94 matches found
EUVD-2020-25880
Malware in sbrugna...
EUVD-2020-25883
Malware in sbrugna...
EUVD-2020-25882
Malware in sbrugna...
EUVD-2016-6996
Malware in sbrugna...
EUVD-2019-14140
Malware in sbrugna...
EUVD-2020-26111
Malware in sbrugna...
EUVD-2021-16254
Malware in sbrugna...
EUVD-2021-7985
Malicious code in bioql PyPI...
EUVD-2021-7984
Malicious code in bioql PyPI...
EUVD-2022-4181
Malicious code in bioql PyPI...
EUVD-2021-7945
Malicious code in bioql PyPI...
Security Bulletin: IBM Resilient SOAR is vulnerable to command injection (CVE-2024-38319)
Summary It was possible for a privileged user to inject malicious commands that could be executed as another user. This issue has been addressed. Vulnerability Details CVEID:CVE-2024-38319 DESCRIPTION: IBM Security SOAR could allow an authenticated user to execute malicious code loaded from a...
SUSE CVE-2021-37939
It was discovered that Kibana's JIRA connector & IBM Resilient connector could be used to return HTTP response data on internal hosts, which may be intentionally hidden from public view. Using this vulnerability, a malicious user with the ability to create connectors, could utilize these connecto...
Security Bulletin: IBM Resilient SOAR is Using Components with Known Vulnerabilities - Java SE (CVE-2020-2773)
Summary IBM Resilient SOAR is Using Components with Known Vulnerabilities - Java SE. Vulnerability Details CVEID:CVE-2020-2773 DESCRIPTION: An unspecified vulnerability in Java SE related to the Java SE Security component could allow an unauthenticated attacker to cause a denial of service...
Security Bulletin: IBM Resilient Platform could allow formula injection in Excel (CVE-2020-4633)
Summary Formula injection is possible in an Excel report generated by the Resilient platform, when a field name or value begins with specific characters. Vulnerability Details CVEID:CVE-2020-4633 DESCRIPTION: IBM Resilient could allow a remote attacker to execute arbitrary code on the system,...
GHSA-HP5F-QQRW-C8GJ Kibana Sensitive Data Disclosure
It was discovered that Kibana’s JIRA connector & IBM Resilient connector could be used to return HTTP response data on internal hosts, which may be intentionally hidden from public view. Using this vulnerability, a malicious user with the ability to create connectors, could utilize these connecto...
Kibana Sensitive Data Disclosure
It was discovered that Kibana’s JIRA connector & IBM Resilient connector could be used to return HTTP response data on internal hosts, which may be intentionally hidden from public view. Using this vulnerability, a malicious user with the ability to create connectors, could utilize these connecto...
Security Bulletin: A dependency of ElasticSearch as used in IBM® Resilient SOAR is vulnerable to Apache Log4j (CVE-2021-44228).
Summary Apache Log4j, a dependency of ElasticSearch as used in IBM® Resilient SOAR, is vulnerable to information disclosure. Elastic Search is used by IBM® Resilient SOAR for text search. This bulletin provides a mitigation for the vulnerability. Customers are encouraged to update their systems n...
Security Bulletin: IBM Security SOAR is using a component with a known vulnerability - Underscore.js (CVE-2021-23358)
Summary IBM Security SOAR is using a component with a known vulnerability - Underscore.js CVE-2021-23358 Vulnerability Details CVEID: CVE-2021-23358 DESCRIPTION: Node.js underscore module could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the template...
CVE-2021-37939
An information disclosure flaw was found in kibana. A malicious user with the ability to create connectors could utilize the JIRA and IBM Resilient connectors to view limited HTTP response data on hosts accessible to the cluster...