409 matches found
Fedora: Security Advisory for gstreamer1-plugins-bad-free (FEDORA-2023-6a4aea6d13)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: IBM Operations Analytics Predictive Insights v1.3.6 ifix7 contains fixes for multiple security vulnerabilities.
Summary IBM Operations Analytics Predictive Insights v1.3.6 ifix7 contains fixes for multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details CVEID:CVE-2023-32007 DESCRIPTION: Apache Spark could allow a remote authenticated attacker to execute arbitrary commands on the...
Code injection
Certain credentials within the BigFix Patch Management Download Plug-ins are stored insecurely and could be exposed to a local privileged user...
CVE-2022-42451
CVE-2022-42451 affects HCL BigFix Patch Management, specifically the Download Plug-ins, where certain credentials are stored insecurely. This could allow a local privileged user to access sensitive credentials, consistent with a Local, Low-Complexity exposure (CVSS v3.1: base score ~4.4–4.6, Conf...
PT-2023-14116 · Ibm · Bigfix Patch Management
Name of the Vulnerable Software and Affected Versions: BigFix Patch Management affected versions not specified Description: The issue concerns certain credentials within the BigFix Patch Management Download Plug-ins being stored insecurely. This could potentially expose them to a local privileged...
CVE-2023-4570
An improper access restriction in NI MeasurementLink Python services could allow an attacker on an adjacent network to reach services exposed on localhost. These services were previously thought to be unreachable outside of the node. This affects measurement plug-ins written in Python using versi...
CVE-2023-4570
CVE-2023-4570 describes an improper access restriction in NI MeasurementLink Python services that permits an attacker on an adjacent network to reach services exposed on localhost, previously believed to be unreachable externally. Affected component: ni-measurementlink-service Python package (ver...
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server Liberty shipped with IBM Tivoli Netcool Impact (CVE-2022-39161)
Summary IBM WebSphere Application Server Liberty is shipped with IBM Tivoli Netcool Impact as part of its server infrastructure. IBM WebSphere Application Server Liberty is vulnerable to spoofing via the optional and separately installable Web Server Plug-ins for IBM WebSphere Application Server...
Security Bulletin: The IBM® Engineering Lifecycle Engineering product using IBM WebSphere Application Server traditional is vulnerable to spoofing when using Web Server Plug-ins (CVE-2022-39161)
Summary When WebSphere Application Server traditional is used with the optionally installed Web Server Plug-ins component, the lack of hostname verification with the Web Plugins could allow an authenticated attacker to conduct spoofing attacks. A man in the middle attacker could conduct an exploi...
ChatGPT Has a Plug-In Problem
Third-party plug-ins boost ChatGPT’s capabilities. But security researchers say they add an extra layer of risk...
Build Numbers and Versions of Veeam Plug-ins for Enterprise Applications
Plug-In Download The latest version of all Plug-Ins for Enterprise Applications can be found at the bottom of the My Products page within the My Portal, in the Application Plug-Ins under Additional downloads. View by Plug-in Build Number View by Veeam Backup & Replication Release This table lists...
Security Bulletin: The IBM® Engineering Lifecycle Engineering product using IBM WebSphere Application Server Liberty is vulnerable to spoofing - CVE-2022-39161
Summary IBM WebSphere Application Server Liberty are vulnerable to spoofing via the optional and separately installable Web Server Plug-ins for IBM WebSphere Application Server component. Following IBM® Engineering Lifecycle Engineering products are vulnerable to this attack, it has been addresse...
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM WebSphere Remote Server (CVE-2023-35890)
Summary WebSphere Application Server, shipped with IBM WebSphere Remote Server, is vulnerable to spoofing when using Web Server Plug-ins. Information about a security vulnerability affecting WebSphere Application when using Web Server Plug-ins has been published in a security bulletin...
Security Bulletin: IBM Tivoli Composite Application Manager for Application Diagnostics Installed IBM WebSphere Application Server traditional is vulnerable to spoofing when using Web Server Plug-ins
Summary The security issue described in CVE-2022-39161 has been identified in the WebSphere Application Server traditional included as part of IBM Tivoli Composite Application Manager for Application Diagnostics Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes...
Security Bulletin: IBM WebSphere Application Server Liberty is vulnerable to spoofing when using Web Server Plug-ins
Summary IBM Security Verify Governance uses IBM WebSphere Application Server .The fix includes upgrading IBM WebSphere Application Server with the security patch. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected...
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM WebSphere Remote Server (CVE-2022-39161)
Summary IBM WebSphere Application Server, shipped with IBM WebSphere Remote Server, is vulnerable to spoofing when using Web Server Plug-ins. Information about a security vulnerability affecting IBM WebSphere Application Server when using Web Server Plug-ins has been published in a security...
CVE-2022-39161
IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0, and IBM WebSphere Application Server Liberty, when configured to communicate with the Web Server Plug-ins for IBM WebSphere Application Server, could allow an authenticated user to conduct spoofing attacks. A man-in-the-middle attacker could...
Spoofing
IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0, and IBM WebSphere Application Server Liberty, when configured to communicate with the Web Server Plug-ins for IBM WebSphere Application Server, could allow an authenticated user to conduct spoofing attacks. A man-in-the-middle attacker could...
Security Bulletin: IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to spoofing when using Web Server Plug-ins (CVE-2022-39161)
Summary IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to spoofing via the optional and separately installable Web Server Plug-ins for IBM WebSphere Application Server component. This has been addressed in the remediation section. Vulnerability Detail...
Security Bulletin: IBM WebSphere Application Server and IBM WebSphere Application Server Liberty, which are bundled with IBM Cloud Pak for Applications, are vulnerable to spoofing when using Web Server Plug-ins (CVE-2022-39161)
Summary IBM WebSphere Application Server and IBM WebSphere Application Server Liberty, which are bundled with IBM Cloud Pak for Applications, are vulnerable to spoofing when using Web Server Plug-ins CVE-2022-39161 Vulnerability Details Refer to the security bulletins listed in the...