246 matches found
Security Bulletin: IBM Engineering Lifecycle Management - Engineering Test management is impacted by vulnerabilities in Eclipse Paho Java client library
Summary A vulnerability has been identified in Eclipse Paho Java client library, which is used in IBM Engineering Lifecycle Management - Engineering Test management Vulnerability Details CVEID:CVE-2019-11777 DESCRIPTION: In the Eclipse Paho Java client library version 1.2.0, when connecting to an...
Security Bulletin: IBM Engineering Lifecycle Management - Engineering Test Management is impacted by vulnerabilities in commons-io library
Summary Vulnerabilities have been identified in commons-io library, which is used in IBM Engineering Lifecycle Management - Engineering Test Management Vulnerability Details CVEID:CVE-2024-47554 DESCRIPTION: Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The...
Security Bulletin: IBM Engineering Lifecycle Management - Engineering Test Management is impacted by vulnerabilities in Apache-Velocity library
Summary Vulnerabilities have been identified in Apache-Velocity library, which is used in IBM Engineering Lifecycle Management - Engineering Test Management Vulnerability Details CVEID:CVE-2020-13936 DESCRIPTION: An attacker that is able to modify Velocity templates may execute arbitrary Java cod...
Security Bulletin: IBM Engineering Lifecycle Management - Engineering Test Management is impacted by vulnerabilities in Eclipse IDE versions
Summary Vulnerabilities have been identified in Eclipse IDE versions before 2023-09 4.29, which is used in IBM Engineering Lifecycle Management - Engineering Test Management Vulnerability Details CVEID:CVE-2023-4218 DESCRIPTION: In Eclipse IDE versions 2023-09 4.29 some files with xml content are...
Security Bulletin: IBM Engineering Lifecycle Management - Engineering Test Management is impacted by vulnerabilities in Apache PDFBox
Summary Vulnerabilities have been identified in Apache PDFBox, which is used in IBM Engineering Lifecycle Management - Engineering Test Management Vulnerability Details CVEID:CVE-2021-27807 DESCRIPTION: A carefully crafted PDF file can trigger an infinite loop while loading the file. This issue...
Security Bulletin: IBM WebSphere Application Server and WebSphere Application Server Liberty shipped with IBM Engineering Test Management are affected by cross-site scripting (CVE-2025-12635)
Summary IBM WebSphere Application Server is affected by cross-site scripting due to improper validation of user-supplied input. An attacker could exploit this vulnerability by using a specially crafted URL to redirect the user to a malicious site. Following IBM® Engineering Lifecycle Management...
Security Bulletin: The IBM® Engineering Lifecycle Management products using WebSphere Application Server Liberty could provide weaker than expected security (CVE-2025-14923)
Summary IBM WebSphere Application Server Liberty with versions ranging 17.0.0.3 - 26.0.0.2 could provide weaker than expected security when using the Security Utility when administering security settings. Following IBM Engineering Lifecycle Management products are vulnerable to this attack, it ha...
Security Bulletin: IBM Engineering Test Management is affected by IBM WebSphere Application Server and Liberty are affected by SMTP injection(CVE-2025-7962)
Summary IBM WebSphere Application Server, which is bundled with IBM WebSphere Hybrid Edition, is affected by an SMTP injection vulnerability in the Jakarta Mail library. Following IBM® Engineering Lifecycle Management products are vulnerable to this attack, and addressed in this bulletin: IBM...
CVE-2021-47902
Testa Online Test Management System 3.4.7 contains a SQL injection vulnerability that allows attackers to manipulate database queries through the 'q' search parameter. Attackers can inject malicious SQL code in the search field to extract database information, potentially accessing sensitive user...
CVE-2021-47902 Testa Online Test Management System 3.4.7 - 'q' SQL Injection
Testa Online Test Management System 3.4.7 contains a SQL injection vulnerability that allows attackers to manipulate database queries through the 'q' search parameter. Attackers can inject malicious SQL code in the search field to extract database information, potentially accessing sensitive user...
EUVD-2021-34748
Testa Online Test Management System 3.4.7 contains a SQL injection vulnerability that allows attackers to manipulate database queries through the 'q' search parameter. Attackers can inject malicious SQL code in the search field to extract database information, potentially accessing sensitive user...
CVE-2021-47902
Testa Online Test Management System 3.4.7 contains a SQL injection vulnerability that allows attackers to manipulate database queries through the 'q' search parameter. Attackers can inject malicious SQL code in the search field to extract database information, potentially accessing sensitive user...
CVE-2021-47902
CVE-2021-47902 affects Testa Online Test Management System 3.4.7. A SQL injection vulnerability exists via the 'q' search parameter, enabling attackers to manipulate database queries and potentially access sensitive user or system data. The provided documents do not specify a remediation or patch...
Testa Online Test Management System SQL Injection Vulnerability
Testa Online Test Management System is an online examination software developed by the Malta-based company Testa. Version 3.4.7 of the Testa Online Test Management System has a SQL injection vulnerability. This vulnerability stems from incorrect handling of the search parameter “q”, and it may le...
Security Bulletin: The IBM® Engineering Lifecycle Management products using WebSphere Application Server and WebSphere Application Server Liberty are affected by SMTP injection due to Jakarta Mail (CVE-2025-7962)
Summary A vulnerability in javaMail-1.5, javaMail-1.6, mail-2.0, or mail-2.1 features affects IBM WebSphere Application Server Liberty 17.0.0.3 - 25.0.0.11 with specific features enabled. Following IBM® Engineering Lifecycle Management products are vulnerable to this attack, and addressed in this...
Security Bulletin: IBM Engineering Test Management is affected by a denial of service due to WebSphere Application Server traditional.
Summary IBM WebSphere Application Server shipped with IBM Engineering Test Management is affected by a denial of service vulnerability CVE-2025-36099. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products|...
Security Bulletin: IBM Engineering Test Management bundles IBM WebSphere Application Server which could provide weaker than expected security.
Summary IBM WebSphere Application Server shipped with IBM Engineering Test Management could provide weaker than expected security for TLS connections CVE-2025-33142. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affect...
EUVD-2019-9289
Malware in sbrugna...
EUVD-2021-1263
Malware in sbrugna...
EUVD-2021-25371
Malware in sbrugna...