Lucene search
K

154 matches found

RedHat Linux
RedHat Linux
added 2023/11/14 3:46 p.m.5 views

kernel: wifi: brcmfmac: ensure CLM version is null-terminated to prevent stack-out-of-bounds

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: ensure CLM version is null-terminated to prevent stack-out-of-bounds Fix a stack-out-of-bounds read in brcmfmac that occurs when 'buf' that is not null-terminated is passed as an argument of strreplace in...

5.5CVSS7AI score0.00146EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/11/07 9:3 a.m.4 views

kernel: wifi: brcmfmac: ensure CLM version is null-terminated to prevent stack-out-of-bounds

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: ensure CLM version is null-terminated to prevent stack-out-of-bounds Fix a stack-out-of-bounds read in brcmfmac that occurs when 'buf' that is not null-terminated is passed as an argument of strreplace in...

5.5CVSS7AI score0.00146EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/13 6:27 a.m.52 views

Security Bulletin: The IBM® Engineering Lifecycle Engineering displays sensitive Information on ADMIN page (CVE-2022-34355).

Summary Application displays Sensitive Information related to the backend technologies like JVM, DB Version, Application Server on ADMIN page. Vulnerability Details CVEID:CVE-2022-34355 DESCRIPTION: IBM Jazz Foundation could disclose sensitive version information to a user that could be used in...

5.5CVSS4.5AI score0.00182EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2023/01/16 12:0 a.m.3 views

PT-2025-40745

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.14.0+ 132 Description A stack-out-of-bounds read issue exists in the brcmfmac component of the Linux kernel. This occurs when a CLM version string, which is not null-terminated, is passed as an argument to the...

7.8CVSS7.3AI score0.21314EPSS
Exploits0References478
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/23 4:54 a.m.41 views

Security Bulletin: The IBM® Engineering Lifecycle Engineering products using Liberty are vulnerable to denial of service due to GraphQL Java CVE-2022-37734

Summary The IBM® Engineering Lifecycle Engineering products using Liberty are vulnerable to denial of service due to GraphQL Java, affected features are mpGraphQL-1.0 or mpGraphQL-2.0 . Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products...

7.5CVSS7.3AI score0.02201EPSS
Exploits1Affected Software1
CVE
CVE
added 2022/12/13 3:8 a.m.55 views

CVE-2022-41273

CVE-2022-41273 affects SAP Sourcing and SAP Contract Lifecycle Management (CLM) version 1100, due to improper input sanitization in the affected components. The vulnerability allows an attacker to lure a user into clicking a manipulated link via email, leading the user to log in and subsequently ...

6.1CVSS6.2AI score0.00464EPSS
Exploits0References2Affected Software2
RedHat Linux
RedHat Linux
added 2022/11/08 9:32 a.m.5 views

kernel: brcmfmac: pcie: Release firmwares in the brcmf_pcie_setup error path

In the Linux kernel, the following vulnerability has been resolved: brcmfmac: pcie: Release firmwares in the brcmfpciesetup error path This avoids leaking memory if brcmfchipgetraminfo fails. Note that the CLM blob is released in the device remove path...

5.5CVSS6.3AI score0.00253EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/03 1:37 p.m.29 views

Security Bulletin: The IBM® Engineering Lifecycle Management products recommendation for Denial of Service due to Neko HTML in WebSphere Application Server Liberty (CVE-2022-24839)

Summary The IBM® Engineering Lifecycle Management products on WebSphere Application Server Liberty versions 17.0.0.3 - 22.0.0.10, vulnerbale to Denial of Service due to Neko HTML CVE-2022-24839. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected...

7.5CVSS7.3AI score0.02114EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/20 9:30 a.m.30 views

Security Bulletin: The IBM® Engineering Lifecycle Management products recommendation for IBM Java XML vulnerability CVE-2022-21299

Summary A flaw in the XML component allows attackers to inflict a denial-of-service and/or access external entities which should be inaccessible. Vulnerability is identified in Java versions 7.0.11.5 and earlier, 7.1.5.5 and earlier, 8.0.7.5 and earlier. Vulnerability Details Refer to the securit...

5.3CVSS5.8AI score0.03458EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/18 12:7 p.m.24 views

Security Bulletin: The IBM® Engineering Lifecycle Management products recommendation for Java CPU CVE-2021-35561

Summary Java version 7.0.11.5 and earlier, 7.1.5.5 and earlier, 8.0.7.6 and earlier are affected by a flaw in the java.util component allows an attacker to inflict a denial of service via malicious serialized data which triggers an OutOfMemoryError. Vulnerability Details Refer to the security...

5.3CVSS6.3AI score0.06468EPSS
Exploits0Affected Software1
Code423n4
Code423n4
added 2022/09/08 12:0 a.m.17 views

HARDCODED PRICES FOR STABLECOINS

Lines of code Vulnerability details Impact Hardcoded prices of stablecosins may open some arbitrage opportunities and produce many bad loans in CLM. Proof of Concept Hardcoding price of cUSDT and cUSDC as 1 may open some arbitrage opportunities when real price for each token is a little bit...

