EUVD-2017-10729

Malware in sbrugna...

EUVD-2016-3940

Malware in sbrugna...

EUVD-2017-10447

Malware in sbrugna...

Security Bulletin: Potential security exposure when using IBM® InfoSphere® Streams due to vulnerabilities in IBM Java™ SE Version 6 SDK.

Abstract IBM InfoSphere Streams makes use of IBM Java SE Version 6 SR12 SDK. Potential security exposures exist in IBM InfoSphere Streams due to vulnerabilities in IBM Java SE Version 6 SDK. Content VULNERABILITY DETAILS: CVE-2013-0440, CVE-2013-0443 DESCRIPTION: Vulnerabilities in the IBM Java S...

Security Bulletin: Potential security exposure when using IBM InfoSphere Streams due to vulnerabilities in IBM Java SE Version 6 SDK.

Abstract IBM InfoSphere Streams makes use of IBM Java SE Version Version 6 SDK. Potential security exposures exist in IBM InfoSphere Streams due to vulnerabilities in IBM Java SE Version 6 SDK. Content VULNERABILITYDETAILS: CVE-2012-1718, CVE-2012-3143, CVE-2012-3159, CVE-2012-5081 DESCRIPTION:...

Security Bulletin: The embedded help system in IBM InfoSphere Streams contains a potential vulnerability (CVE-2013-0599)

Abstract The embedded help system in IBM InfoSphere Streams has a potential vulnerability where sensitive information about the help system’s implementation is disclosed. Content VULNERABILITY DETAILS: CVE ID:CVE-2013-059 9 CVSS: CVSS Base Score: 5.0 CVSS Temporal Score: See...

CVE-2017-1713

IBM InfoSphere Streams 4.2.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 134632...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server Liberty which may impact IBM Streams (CVE-2017-1681)

Summary IBM WebSphere Application Server WAS Liberty profile is shipped as a component of IBM Streams. Information about a security vulnerabilities affecting WAS Liberty profile has been published in a security bulletin. Vulnerability Details CVEID: CVE-2017-1681 DESCRIPTION: IBM WebSphere...

Security Bulletin: IBM Streams may be affected by XMLsoft Libxml2 vulnerabilities

Summary The libxml2 library, used by IBM Streams may have security vulnerabilities. IBM Streams has addressed the applicable CVE. Vulnerability Details CVE-ID: CVE-2015-8806 Description: Libxml2 is vulnerable to a denial of service, caused by a heap-buffer overread in dict.c. By persuading a vict...

Security Bulletin: Multiple vulnerabilities in XMLsoft Libxml2 affect IBM Streams

Summary There are multiple vulnerabilities in Libxml2 library used by IBM Streams. IBM Streams has addressed the applicable CVEs. Vulnerability Details CVE-ID: CVE-2016-2073 Description: libxml2 is vulnerable to a heap-based buffer overflow, caused by an out-of-bounds read in the...

Security Bulletin: A Vulnerability in IBM Java SDK affects IBM Streams (CVE-2016-5597)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 Service Refresh 11 used by IBM Streams. These issues were disclosed as part of the IBM Java SDK updates in October 2016. Vulnerability Details CVEID: CVE-2016-5597 DESCRIPTION: An unspecified vulnerability ...

Security Bulletin: A vulnerability in the instance runAsUser function was found in IBM InfoSphere Streams (CVE-2016-2867)

Summary There is a potential vulnerability in IBM InfoSphere Streams when the instance runAsUser property is set. IBM InfoSphere Streams has addressed this vulnerability. Vulnerability Details CVEID: CVE-2016-2867 DESCRIPTION: In certain supported configurations of IBM InfoSphere Streams, setting...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM InfoSphere Streams (CVE-2016-0466, CVE-2016-0448)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 Service Refresh 2 Fix Pack 11 and earlier releases, Version 7R1 Service Refresh 3 Fix Pack 31 and earlier releases, and Version 6 Service Refresh 16 Fix Pack 21 and earlier releases. If you run your own Jav...

Security Bulletin: Vulnerability in libxml2 affects IBM InfoSphere Streams. (CVE-2015-8710)

Summary There is a vulnerability in libxml2 that is used by IBM InfoSphere Streams. IBM InfoSphere Streams has addressed this vulnerability. Vulnerability Details CVE-ID: CVE-2015-8710 Description: Libxml2 is vulnerable to a denial of service, caused by an out-of-bounds memory access when parsing...

Security Bulletin: Vulnerability in libxml2 affects IBM InfoSphere Streams. (CVE-2015-8317)

Summary There is a vulnerability in libxml2 that is used by IBM InfoSphere Streams. IBM InfoSphere Streams has addressed this vulnerability. Vulnerability Details CVE-ID: CVE-2015-8317 Description: libxml2 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the...

Security Bulletin: IBM InfoSphere Streams update of IBM® SDK Java™ Technology Edition (CVE-2016-0363, CVE-2016-0376)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 Service Refresh 2 Fix Pack 11 and earlier releases, Version 7R1 Service Refresh 3 Fix Pack 31 and earlier releases, and Version 6 Service Refresh 16 Fix Pack 21 and earlier releases provided with IBM...

Security Bulletin: A vulnerability in XML processing affects IBM InfoSphere Streams (CVE-2015-1819)

Summary IBM InfoSphere Streams may be vulnerable to a denial of service attack due to the use of Libxml2 CVE-2015-1819 Vulnerability Details CVEID:CVEID: CVE-2015-1819 DESCRIPTION: Libxml is vulnerable to a denial of service, caused by an XML External Entity Injection XXE error in the xmlreader...

CVE-2017-1431

IBM InfoSphere Streams 4.0, 4.1, and 4.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 127632...

CVE-2016-2867

IBM InfoSphere Streams before 4.0.1.2 and IBM Streams before 4.1.1.1 do not properly implement the runAsUser feature, which allows local users to obtain root group privileges via unspecified vectors...

Oracle Java SE CVE-2013-5838 Remote Security Vulnerability

Description Oracle Java SE is prone to a remote security vulnerability. The vulnerability can be exploited over multiple protocols. This issue affects the 'Libraries' sub-component. This vulnerability affects the following supported versions: Java SE 7u25, Java SE Embedded 7u25 Technologies...