EUVD-2015-5059

Malware in sbrugna...

Security Bulletin: IBM Emptoris Contract Management is vulnerable to unspecified vulnerability due to Oracle Database Server (CVE-2021-35576)

Summary IBM Emptoris Contract Management supports usage of Oracle Database Server as a backend application database. Oracle Database Server is vulnerable to unspecified vulnerabilities that has been addressed. Vulnerability Details CVEID: CVE-2021-35576 DESCRIPTION: An unspecified vulnerability i...

Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Contract Management (CVE-2021-35558)

Summary IBM Emptoris Contract Management supports Oracle database server as a backend database. The remediated version of Oracle database server has been certified by IBM Emptoris Contract Management. Vulnerability Details CVEID: CVE-2021-35558 DESCRIPTION: An unspecified vulnerability in Oracle...

Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Contract Management (CVE-2021-35619)

Summary An Oracle database server vulnerability affects IBM Emptoris Contract Management. The issue has been addressed. Vulnerability Details CVEID: CVE-2021-35619 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the Java VM component could allow an authenticated...

Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Contract Management (CVE-2021-2335)

Summary An Oracle database server vulnerability was addressed by IBM Emptoris Contract Management. Vulnerability Details CVEID: CVE-2021-2335 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the Database - Enterprise Edition Data Redaction component could allow an...

Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Contract Management (CVE-2021-2334)

Summary An Oracle database server vulnerability has been addressed in IBM Emptoris Contract Management. Vulnerability Details CVEID: CVE-2021-2334 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the Database - Enterprise Edition Data Redaction component could allow ...

Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Contract Management (CVE-2021-2336)

Summary An Oracle database server vulnerability was addressed in IBM Emptoris Contract Management. Vulnerability Details CVEID: CVE-2021-2336 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the Database - Enterprise Edition Data Redaction component could allow an...

Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Contract Management (CVE-2021-2438)

Summary An Oracle Database Server security vulnerability has been addressed in IBM Emptoris Contract Management. Vulnerability Details CVEID: CVE-2021-2438 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the Java VM component could allow an authenticated attacker to...

Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Contract Management (CVE-2021-2329)

Summary An Oracle database server vulnerability has been addressed by IBM Emptoris Contract Management. Vulnerability Details CVEID: CVE-2021-2329 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the XML DB component could allow an authenticated attacker to take...

Security Bulletin: Multiple IBM Db2 Server Vulnerabilities Affect IBM Emptoris Contract Management

Summary Multiple IBM Db2 Server vulnerabilities affect IBM Emptoris Contract Management. Vulnerability Details CVEID: CVE-2021-20579 DESCRIPTION: IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a user who can create a view or inline SQL...

Security Bulletin: IBM Db2 Server Vulnerability Affects IBM Emptoris Contract Management (CVE-2021-29702)

Summary An IBM Db2 Server vulnerability affects IBM Emptoris Contract Management. Vulnerability Details CVEID: CVE-2021-29702 DESCRIPTION: Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.1.4 and 11.5.5 is vulnerable to a denial of service as the server terminates abnormally when...

Security Bulletin: Multiple Oracle Database Server Vulnerabilities Affect IBM Emptoris Contract Management

Summary Multiple Oracle database server security vulnerabilities affect IBM Emptoris Contract Management. Vulnerability Details CVEID: CVE-2021-2245 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the Database - Enterprise Edition Unified Audit component could allow...

Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Contract Management (CVE-2021-2207)

Summary An Oracle database server security vulnerabilities affect IBM Emptoris Contract Management. Vulnerability Details CVEID: CVE-2021-2207 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the Oracle Database - Enterprise Edition component could allow an...

Security Bulletin: Multiple IBM DB2 Server Vulnerabilities Affect IBM Emptoris Contract Management

Summary Multiple IBM DB2 server security vulnerabilities affect IBM Emptoris Contract Management. Vulnerability Details CVEID: CVE-2020-4701 DESCRIPTION: IBM DB2 for Linux, UNIX and Windows includes DB2 Connect Server 10.5, 11.1, and 11.5 is vulnerable to a buffer overflow, caused by improper...

Security Bulletin: Multiple Oracle Database Server Vulnerabilities Affect IBM Emptoris Contract Management

Summary Multiple Oracle Database Server security vulnerabilities affect IBM Emptoris Contract Management. Vulnerability Details CVEID: CVE-2020-14741 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the Database Filesystem component could allow an authenticated...

CVE-2020-4892

IBM Emptoris Contract Management 10.1.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 190979...

CVE-2020-4892

IBM Emptoris Contract Management 10.1.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 190979...

Information disclosure

IBM Emptoris Contract Management and IBM Emptoris Spend Analysis 10.1.0, 10.1.1, and 10.1.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM...

Cross site scripting

IBM Emptoris Contract Management 10.1.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 190979...

IBM Emptoris Contract Management 跨站脚本漏洞

IBM Emptoris Contract Management is a web-based contract management software for managing and maintaining legal contracts between parties. A cross-site scripting vulnerability exists in IBM Emptoris Contract Management 10.1.3. An attacker can exploit this vulnerability to embed arbitrary JavaScri...