145 matches found
Security Bulletin: Multiple vulnerabilities in jackson-databind affect IBM Application Performance Management products
Summary Multiple vulnerabilities in jackson-databind-2 used by IBM Application Performance Management. The vulnerabilites below have been addressed. Vulnerability Details CVEID:CVE-2023-35116 DESCRIPTION: Fasterxml jackson-databind is vulnerable to a denial of service, caused by a stack-based...
Security Bulletin: Multiple vulnerabilities in libthrift affect IBM Application Performance Management products
Summary libthrift jar is used by IBM Application Performance Management. Vulnerability Details CVEID:CVE-2018-1320 DESCRIPTION: Apache Thrift could allow a remote attacker to bypass security restrictions, caused by the disablement of an assert used to determine if the SASL handshake had...
Security Bulletin: Multiple vulnerabilities in Lightbend Spray spray-json affect IBM Application Performance Management products.
Summary Lightbend Spray spray-json is used by IBM Application Performance Management. Vulnerability Details CVEID:CVE-2018-18854 DESCRIPTION: Lightbend Spray spray-json is vulnerable to a denial of service, caused by an error during the parsing of many JSON object fields. By sending a...
Security Bulletin: Multiple vulnerabilities in Apache Batik affect IBM Application Performance Management products
Summary Apache Batik is used by IBM Application Performance Management. Vulnerability Details CVEID:CVE-2022-40146 DESCRIPTION: Apache Batik is vulnerable to server-side request forgery, caused by a flaw in the DefaultScriptSecurity function. By sending a specially-crafted request, an attacker...
Security Bulletin: Multiple vulnerabilities in Apache Xerces2 Java XML Parser affect IBM Application Performance Management products
Summary Apache Xerces2 Java XML Parser is used by IBM Application Performance Management. Vulnerability Details CVEID:CVE-2022-23437 DESCRIPTION: Apache Xerces2 Java XML Parser is vulnerable to a denial of service, caused by an infinite loop in the XML parser. By persuading a victim to open a...
Security Bulletin: Vulnerabilities in IBM DB2 affects IBM Application Performance Management products.
Summary IBM DB2 is used by IBM Application Performance Management. Vulnerability Details CVEID:CVE-2023-29257 DESCRIPTION: IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 10.5, 11.1, and 11.5 is vulnerable to remote code execution as a database administrator of one database may...
Security Bulletin: Multiple vulnerabilities in Apache Commons IO affect IBM Application Performance Management products
Summary Apache Commons IO is used by IBM Application Performance Management. Vulnerability Details CVEID:CVE-2021-29425 DESCRIPTION: Apache Commons IO could allow a remote attacker to traverse directories on the system, caused by improper input validation by the FileNameUtils.normalize method. An...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Application Performance Management products
Summary IBM Java SDK is used by IBM Application Performance Management. Vulnerability Details CVEID:CVE-2023-30441 DESCRIPTION: IBM Runtime Environment, Java Technology Edition IBMJCEPlus and JSSE 8.0.7.0 through 8.0.7.11 components could expose sensitive information using a combination of flaws...
Security Bulletin: Vulnerabilities in IBM Websphere Application Server affects IBM Application Performance Management.
Summary IBM Websphere Application Server - Liberty is used by IBM Application Performance Management. Vulnerability Details CVEID:CVE-2022-22475 DESCRIPTION: IBM WebSphere Application Server Liberty and Open Liberty 17.0.0.3 through 22.0.0.5 are vulnerable to identity spoofing by an authenticated...
Security Bulletin: Multiple vulnerabilities in ivy-2.4.0.jar affect IBM Application Performance Management products
Summary There are multiple vulnerabilities in ivy-2.4.0.jar used by IBM Application Performance Management. IBM Application Performance Management has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2022-37865 DESCRIPTION: Apache Ivy could allow a local authenticated attacker to...
Security Bulletin: Multiple vulnerabilities in hadoop-hdfs-2.7.3.jar affect IBM Application Performance Management products
Summary There are multiple vulnerabilities in hadoop-hdfs-2.7.3.jar used by IBM Application Performance Management. IBM Application Performance Management has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2018-11768 DESCRIPTION: Apache Hadoop is vulnerable to a denial of service,...
Security Bulletin: Multiple vulnerabilities in scala-compiler-2.11.8.jar affect IBM Application Performance Management products
Summary There are multiple vulnerabilities in scala-compiler-2.11.8.jar used by IBM Application Performance Management. IBM Application Performance Management has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2017-15288 DESCRIPTION: Scala could allow a local authenticated attacke...
Security Bulletin: Multiple vulnerabilities in pmml-model-1.2.15.jar affect IBM Application Performance Management products
Summary There are multiple vulnerabilities in pmml-model-1.2.15.jar used by IBM Application Performance Management. IBM Application Performance Management has addressed the applicable CVEs. Vulnerability Details IBM X-Force ID: 234344 DESCRIPTION: Java PMML JPMML-Model is vulnerable to an XML...
Security Bulletin: Multiple vulnerabilities in guava-14.0.1.jar affect IBM Application Performance Management products
Summary There are multiple vulnerabilities in guava-14.0.1.jar used by IBM Application Performance Management. IBM Application Performance Management has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2018-10237 DESCRIPTION: Google Guava is vulnerable to a denial of service, cause...
Security Bulletin: Multiple vulnerabilities in commons-codec-1.10.jar affect IBM Application Performance Management products
Summary There are multiple vulnerabilities in commons-codec-1.10.jar used by IBM Application Performance Management. IBM Applicatoon Performance Management has addressed the applicable CVEs. Vulnerability Details IBM X-Force ID: 177835 DESCRIPTION: Apache Commons Codec could allow a remote attack...
Security Bulletin: Multiple vulnerabilities in the IBM SDK, Java Technology Edition affects APM Agents for Monitoring
Summary Multiple vulnerabilities in the Oracle Java SE and the Java SE Embedded impact the IBM SDK, Java Technology Edition. This effects all IBM Cloud Application Performance Management agents, all versions. Vulnerability Details CVEID:CVE-2021-28167 DESCRIPTION: Eclipse Openj9 could allow a...
Security Bulletin: A vulneraqbility in SQLite affects IBM Cloud Application Performance Managment R esponse Time Monitoring Agent (CVE-2021-45346)
Summary A Memory Leak vulnerabilty exists in SQLite Project SQLite3 3.35.1 and 3.37.0 via maliciously crafted SQL Queries made via editing the Database File, it is possible to query a record, and leak subsequent bytes of memory that extend beyond the record, which could let a malicous user obtain...
Security Bulletin: A vulneraqbility in SQLite affects IBM Cloud Application Performance Managment R esponse Time Monitoring RRT Agent (CVE-2021-45346)
Summary A Memory Leak vulnerabilty exists in SQLite Project SQLite3 3.35.1 and 3.37.0 via maliciously crafted SQL Queries made via editing the Database File, it is possible to query a record, and leak subsequent bytes of memory that extend beyond the record, which could let a malicous user obtain...
Vulnerabilities fixed in Oracle Enterprise Manager
Oracle has fixed vulnerabilities in the following products: Enterprise Manager Base Platform Application Testing Suite APM - Application Performance Management Enterprise Manager Ops Center The vulnerabilities potentially enable a malicious party to execute attacks that result in the following...
CVE-2021-22514
An arbitrary code execution vulnerability exists in Micro Focus Application Performance Management, affecting versions 9.40, 9.50 and 9.51. The vulnerability could allow remote attackers to execute arbitrary code on affected installations of APM...