32 matches found
EUVD-2019-14273
Malware in sbrugna...
EUVD-2015-2088
Malware in sbrugna...
Security Bulletin: IBM UrbanCode Build 6.1.7.10 addresses multiple vulnerabilities.
Summary Security Bulletin: IBM UrbanCode Build 6.1.7.10 addresses multiple vulnerabilities, listed in multiple CVEs CVE-2023-34981, CVE-2022-1471, CVE-2022-4065, CVE-2021-23450, CVE-2021-23450, CVE-2022-40151, CVE-2022-41966, CVE-2023-41080, CVE-2022-48285, CBE-2020-11971, CVE-2023-28709,...
Security Bulletin: Due to the use of VMWare Tanzu Spring Framework, IBM DevOps Build is vulnerable to remote attacker to conduct phising attacks
Summary IBM DevOps Build 7.0.0.2 addresses CVE-2024-22259 by updating spring-web jar.. Vulnerability Details CVEID:CVE-2024-22259 DESCRIPTION: Applications that use UriComponentsBuilder in Spring Framework to parse an externally provided URL e.g. through a query parameter AND perform validation...
Security Bulletin: IBM DevOps Build 7.0.0 addresses multiple vulnerabilities.
Summary IBM DevOps Build 7.0.0 addresses multiple vulnerabilities. Vulnerability Details CVEID:CVE-2023-45648 DESCRIPTION: Apache Tomcat is vulnerable to HTTP request smuggling, caused by improper parsing of HTTP trailer headers. By sending a specially crafted invalid trailer header, an attacker...
Security Bulletin: IBM UrbanCode Build is vulnerable to CVE-2023-28708
Summary IBM UrbanCode Build is vulnerable to CVE-2023-28708. IBM has addressed these vulnerabilities by updating Apache Tomcat Server. Vulnerability Details CVEID:CVE-2023-28708 DESCRIPTION: Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by the missing of secu...
Security Bulletin: IBM UrbanCode Build is vulnerable to CVE-2023-24998
Summary IBM UrbanCode Build is vulnerable to CVE-2023-24998. IBM has addressed these vulnerabilities by updating Apache Tomcat Server. Vulnerability Details CVEID:CVE-2023-24998 DESCRIPTION: Apache Commons FileUpload and Tomcat are vulnerable to a denial of service, caused by not limit the number...
Security Bulletin: IBM UrbanCode Build is affected by CVE-2022-45143
Summary IBM UrbanCode Build is affected by CVE-2022-45143 Vulnerability Details CVEID:CVE-2022-45143 DESCRIPTION: Apache Tomcat could allow a remote attacker to bypass security restrictions, caused by not escape the type, message or description values in the JsonErrorReportValve function. By...
Security Bulletin: IBM UrbanCode Build is affected by CVE-2022-42252
Summary IBM UrbanCode Build is affected by CVE-2022-42252 Vulnerability Details CVEID:CVE-2022-42252 DESCRIPTION: Apache Tomcat is vulnerable to HTTP request smuggling, caused by the failure to reject a request containing an invalid Content-Length header when configured to ignore invalid HTTP...
Security Bulletin: IBM UrbanCode Build is affected by CVE-2021-43980
Summary IBM UrbanCode Build is affected by CVE-2021-43980 Vulnerability Details CVEID:CVE-2021-43980 DESCRIPTION: Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by a long standing concurrency flaw in the simplified implementation of blocking reads and writes. ...
Security Bulletin: IBM UrbanCode Build is affected by CVE-2022-34305
Summary IBM UrbanCode Build is affected by CVE-2022-34305 Vulnerability Details CVEID:CVE-2022-34305 DESCRIPTION: Apache Tomcat is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability using the...
Security Bulletin: IBM UrbanCode Build is vulnerable to denial of service due to use of Apache Tomcat (CVE-2022-29885).
Summary Apache Tomcat is used by IBM UrbanCode Build. This fix includes Apache Tomcat 8.5.79. Vulnerability Details CVEID:CVE-2022-29885 DESCRIPTION: Apache Tomcat is vulnerable to a denial of service, caused by an use-after-free flaw in theEncryptInterceptor in an untrusted network. By sending a...
Security Bulletin: IBM UrbanCode Build is vulnerable to a bypass of security restrictions due to use of Apache Tomcat (CVE-2022-25762).
Summary Apache Tomcat is used by IBM UrbanCode Build. This fix includes Apache Tomcat 8.5.79. Vulnerability Details CVEID:CVE-2022-25762 DESCRIPTION: Apache Tomcat could allow a remote attacker to bypass security restrictions, caused by improper error handling in WebSocket connection. By sending ...
Security Bulletin: IBM UrbanCode Build is affected by CVE-2021-42340
Summary IBM UrbanCode Build is affected by CVE-2021-42340 Vulnerability Details CVEID: CVE-2021-42340 DESCRIPTION: Apache Tomcat is vulnerable to a denial of service, caused by a memory leak flaw in WebSocket connections. By sending a specially-crafted request using OutOfMemoryError, a remote...
Security Bulletin: IBM UrbanCode Build is affected by CVE-2022-23181
Summary IBM UrbanCode Build is affected by CVE-2022-23181 Vulnerability Details CVEID: CVE-2022-23181 DESCRIPTION: Apache Tomcat could allow a local authenticated attacker to gain elevated privileges on the system, caused by a time of check, time of use flaw when configured to persist sessions...
Security Bulletin: IBM UrbanCode Build is affected by CVE-2021-25122 and CVE-2021-25329
Summary IBM UrbanCode Build is affected by CVE-2021-25122 and CVE-2021-25329 Vulnerability Details CVEID: CVE-2021-25122 DESCRIPTION: Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by a flaw when responding to new h2c connection requests. By sending a...
Security Bulletin: IBM UrbanCode Build is affected by CVE-2021-33037
Summary IBM UrbanCode Build is affected by CVE-2021-33037 Vulnerability Details CVEID: CVE-2021-33037 DESCRIPTION: Apache Tomcat is vulnerable to HTTP request smuggling, caused by improper parsing of the HTTP transfer-encoding request header. By sending a specially-crafted HTTPS transfer-encoding...
Security Bulletin: IBM UrbanCode Build is affected by CVE-2021-41079
Summary IBM UrbanCode Build is affected by CVE-2021-41079 Vulnerability Details CVEID: CVE-2021-41079 DESCRIPTION: Apache Tomcat is vulnerable to a denial of service, caused by improper input validation of TLS packets. By sending a specially-crafted TLS packet, a remote attacker could exploit thi...
Security Bulletin: IBM UrbanCode Build is affected by CVE-2021-30640
Summary IBM UrbanCode Build is affected by CVE-2021-30640 Vulnerability Details CVEID: CVE-2021-30640 DESCRIPTION: Apache Tomcat could allow a remote attacker to bypass security restrictions, caused by improper authentication validation in the JNDI Realm. By sending a specially-crafted request...
Security Bulletin: IBM UrbanCode Build is affected by CVE-2021-30639
Summary IBM UrbanCode Build is affected by CVE-2021-30639 Vulnerability Details CVEID:CVE-2021-30639 DESCRIPTION: Apache Tomcat is vulnerable to a denial of service, caused by improper error handling during non-blocking I/O. By sending a specially-crafted request, a remote attacker could exploit...