40 matches found
CVE-2023-50324
IBM Cognos Command Center 10.2.4.1 and 10.2.5 exposes details the X-AspNet-Version Response Header that could allow an attacker to obtain information of the application environment to conduct further attacks. IBM X-Force ID: 275038...
EUVD-2013-3932
Malware in sbrugna...
EUVD-2023-55129
Malicious code in bioql PyPI...
EUVD-2024-29757
Malicious code in bioql PyPI...
CVE-2022-38707
IBM Cognos Command Center 10.2.4.1 could allow a local attacker to obtain sensitive information due to insufficient session expiration. IBM X-Force ID: 234179...
Security Bulletin: IBM Cognos Command Center has addressed vulnerabilites
Summary There are vulnerabilities in IBM® Semeru Java™ Version 11 used by IBM Cognos Command Center. IBM Cognos Command Center 10.2.5 IF3 has addressed the applicable CVEs by upgrading to IBM® Semeru Java™ Version 11.0.24.0. Additionally, IBM Cognos Command Center has addressed a vulnerability th...
Security Bulletin: IBM Cognos Command Center has addressed vulnerabilities IBM® Semeru Java™ Version 11 and Apache Commons
Summary There are vulnerabilities in IBM® Semeru Java™ Version 11, Apache Commons Compress and Apache Commons Configuration used by IBM Cognos Command Center. IBM Cognos Command Center 10.2.5 IF2 has addressed the applicable CVEs by upgrading to non-vulnerable versions of these libraries. Please...
Security Bulletin: IBM Cognos Command Center has addressed vulnerabilities IBM® Semeru Java™ Version 11, Apache ActiveMQ and Microsoft .Net MVC Framework for ASP.Net
Summary There are vulnerabilities in IBM® Semeru Java™ Version 11, Apache ActiveMQ and Microsoft .Net MVC Framework for ASP.Net used by IBM Cognos Command Center. IBM Cognos Command Center 10.2.5 IF1 has addressed the applicable CVEs by upgrading to non-vulnerable versions of these libraries...
Security Bulletin: IBM Cognos Command Center has addressed vulnerabilities in IBM® Semeru Java™ Version 11 and Eclipse Jetty
Summary There are vulnerabilities in IBM® Semeru Java™ Version 11 and Eclipse Jetty used by IBM Cognos Command Center. IBM Cognos Command Center 10.2.5 has addressed the applicable CVEs by upgrading to IBM® Semeru JRE 11.0.20.0 CVE-2023-22049, CVE-2023-22036 and Eclipse Jetty 10.0.17...
Security Bulletin: IBM Cognos Command Center is affected by multiple vulnerabilities (CVE-2023-21939, CVE-2023-21967, CVE-2022-29117, XFID: 234366)
Summary There are vulnerabilities in IBM® Semeru Java™ Version 11 used by IBM Cognos Command Center. IBM Cognos Command Center 10.2.4 Fix Pack 1 IF19 has addressed the applicable CVEs by upgrading to IBM® Semeru JRE 11.0.19.0 CVE-2023-21939, CVE-2023-21967. The following 3rd party components used...
CVE-2022-38707
IBM Cognos Command Center 10.2.4.1 could allow a local attacker to obtain sensitive information due to insufficient session expiration. IBM X-Force ID: 234179...
CVE-2022-38707 IBM Cognos Command Center information disclosure
IBM Cognos Command Center 10.2.4.1 could allow a local attacker to obtain sensitive information due to insufficient session expiration. IBM X-Force ID: 234179...
PT-2023-13637 · Ibm · Ibm Cognos Command Center
Name of the Vulnerable Software and Affected Versions: IBM Cognos Command Center version 10.2.4.1 Description: The issue allows a local attacker to obtain sensitive information due to insufficient session expiration. Recommendations: For IBM Cognos Command Center version 10.2.4.1, consider...
Security Bulletin: IBM Cognos Command Center is vulnerable to a remote code execution vulnerability in Apache Commons Text (CVE-2022-42889)
Summary A remote code execution vulnerability in Apache Commons Text used by IBM Cognos Command Center was addressed. Vulnerability Details CVEID:CVE-2022-42889 DESCRIPTION: Apache Commons Text could allow a remote attacker to execute arbitrary code on the system, caused by an insecure...
Security Bulletin: IBM Cognos Command Center is affected by multiple vulnerabilities
Summary There are vulnerabilities in IBM® Semeru Java™ Version 11 used by IBM Cognos Command Center. IBM Cognos Command Center 10.2.4 Fix Pack 1 IF17 has addressed the applicable CVEs by upgrading to IBM® Semeru JRE 11.0.18.0 CVE-2022-21449, CVE-2022-21434, CVE-2022-21443, CVE-2022-21624,...
Security Bulletin: IBM Cognos Command Center is affected by multiple vulnerabilities
Summary There are vulnerabilities in IBM® Runtime Environment Java™ Version 8 CVE-2022-21248, CVE-2022-21293, CVE-2022-21294, CVE-2022-21341, CVE-2021-35578, CVE-2021-35603, CVE-2021-35550 and Eclipse Openj9 CVE-2021-41035 used by IBM Cognos Command Center. IBM Cognos Command Center 10.2.4 Fix Pa...
Security Bulletin: IBM Cognos Command Center is affected but not classified as vulnerable by a remote code execution in Spring Framework (CVE-2022-22965)
Summary IBM Cognos Command Center is affected but not classified as vulnerable to a remote code execution in Spring Framework CVE-2022-22965 as it does not meet all of the following criteria: 1. JDK 9 or higher, 2. Apache Tomcat as the Servlet container, 3. Packaged as WAR in contrast to a Spring...
Security Bulletin: Multiple Vulnerabilities in IBM Java Runtime affect IBM Cognos Command Center
Summary There are vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 8 that is used by IBM Cognos Command Center. These issues were disclosed as part of the IBM Java SDK update for July 2021 and April 2021 as well as CVE-2020-14782 defered from October 2020 IBM Java SDK...
Security Bulletin: Multiple Vulnerabilities in IBM Java Runtime affect IBM Cognos Command Center
Summary There are vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 8 that is used by IBM Cognos Command Center. These issues were disclosed as part of the IBM Java SDK update for April 2020 and July 2020. Vulnerability Details CVEID: CVE-2020-2781 DESCRIPTION: An...
Security Bulletin: IBM Cognos Command Center has addressed multiple vulnerabilities (Q12021)
Summary There is a vulnerability in IBM® Runtime Environment Java™ Version 8 used by IBM Cognos Command Center. This issue was disclosed as part of the IBM Java SDK updates in October 2020. IBM Command Center 10.2.4 FP1 IF14 has addressed the applicable CVE. Additionally , a vulnerability in jQue...