 20070424, Oracle has not disputed reliable claims that this is a buffer overflow involving the "mig utility."...
CVE-2006-5345
Unspecified vulnerability in Oracle Spatial component in Oracle Database 9.0.1.5, 9.2.0.7, and 10.1.0.4 has unknown impact and remote authenticated attack vectors related to mdsys.sdogeom, aka Vuln DB22. NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties that DB22 i...
CVE-2006-0272
CVE-2006-0272 affects Oracle Database Server’s XML Database (XML DB) component, specifically the DBMS_XMLSCHEMA package family. The issue is a buffer overflow in DBMS_XMLSCHEMA.GENERATESCHEMA (and GENERATESCHEMA_INT) caused by insufficient validation of input arguments. A remote attacker with val...