136 matches found
Security Bulletin: IBM Sterling Partner Engagement Manager is vulnerable to quartz-jobs 2.3.2 and below was discovered to contain a code injection vulnerability in the component.
Summary Security Bulletin: IBM Sterling Partner Engagement Manager is vulnerable to quartz-jobs 2.3.2 and below was discovered to contain a code injection vulnerability in the component. Vulnerability Details CVEID:CVE-2022-42004 DESCRIPTION: FasterXML jackson-databind is vulnerable to a denial o...
EUVD-2022-38520
Malicious code in bioql PyPI...
EUVD-2022-37290
Malicious code in bioql PyPI...
EUVD-2022-37303
Malicious code in bioql PyPI...
EUVD-2025-13717
Malicious code in bioql PyPI...
EUVD-2022-38521
Malicious code in bioql PyPI...
EUVD-2023-47466
Malicious code in bioql PyPI...
EUVD-2023-32187
Malicious code in bioql PyPI...
EUVD-2022-27478
Malicious code in bioql PyPI...
EUVD-2023-42497
Malicious code in bioql PyPI...
EUVD-2022-27505
Malicious code in bioql PyPI...
EUVD-2022-27504
Malicious code in bioql PyPI...
EUVD-2022-27563
Malicious code in bioql PyPI...
EUVD-2022-27562
Malicious code in bioql PyPI...
EUVD-2022-27474
Malicious code in bioql PyPI...
Security Bulletin: IBM Sterling Partner Engagement Manager is vulnerable to FreeType Remote Code Execution Vulnerability (CVE-2025-27363)
Summary IBM Sterling Partner Engagement Manager uses FreeType has part of the package and is affected by CVE-2025-27363 for versions 2.13.0 and below. Vulnerability Details CVEID:CVE-2025-27363 DESCRIPTION: An out of bounds write exists in FreeType versions 2.13.0 and below newer versions of...
CVE-2023-23482
IBM Sterling Partner Engagement Manager 6.1, 6.2, and 6.2.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch...
CVE-2023-23480
IBM Sterling Partner Engagement Manager 6.1, 6.2, and 6.2.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM...
CVE-2023-43045
IBM Sterling Partner Engagement Manager 6.1.2, 6.2.0, and 6.2.2 could allow a remote user to perform unauthorized actions due to improper authentication. IBM X-Force ID: 266896...
CVE-2022-35640
IBM Sterling Partner Engagement Manager 6.2.2 could allow a local attacker to obtain sensitive information when a detailed technical error message is returned. IBM X-Force ID: 230933...