121 matches found
Security Bulletin: Multiple Vulnerabilities affects IBM License Metric Tool v9
Summary Multiple vulnerabilities have been remediated in components used by IBM License Metric Tool Vulnerability Details CVEID:CVE-2025-68161 DESCRIPTION: The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname verification of the peer certificate...
Security Bulletin: A vulnerability in WebSphere Application Server Liberty affects IBM License Metric Tool
Summary There is a vulnerability in the WebSphere Application Server Liberty used by IBM License Metric Tool. Vulnerability Details CVEID:CVE-2025-12635 DESCRIPTION: IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.12 are affected by...
CVE-2023-43044
IBM License Metric Tool 9.2 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system. IBM X-Force ID: 266893...
Security Bulletin: Multiple Vulnerabilities affects IBM License Metric Tool v9.
Summary Multiple vulnerabilities have been remediated in components used by IBM License Metric Tool. Vulnerability Details CVEID:CVE-2025-8916 DESCRIPTION: Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. BC Java bcpkix on All API modules,...
EUVD-2014-8754
Malware in sbrugna...
EUVD-2014-4697
Malware in sbrugna...
EUVD-2014-8753
Malware in sbrugna...
EUVD-2014-4695
Malware in sbrugna...
EUVD-2014-4693
Malware in sbrugna...
EUVD-2014-8751
Malware in sbrugna...
EUVD-2023-47465
Malicious code in bioql PyPI...
CVE-2025-36351
IBM License Metric Tool 9.2.0 through 9.2.40 could allow an authenticated user to bypass access controls in the REST API interface and perform unauthorized actions...
CVE-2025-36351
IBM License Metric Tool 9.2.0 through 9.2.40 could allow an authenticated user to bypass access controls in the REST API interface and perform unauthorized actions...
CVE-2025-36351 IBM License Metric Tool bypass security
IBM License Metric Tool 9.2.0 through 9.2.40 could allow an authenticated user to bypass access controls in the REST API interface and perform unauthorized actions...
CVE-2025-36352
IBM License Metric Tool (ILMT) versions 9.2.0–9.2.40 are vulnerable to stored cross-site scripting (CXS) in the Web UI, exploitable by an authenticated user and potentially leading to credentials disclosure in a trusted session. The issue is tied to IBM’s advisory and public CVE-2025-36352 record...
CVE-2025-36352 IBM License Metric Tool cross-site scripting
IBM License Metric Tool 9.2.0 through 9.2.40 is vulnerable to stored cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted sessi...
CVE-2025-36352 IBM License Metric Tool cross-site scripting
IBM License Metric Tool 9.2.0 through 9.2.40 is vulnerable to stored cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted sessi...
PT-2025-39829
Name of the Vulnerable Software and Affected Versions IBM License Metric Tool versions 9.2.0 through 9.2.40 Description An authenticated user can bypass access controls within the REST API interface, potentially leading to unauthorized actions. The issue relates to access control within the REST...
PT-2025-39830
Name of the Vulnerable Software and Affected Versions IBM License Metric Tool versions 9.2.0 through 9.2.40 Description The software is susceptible to stored cross-site scripting. An authenticated user can embed arbitrary JavaScript code within the Web UI, potentially altering functionality and...
Security Bulletin: Multiple Vulnerabilities affects IBM License Metric Tool v9.
Summary Multiple vulnerabilities have been remediated in components used by IBM License Metric Tool. Vulnerability Details CVEID:CVE-2025-21587 DESCRIPTION: An unspecified vulnerability in Java SE related to the Server: DDL component could allow a remote attacker to cause high confidentiality and...