4195 matches found
Security Bulletin: Financial Transaction Manager for Digital Payments is affected by a potential validation vulnerability (CVE-2019-4519)
Summary Financial Transaction Manager for Digital Payments FTM DP for Multi-Platform has addressed the following vulnerability. A potential validation vulnerability does not properly validate input which could allow an authenticated user prevent audit log entries. Vulnerability Details CVEID:...
Security Bulletin: Financial Transaction Manager for Digital Payments is affected by a potential validation vulnerability (CVE-2019-4517)
Summary Financial Transaction Manager for Digital Payments FTM DP for Multi-Platform has addressed the following vulnerability. A potential validation vulnerability could allow a remote attacker to conduct phishing attacks, using an open redirect attack. Vulnerability Details CVEID: CVE-2019-4517...
The vulnerability in the arch/powerpc/kernel/process.c component of the Linux operating system allows a attacker to compromise the confidentiality and accessibility of protected information.
The vulnerability in the arch/powerpc/kernel/process.c component of the Linux operating system’s kernel PowerPC microprocessor architecture is related to the lack of protection for service data. Exploiting this vulnerability allows an attacker to compromise the confidentiality and accessibility o...
Security Bulletin: A vulnerability in IBM Java Runtime affect Financial Transaction Manager for Corporate Services v2.1.1 (CVE-2019-4732)
Summary There is vulnerability in IBM® Runtime Environment Java™ Version 7 used by Financial Transaction Manager for Corporate Services. Financial Transaction Manager for Corporate Services FTM CPS has addressed the applicable CVE.brIf you run your own Java code using the IBM Java Runtime deliver...
Security Bulletin: Financial Transaction Manager for Corporate Payment Services is affected by a potential validation vulnerability (CVE-2019-4517)
Summary IBM Financial Transaction Manager for Corporate Payment Services FTM CPS for Multi-Platform has addressed the following vulnerability. A potential validation vulnerability could allow a remote attacker to conduct phishing attacks, using an open redirect attack. Vulnerability Details CVEID...
DNS Spoofing
ruby is vulnerable to DNS spoofing. The Ruby DNS resolver library, resolv.rb, used predictable transaction IDs and a fixed source port when sending DNS requests. A remote attacker could use this flaw to spoof a malicious reply to a DNS query...
Security Bulletin: Financial Transaction Manager for Corporate Payment Services is affected by a potential Cross Site Scripting vulnerability (CVE-2019-4622)
Summary IBM Financial Transaction Manager for Corporate Payment Services FTM CPS for Multi-Platform has addressed the following vulnerability. A potential cross site scripting XSS vulnerability could allow JavaScript to be executed. Vulnerability Details CVEID: CVE-2019-4622 DESCRIPTION: IBM...
Connection to Oracle database fails when you use Microsoft ODBC or OLE DB Driver for Oracle or Microsoft DTC in Windows
Connection to Oracle database fails when you use Microsoft ODBC or OLE DB Driver for Oracle or Microsoft DTC in Windows This article describes an issue that occurs when you use Microsoft ODBC or OLE DB Driver for Oracle or Microsoft Distributed Transaction Coordinator DTC to connect to Oracle...
CVE-2020-8834
KVM in the Linux kernel on Power8 processors has a conflicting use of HSTATEHOSTR1 to store r1 state in kvmppchventry plus in kvmppcsave,restoretm, leading to a stack corruption. Because of this, an attacker with the ability run code in kernel space of a guest VM can cause the host kernel to pani...
Logic flaw vulnerability in Liangjing Mall online store shopping system (CNVD-2020-25591)
Liangjing Mall Online Shop Shopping System is a multifunctional online store system. There is a logic flaw vulnerability in Liang Jing Mall Online Shop Shopping System, which can be exploited by attackers to modify the transaction amount...
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2020-1342)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Security: A vulnerability in IBM Java Runtime affect Financial Transaction Manager for ACH Services (CVE-2019-4732)
Summary There is vulnerability in IBM® Runtime Environment Java™ Version 8 used by Financial Transaction Manager for ACH Services. Financial Transaction Manager for ACH Services FTM ACH has addressed the applicable CVE.brIf you run your own Java code using the IBM Java Runtime delivered with this...
Security Bulletin: Financial Transaction Manager for ACH Services is affected by a potential validation vulnerability (CVE-2019-4519)
Summary IBM Financial Transaction Manager for ACH Services FTM ACH for Multi-Platform has addressed the following vulnerability. A potential validation vulnerability does not properly validate input which could allow an authenticated user prevent audit log entries. Vulnerability Details CVEID:...
Security Bulletin: Financial Transaction Manager for ACH Services is affected by a potential validation vulnerability (CVE-2019-4518)
Summary IBM Financial Transaction Manager for ACH Services FTM ACH for Multi-Platform has addressed the following vulnerability. A potential validation vulnerability does not properly validate input which could allow an authenticated user to issue server commands or modify data in the database...
FasterXML jackson-databind deserialization vulnerability (CNVD-2020-24667)
FasterXML Jackson is a U.S. FasterXML company for Java data processing tools . jackson-databind is one of the components with data binding capabilities . A security vulnerability exists in FasterXML jackson-databind version 2.x prior to 2.9.10.4, which originates in...
UBUNTU-CVE-2020-10672
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory aka aries.transaction.jms...
CVE-2020-10672
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory aka aries.transaction.jms...
Security Bulletin: Financial Transaction Manager for Check Services is affected by a potential Cross Site Scripting vulnerability (CVE-2019-4622)
Summary Financial Transaction Manager for Check Services FTM CHK for Multi-Platform has addressed the following vulnerability. A potential cross site scripting XSS vulnerability could allow JavaScript to be executed. Vulnerability Details CVEID: CVE-2019-4622 DESCRIPTION: IBM Financial Transactio...
Security Bulletin: Financial Transaction Manager for Check Services is affected by a potential validation vulnerability (CVE-2019-10086)
Summary Financial Transaction Manager for Check Services FTM CHK for Multi-Platform has addressed the following vulnerability. A potential vulnerability in the Apache Commons Beanutils module could allow unauthorized access to the classloader. Vulnerability Details CVEID: CVE-2019-10086...
Security Bulletin: Financial Transaction Manager for Check Services is affected by a potential validation vulnerability (CVE-2019-4517)
Summary IBM Financial Transaction Manager for Check Services FTM CHK for Multi-Platform has addressed the following vulnerability. A potential validation vulnerability could allow a remote attacker to conduct phishing attacks, using an open redirect attack. Vulnerability Details CVEID:...