6.8AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2022/07/14 2:23 p.m.12 views

Security Bulletin: The IBM® SDK Java Technology Edition 8.0.7.5 contains additional security fixes that can be applied to IBM Continuous Engineering products based on IBM Jazz Technology

Summary There are security vulnerabilities that are addressed in the IBM® SDK Java Technology Edition 8.0.7.5. The following products: IBM Jazz Team Server affecting the following IBM Jazz Team Server based Applications: Collaborative Lifecycle Management CLM, Engineering Lifecycle Management ELM...

0.7AI score
Exploits0Affected Software2
The Hacker News
The Hacker News
added 2022/02/02 11:36 a.m.20 views

Cynet's Keys to Extend Threat Visibility

We hear about the need for better visibility in the cybersecurity space – detecting threats earlier and more accurately. We often hear about the dwell time and the time to identify and contain a data breach. Many of us are familiar with IBM's Cost of a Data Breach Report that has been tracking th...

Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2022/01/11 5:38 p.m.111 views

Security Bulletin: A Remote Attack Vulnerability in Apache Log4j affects Engineering Lifecycle Management and IBM Engineering products

Summary There is a high risk Remote Attack Vulnerability in Apache Log4j CVE-2021-44228 which is used by IBM Jazz Team Server affecting the following IBM Jazz Team Server based Applications: Engineering Lifecycle Management ELM, IBM Engineering Workflow Management EWM, IBM Engineering Systems...

10CVSS0.9AI score0.99999EPSS
Exploits354Affected Software9
IBM Security Bulletins
IBM Security Bulletins
added 2022/01/06 8:36 p.m.28 views

Security Bulletin: WebSphere Application Server is vulnerable to a denial of service which can impact IBM Engineering Lifecycle Management (ELM) products based on IBM Jazz technology

Summary WebSphere Application Server is vulnerable to a denial of service CVE-2021-38951. This may affect IBM Engineering Products based on IBM Jazz technology. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected...

7.5CVSS7.2AI score0.01521EPSS
Exploits0Affected Software10
The Hacker News
The Hacker News
added 2021/11/03 3:12 p.m.49 views

Product Overview - Cynet Centralized Log Management

For most organizations today, the logs produced by their security tools and environments provide a mixed bag. On the one hand, they can be a trove of valuable data on security breaches, vulnerabilities, attack patterns, and general security insights. On the other, organizations don't have the rig...

6.6AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2021/06/01 3:41 p.m.37 views

Security Bulletin: Multiple vulnerabilities in IBM WebSphere Appilcation Server and WebSphere Application Server Liberty affects IBM Engineering ELM products on IBM Jazz technology.

Summary There are multiple vulnerabilities in IBM WebSphere Application Server and WebSphere Application Server Liberty that affect IBM Engineering Products based on IBM Jazz technology. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Product...

8.8CVSS1AI score0.05162EPSS
Exploits4Affected Software5
IBM Security Bulletins
IBM Security Bulletins
added 2021/04/28 6:35 p.m.23 views

Security Bulletin: Vulnerability in WebSphere Application Server affects multiple IBM Rational products based on IBM Jazz technology (CVE-2016-3092)

Summary Apache Commons Fileupload vulnerability in WebSphere Application Server bundled with IBM Jazz Team Server based Applications affects multiple products: Collaborative Lifecycle Management CLM, Rational DOORS Next Generation RDNG, Rational Engineering Lifecycle Manager RELM, Rational Team...

7.8CVSS0.8AI score0.35927EPSS
Exploits0Affected Software6
IBM Security Bulletins
IBM Security Bulletins
added 2021/04/28 6:35 p.m.30 views

Security Bulletin: Information disclosure vulnerability in WebSphere Application Server Liberty affects multiple IBM Rational products based on IBM Jazz technology

Summary Information disclosure vulnerability in WebSphere Application Server Liberty bundled with IBM Jazz Team Server based Applications affects multiple products: Collaborative Lifecycle Management CLM, Rational DOORS Next Generation RDNG, Rational Engineering Lifecycle Manager RELM, Rational...

5.9CVSS0.2AI score0.03482EPSS
Exploits0Affected Software7
IBM Security Bulletins
IBM Security Bulletins
added 2021/04/28 6:35 p.m.28 views

Security Bulletin: Vulnerabilities affect multiple IBM Rational products based on IBM Jazz technology (CVE-2015-7440, CVE-2015-7453, CVE-2015-7471)

Summary Vulnerabilities in the IBM Jazz Foundation affects the following IBM Jazz Team Server based Applications: Collaborative Lifecycle Management CLM, Rational Requirements Composer RRC, Rational DOORS Next Generation RDNG, Rational Engineering Lifecycle Manager RELM, Rational Team Concert RTC...

7.8CVSS0.8AI score0.0087EPSS
Exploits0Affected Software8
Rows per page
Query Builder