6 matches found
Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by OS Command Injection vulnerability (CVE-2016-0236)
Summary IBM Security Guardium Database Activity Monitor could allow an authenticated attacker to injection commands into the search field that will be executed as root. Vulnerability Details CVEID: CVE-2016-0236 DESCRIPTION: IBM Security Guardium Database Activity Monitor could allow an...
Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by vulnerabilities in Oracle MySQL (Multiple CVEs)
Summary IBM Security Guardium Database Activity Monitor has addressed the following vulnerabilities Vulnerability Details CVEID: CVE-2017-3642 DESCRIPTION: An unspecified vulnerability in Oracle MySQL related to the Server: Optimizer component could allow an authenticated attacker to cause a deni...
Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by OpenSource LibXML2 and LibXML Vulnerability (CVE-2015-7942 CVE-2015-8241 CVE-2015-8242)
Summary libxml2 is vulnerable to a stack-based buffer overflow, denial of service and a buffer overflow Vulnerability Details CVEID: CVE-2015-8242 DESCRIPTION: libxml2 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the HTML parser in push mode in...
Information disclosure
IBM Security Guardium Database Activity Monitor 10 allows local users to obtain sensitive information by reading cached browser data. IBM X-Force ID: 110328...
CVE-2016-0240
IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100 does not enable the HSTS protection mechanism, which makes it easier for remote attackers to obtain sensitive information by leveraging use of HTTP...
IBM Security Guardium Database Activity Monitor Local Command Injection Vulnerability
IBM Security Guardium Database Activity Monitor is a database activity monitor product from IBM USA. The product provides features such as automated controls for compliance and protection against internal and external threats. A local command injection vulnerability exists in IBM Security Guardiu...