Security Bulletin: Multiple IBM Db2 Server Vulnerabilities Affect IBM Emptoris Program Management

Summary Multiple IBM Db2 Server vulnerabilities affect IBM Emptoris Program Management. Vulnerability Details CVEID: CVE-2021-20579 DESCRIPTION: IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a user who can create a view or inline SQL...

Security Bulletin: IBM Db2 Server Vulnerability Affects IBM Emptoris Program Management (CVE-2021-29702)

Summary An IBM Db2 Server vulnerability affects IBM Emptoris Program Management. Vulnerability Details CVEID: CVE-2021-29702 DESCRIPTION: Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.1.4 and 11.5.5 is vulnerable to a denial of service as the server terminates abnormally when...

Security Bulletin: Multiple Oracle Database Server Vulnerabilities Affect IBM Emptoris Program Management

Summary Multiple Oracle database server security vulnerabilities affect IBM Emptoris Program Management. Vulnerability Details CVEID: CVE-2021-2245 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the Database - Enterprise Edition Unified Audit component could allow ...

Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Program Management (CVE-2021-2207)

Summary An Oracle database server security vulnerabilities affects IBM Emptoris Program Management. Vulnerability Details CVEID: CVE-2021-2207 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the Oracle Database - Enterprise Edition component could allow an...

SQL Injection Vulnerability in iDS Networked Digital Signage Management System of Shenzhen Bright Diamond Technology Co.

iDS Networked Digital Signage Management System is a kind of digital signage management system that can be used for program management and terminal management. iDS Networked Digital Signage Management System of Shenzhen Bright Diamond Technology Co., Ltd. suffers from SQL injection vulnerability,...

Security Bulletin: IBM DB2 Server Vulnerabilities Affect IBM Emptoris Program Management

Summary IBM DB2 Server Vulnerabilities Affect IBM Emptoris Program Management Vulnerability Details CVEID: CVE-2020-5025 DESCRIPTION: IBM DB2 for Linux, UNIX and Windows includes DB2 Connect Server 9.7, 10.1, 10.5, 11.1, and 11.5 db2fm is vulnerable to a buffer overflow, caused by improper bounds...

Security Bulletin: Multiple Oracle Database Server Security Vulnerabilities Affect IBM Emptoris Program Management

Summary Multiple Oracle Database server security vulnerabilities affect IBM IBM Emptoris Program Management. Vulnerability Details CVEID: CVE-2021-2045 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the Text component could allow an authenticated attacker to cause ...

Security Bulletin: Multiple Oracle Database Server Vulnerabilities Affect IBM Emptoris Program Management

Summary Multiple Oracle Database Server security vulnerabilities affect IBM Emptoris Program Management. Vulnerability Details CVEID: CVE-2020-14741 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the Database Filesystem component could allow an authenticated attack...

Cross site request forgery (csrf)

IBM Curam Social Program Management 7.0.9 and 7.0.11 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 191942...

CVE-2020-4942

CVE-2020-4942 affects IBM Curam Social Program Management (Curam SPM) 7.0.9 and 7.0.11. The vulnerability is a cross-site request forgery (CSRF) that can cause a user’s trusted session to perform malicious actions via the site’s REST logout functionality. The public details identify the affected ...

CVE-2020-4942

IBM Curam Social Program Management 7.0.9 and 7.0.11 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 191942...

CVE-2020-4942

IBM Curam Social Program Management 7.0.9 and 7.0.11 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 191942...

Security Bulletin: jQuery Vulnerabilities Affect IBM Emptoris Program Management (CVE-2020-11023, CVE-2020-11022)

Summary jQuery security vulnerabilities affect IBM Emptoris Program Management. Vulnerability Details CVEID: CVE-2020-11023 DESCRIPTION: jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this...

Security Bulletin: Multiple Oracle Database Server Security Vulnerabilities Affect IBM Emptoris Program Management

Summary Multiple Oracle Database Server Security Vulnerabilities Affect IBM Emptoris Program Management Vulnerability Details CVEID: CVE-2020-2968 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the Java VM component could allow an authenticated attacker to take...

IBM Cúram Social Program Management Denial of Service Vulnerability (CNVD-2020-59031)

IBM Cúram Social Program Management SPM is a suite of social program management solutions from IBM in the United States that support the end-to-end social program delivery process. A denial of service vulnerability exists in IBM Cúram Social Program Management versions 7.0.9.0 and 7.0.10.0. The...

CVE-2020-4779

A HTTP Verb Tampering vulnerability may impact IBM Curam Social Program Management 7.0.9 and 7.0.10. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass security access controls. IBM X-Force ID: 189156...

CVE-2020-4779

A HTTP Verb Tampering vulnerability may impact IBM Curam Social Program Management 7.0.9 and 7.0.10. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass security access controls. IBM X-Force ID: 189156...

CVE-2020-4778

IBM Curam Social Program Management 7.0.9 and 7.0.10 uses MD5 algorithm for hashing token in a single instance which less safe than default SHA-256 cryptographic algorithm used throughout the Cúram application. IBM X-Force ID: 189156...

CVE-2020-4781

An improper input validation before calling java readLine method may impact IBM Curam Social Program Management 7.0.9 and 7.0.10, which could result in a denial of service. IBM X-Force ID: 189159...

CVE-2020-4781

An improper input validation before calling java readLine method may impact IBM Curam Social Program Management 7.0.9 and 7.0.10, which could result in a denial of service. IBM X-Force ID: 189159...