CVE-2026-6264

CVE-2026-6264 affects Talend JobServer and Talend Runtime. An unauthenticated remote code execution is possible via the JMX monitoring port on the JobServer. For mitigation: enable TLS client authentication on the JobServer’s JMX monitoring port and apply the patch for full protection. On Talend ...

WSO2多款产品 安全漏洞

WSO2 API Manager is an API lifecycle management solution, WSO2 API Manager Analytics is an analytics component, and WSO2 API Control Plane is a control panel. A security vulnerability exists in a number of WSO2 products. The vulnerability stems from insufficient enforcement of permissions in the...

EUVD-2010-2483

Malware in sbrugna...

Security Bulletin: Vulnerability in jjwt may affect IBM Business Automation Workflow - CVE-2024-31033

Summary IBM Business Automation Workflow packages a vulnerable copy of jjwt. Vulnerability Details CVEID:CVE-2024-31033 DESCRIPTION: An unspecified error with ignoring certain characters in jwtk JJWT aka Java JWT has an unknown impact and attack vector. CVSS Base score: 6.8 CVSS Temporal Score:...

The vulnerability of the IBM Business Automation Workflow software and the IBM Business Automation Workflow Enterprise Service Bus software platform lies in the lack of security measures for website structures. This allows attackers to execute cross-site scripting attacks.

The vulnerability of the IBM Business Automation Workflow software and the IBM Business Automation Workflow Enterprise Service Bus software platform relates to the lack of security measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to...

Security Bulletin: Information disclosure vulnerability affects IBM Business Automation Workflow - CVE-2024-38321

Summary IBM Business Automation Workflow is vulnerable to an information disclosure attack. Vulnerability Details CVEID:CVE-2024-38321 DESCRIPTION: IBM Business Automation Workflow 22.0.2, 23.0.1, 23.0.2, and 24.0.0 stores potentially sensitive information in log files under certain situations th...

Security Bulletin: A vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Buinses Automation Workflow (CVE-2024-45073)

Summary WebSphere Application Server is shipped as a component of IBM Business Automation Workflow. Information about a security vulnerability affecting IBM WebSphere Application Server Traditional have been published in a security bulletin. Vulnerability Details Refer to the security bulletins...

Security Bulletin: Information disclosure vulnerabilities affect IBM Business Automation Workflow - CVE-2024-28849, CVE-2024-21501

Summary IBM Business Automation Workflow Web Process Designer is vulnerable to information disclosure attacks. Vulnerability Details CVEID:CVE-2024-28849 DESCRIPTION: Node.js follow-redirects module could allow a remote authenticated attacker to obtain sensitive information, caused by the leakage...

Security Bulletin: A vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Buinses Automation Workflow (CVE-2024-22329)

Summary WebSphere Application Server is shipped as a component of IBM Business Automation Workflow. Information about a security vulnerability affecting IBM WebSphere Application Server Traditional have been published in a security bulletin. Vulnerability Details Refer to the security bulletins...

Security Bulletin: A vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Buinses Automation Workflow (CVE-2023-51775)

Summary WebSphere Application Server is shipped as a component of IBM Business Automation Workflow. Information about a security vulnerability affecting IBM WebSphere Application Server Traditional have been published in a security bulletin. Vulnerability Details Refer to the security bulletins...

Security Bulletin: Denial of service vulnerability in Johnzon affects IBM Business Automation Workflow - CVE-2023-33008

Summary IBM Business Automation Workflow is vulnerable to a denial of service attack. Vulnerability Details CVEID:CVE-2023-33008 DESCRIPTION: Apache Johnzon is vulnerable to a denial of service, caused by an unsafe deserialization flaw in BigDecimal. By sending a specially crafted JSON input, a...

Security Bulletin: A vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Buinses Automation Workflow (CVE-2023-50313)

Summary WebSphere Application Server is shipped as a component of IBM Business Automation Workflow. Information about a security vulnerability affecting IBM WebSphere Application Server Traditional have been published in a security bulletin. Vulnerability Details Refer to the security bulletins...

Security Bulletin: Cross-Site scripting vulnerability in ESAPI may affect IBM Business Automation Workflow - IBM X-Force ID: 273485

Summary IBM Business Automation Workflow is vulnerable to a Cross-Site scripting attack. Vulnerability Details IBM X-Force ID: 273485 DESCRIPTION: Enterprise Security API for Java is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the...

Security Bulletin: Information disclosure vulnerability in IBM WebSphere Application Server Liberty affect IBM Business Automation Workflow - CVE-2023-44483

Summary IBM WebSphere Application Server Liberty is shipped as a component of IBM Business Automation Workflow for User Management Services and Process Federation Server. IBM WebSphere Applciation Server Liberty is also the basis for containerized IBM Business Automation Workflow. A security...

Security Bulletin: Reflected cross-site scripting vulnerability affects IBM Business Automation Workflow - CVE-2023-50947

Summary IBM Business Automation Workflow is vulnerable to a reflected cross-site scripting attack. Vulnerability Details CVEID:CVE-2023-50947 DESCRIPTION: IBM Business Automation Workflow is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in...

Security Bulletin: Information leakage vulnerability affect IBM Business Automation Workflow - CVE-2023-40691

Summary IBM Business Automation Workflow is vulnerable to an information leakage attack. Vulnerability Details CVEID:CVE-2023-40691 DESCRIPTION: IBM Business Automation Workflow may reveal sensitive information contained in application configuration to developer and administrator users. CVSS Base...

Security Bulletin: A vulnerability has been identified in IBM WebSphere Application Server Liberty profile shipped with IBM Business Automation Workflow CVE-2023-38737)

Summary WebSphere Application Server Liberty profile is shipped as a component of IBM Business Automation Workflow. Information about a security vulnerability affecting IBM WebSphere Application Server Liberty profile have been published in a security bulletin. Vulnerability Details Refer to the...

Security Bulletin: Cross-site scripting vulnerability affect IBM Business Automation Workflow - CVE-2023-33858

Summary IBM Business Automation Workflow is vulnerable to a cross-site scripting attack. Vulnerability Details CVEID:CVE-2023-33858 DESCRIPTION: IBM Business Automation Workflow is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI...

Security Bulletin: A vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Business Automation Workflow (CVE-2023-35890)

Summary WebSphere Application Server is shipped as a component of IBM Business Automation Workflow. Information about a security vulnerability affecting IBM WebSphere Application Server Traditional have been published in a security bulletin. Vulnerability Details Refer to the security bulletins...

Security Bulletin: A security vulnerabilities has been identified in IBM WebSphere Application Server Liberty shipped with IBM Business Automation Workflow (CVE-2023-28867)

Summary WebSphere Application Server Liberty is shipped as part of IBM Business Automation Workflow containers and as part of the optional components Process Federation Server since 8.5.6, and User Management Service since 18.0.0.1 in IBM Business Automation Workflow traditional. Information abou...