EUVD-2021-16357

Malware in sbrugna...

PT-2025-40899

Name of the Vulnerable Software and Affected Versions IBM Standards Processing Engine version 10.0.1.10 Description The software contains a flaw due to unsafe Java deserialization, which could allow a remote attacker to execute arbitrary code on the system. Exploitation involves sending specially...

Security Bulletin: IBM Transformation Extender Advanced is affected by a vulnerability in its dependencies

Summary IBM Transformation Extender Advanced, also known as IBM Standards Processing Engine, is vulnerable in it's dependencies on Apache Commons FileUpload Vulnerability Details CVEID:CVE-2023-24998 DESCRIPTION: Apache Commons FileUpload and Tomcat are vulnerable to a denial of service, caused b...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server Liberty shipped with IBM Standards Processing Engine and IBM Transformation Extender Advanced (CVE-2015-3183)

Summary IBM WebSphere Application Server Liberty is shipped with IBM Standards Processing Engine and IBM Transformation Extender Advanced. Information about a security vulnerability affecting IBM WebSphere Application Server Liberty has been published in a security bulletin. Vulnerability Details...

Security Bulletin: A security vulnerability has been identified in 10x shipped with IBM Standards Processing Engine and IBM Transformation Extender Advanced (CVE-2016-0341)

Summary A missing HTTP header has been addressed in IBM 10x, which is shipped in IBM Standards Processing Engine and IBM Transformation Extender Advanced. Vulnerability Details CVEID: CVE-2016-0341 DESCRIPTION: IBM 10x could allow a malicious user to obtain highly sensitive information due to...

Security Bulletin: A security vulnerability has been identified in 10x shipped with IBM Standards Processing Engine and IBM Transformation Extender Advanced (CVE-2016-5892)

Summary IBM 10x is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. Vulnerability Details CVEID: CVE-2016-5892...

Security Bulletin: A vulnerability in IBM Java SDK affects IBM Standards Processing Engine and IBM Transformation Extender Advanced (CVE-2015-4872)

Summary There is a vulnerability in IBM® SDK Java™ Technology Edition, Version 7 and 8, that is used by IBM Standards Processing Engine and IBM Transformation Extender Advanced. This issue was disclosed as part of the IBM Java SDK updates for October 2015. Vulnerability Details CVEID: CVE-2015-48...

Security Bulletin: Two vulnerabilities in WAS Liberty affect IBM Transformation Extender Advanced and IBM Standards Processing Engine (CVE-2016-0378 and CVE-2016-5986)

Summary Two vulnerabilities have been found in WAS Liberty, which is shipped in IBM Transforation Extender Advanced and IBM Standards Processing Engine. IBM WebSphere Application Server Liberty could allow a remote attacker to obtain sensitive information caused by improper handling of exceptions...

Security Bulletin: A vulnerability in IBM Java SDK affects IBM Standards Processing Engine and IBM Transformation Extender Advanced (CVE-2016-5597)

Summary There is a vulnerability in IBM® SDK Java™ Technology Edition, Version 7 and 8, that is used by IBM Standards Processing Engine and IBM Transformation Extender Advanced. This issue was disclosed as part of the IBM Java SDK updates for October 2016. Vulnerability Details CVEID: CVE-2016-55...

Security Bulletin: Information disclosure vulnerability affects IBM Standards Processing Engine (CVE-2015-7410)

Summary IBM Standards Processing Engine is vulnerable to cookie hijacking for Web Services hosted over HTTPS protocol. Vulnerability Details CVEID: CVE-2015-7410 DESCRIPTION: Applications based on an internal IBM UI framework are vulnerable to cookie hijacking for Web Services hosted over HTTPS...

Security Bulletin: Vulnerability in Apache Commons affects IBM Standards Processing Engine (CVE-2015-7450)

Summary An Apache Commons Collections vulnerability for handling Java object deserialization was addressed by IBM Standards Processing Engine. Vulnerability Details CVEID: CVE-2015-7450 DESCRIPTION: Apache Commons Collections could allow a remote attacker to execute arbitrary code on the system,...

CVE-2021-29883

IBM Standards Processing Engine IBM Transformation Extender Advanced 9.0 and 10.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. T...