Oracle Business Intelligence Enterprise Edition (July 2024 CPU)

The version of Oracle Business Intelligence Enterprise Edition 12.2.1.4 installed on the remote host is affected by multiple vulnerabilities as referenced in the July 2024 CPU advisory, including the following: - Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Orac...

Security Bulletin: Multiple vulnerabilities affect embedded rules in IBM Business Automation Workflow

Summary Embedded rules in IBM Business Automation Workflow are affected by multiple vulnerabilities. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2018-1000632 DESCRIPTION: dom4j could allow a remote attacker to execute arbitrary code o...

Security Bulletin: Multiple security vulnerabilities with IBM FileNet Content Manager component in IBM Business Automation Workflow -CVE-2021-31811, CVE-2021-31812, CVE-2021-23926, CVE-2021-38965

Summary The embedded IBM FileNet Content Manager component, that is shipped with IBM Business Automation Workflow is vulnerable to multiple vulnerabilities. Vulnerability Details CVEID: CVE-2021-38965 DESCRIPTION: IBM FileNet Content Manager 5.5.4, 5.5.6, and 5.5.7 could allow a remote...

Security Bulletin: Apache XMLBeans XML Entity Expansion security vulnerability in IBM FileNet Content Manager

Summary IBM FileNet Content Manager has XML Entity Expansion security vulnerabilties with Apache XMLBeans. Vulnerability Details CVEID: CVE-2021-23926 DESCRIPTION: Apache XMLBeans is vulnerable to a denial of service, caused by an XML external entity XXE error when processing XML data. By sending...

Security Bulletin: Multiple vulnerabilites affect IBM Jazz Foundation and IBM Engineering products.

Summary There are multiple vulnerabilities that are used by IBM Jazz Team Server affecting the following IBM Jazz Team Server based Applications: Engineering Lifecycle Management ELM, IBM Engineering Requirements Management DOORS Next DOORS Next, IBM Engineering Workflow Management EWM, IBM...

Security Bulletin: Multiple vulnerabilities in open source libraries affects Tivoli Netcool/OMNIbus WebGUI

Summary Fixes are available for vulnerabilities in open source libraries affects Tivoli Netcool/OMNIbus WebGUI CVE-2021-23926, CVE-2018-15494, CVE-2020-5258, CVE-2021-29425 and CVE-2020-11988. Vulnerability Details CVEID: CVE-2021-23926 DESCRIPTION: Apache XMLBeans is vulnerable to a denial of...

GHSA-MW3R-PFMG-XP92 Improper Restriction of Recursive Entity References in Apache XMLBeans

The XML parsers used by XMLBeans up to version 2.6.0 did not set the properties needed to protect the user from malicious XML input. Vulnerabilities include possibilities for XML Entity Expansion attacks. Affects XMLBeans up to and including v2.6.0...

Apache Xmlbeans Input Validation Error Vulnerability

Apache Xmlbeans is the Apache Foundation , a software used to support Java and XMl format data to interact . Apache Xmlbeans up to version 2.6.0 suffers from an Input Validation Error vulnerability that stems from a failure to set an attribute required to protect a user from malicious XML input. ...

PT-2021-7289 · Apache +1 · Apache Xmlbeans +1

Name of the Vulnerable Software and Affected Versions: Apache XMLBeans versions up to and including 2.6.0 Description: The issue is related to errors in processing XML entities in the Java-to-XML Apache XMLBeans tool. This can allow a remote attacker to cause a denial of service or disclose...