28 matches found
EUVD-2015-7408
Malware in sbrugna...
EUVD-2016-0351
Malware in sbrugna...
EUVD-2017-10506
Malware in sbrugna...
EUVD-2016-0352
Malware in sbrugna...
VulnCheck KEV: CVE-2015-7465
Cross-site request forgery CSRF vulnerability in Lifecycle Query Engine LQE in IBM Jazz Reporting Service JRS 6.0 before 6.0.0-Rational-CLM-ifix005 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences...
IBM Jazz Reporting Service Information Disclosure Vulnerability (CNVD-2019-14395)
IBM Jazz Reporting Service JRS is a suite of applications for discovering cross-project reports from IBM USA. The program can be used in integration with IBM RationalCLM's Rational solution for managing all lifecycles of development projects. CLM users can access the reports provided by JRS in a...
Security Bulletin: Security vulnerability affects the Lifecycle Query Engine (LQE) that is shipped with Jazz Reporting Service (CVE-2017-1490)
Summary There is a security vulnerability in the Lifecycle Query Engine LQE shipped with Jazz Reporting Service. Vulnerability Details CVEID: CVE-2017-1490 DESCRIPTION: An unspecified vulnerability in the Lifecycle Query Engine of Jazz Reporting Service could disclose highly sensitive information...
Security Bulletin: Security vulnerability affects the Lifecycle Query Engine (LQE) that is shipped with Jazz Reporting Service (CVE-2017-1095)
Summary There is a security vulnerability in the Lifecycle Query Engine LQE shipped with Jazz Reporting Service. Vulnerability Details CVEID: CVE-2017-1095 DESCRIPTION: IBM Jazz Reporting Service JRS is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary...
Security Bulletin: Security vulnerability affects the Lifecycle Query Engine (LQE) that is shipped with Jazz Reporting Service (CVE-2017-1094)
Summary There is a security vulnerability in the Lifecycle Query Engine LQE shipped with Jazz Reporting Service. Vulnerability Details CVEID: CVE-2017-1094 DESCRIPTION: IBM Jazz Reporting Service JRS is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when...
Security Bulletin: Multiple security vulnerabilities affect the Lifecycle Query Engine (LQE) that is shipped with Jazz Reporting Service (CVE-2016-5897, CVE-2016-6039)
Summary There are multiple security vulnerabilities in the Lifecycle Query Engine LQE shipped with Jazz Reporting Service. Vulnerability Details CVEID: CVE-2016-5897 DESCRIPTION: IBM Jazz Reporting Service JRS is vulnerable to HTML injection. A remote attacker could inject malicious HTML code,...
Design/Logic Flaw
IBM Rational Engineering Lifecycle Manager 3.0 before 3.0.1.6 iFix7 Interim Fix 1 and 4.0 before 4.0.7 iFix10 allow remote authenticated users with access to lifecycle projects to obtain sensitive information by sending a crafted URL to the Lifecycle Query Engine. IBM X-Force ID: 108619...
CVE-2015-7484
IBM Rational Engineering Lifecycle Manager 3.0 before 3.0.1.6 iFix7 Interim Fix 1 and 4.0 before 4.0.7 iFix10 allow remote authenticated users with access to lifecycle projects to obtain sensitive information by sending a crafted URL to the Lifecycle Query Engine. IBM X-Force ID: 108619...
IBM Lifecycle Query Engine of Jazz Reporting Service Information Disclosure Vulnerability
IBM Lifecycle Query Engine of Jazz Reporting Service is a lifecycle query engine for Jazz Reporting Service from IBM, USA. A security vulnerability exists in IBM Lifecycle Query Engine of Jazz Reporting Service versions 6.0 through 6.0.4. An attacker could exploit the vulnerability to obtain...
CVE-2017-1490
An unspecified vulnerability in the Lifecycle Query Engine of Jazz Reporting Service 6.0 through 6.0.4 could disclose highly sensitive information...
Information disclosure
An unspecified vulnerability in the Lifecycle Query Engine of Jazz Reporting Service 6.0 through 6.0.4 could disclose highly sensitive information...
CVE-2017-1490
An unspecified vulnerability in the Lifecycle Query Engine of Jazz Reporting Service 6.0 through 6.0.4 could disclose highly sensitive information...
CVE-2017-1490
An unspecified vulnerability in the Lifecycle Query Engine of Jazz Reporting Service 6.0 through 6.0.4 could disclose highly sensitive information...
CVE-2016-0318
Lifecycle Query Engine LQE in IBM Jazz Reporting Service 6.0 and 6.0.1 before 6.0.1 iFix006 does not destroy a Session ID upon a logout action, which allows remote attackers to obtain access by leveraging an unattended workstation...
CVE-2016-0318
Lifecycle Query Engine LQE in IBM Jazz Reporting Service 6.0 and 6.0.1 before 6.0.1 iFix006 does not destroy a Session ID upon a logout action, which allows remote attackers to obtain access by leveraging an unattended workstation...
CVE-2016-0317
Lifecycle Query Engine LQE in IBM Jazz Reporting Service 6.0 and 6.0.1 before 6.0.1 iFix006 allows remote attackers to conduct clickjacking attacks via unspecified vectors...