Lucene search
K

77 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2021/02/04 7:12 a.m.30 views

Security Bulletin: Vulnerabilities in Websphere Liberty server (WLP) affects IBM Cloud Application Business Insights

Summary Vulnerabilities in Websphere Liberty server WLP affects IBM Cloud Application Business Insights Vulnerability Details CVEID: CVE-2020-4590 DESCRIPTION: IBM WebSphere Application Server Liberty 17.0.0.3 through 20.0.0.9 running oauth-2.0 or openidConnectServer-1.0 server features is...

6.5CVSS1.6AI score0.01241EPSS
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/12/18 12:0 a.m.8 views

The vulnerability of the cloud-based application for video digitization, annotation, and format conversion in Adobe Prelude lies in the recording beyond buffer boundaries in memory, allowing an attacker to execute arbitrary code.

The vulnerability of the cloud-based application for video digitization, annotation, and Adobe Prelude format conversion involves writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code in the context of the current use...

10CVSS7.9AI score0.03966EPSS
Exploits0References3Affected Software1
The Hacker News
The Hacker News
added 2020/11/09 2:1 p.m.5 views

Worried About SaaS Misconfigurations? Check These 5 Settings Everybody Misses

Enterprises depend on SaaS applications for countless functions, like collaboration, marketing, file sharing, and more. But problematically, they often lack the resources to configure those apps to prevent cyberattacks, data exfiltration, and other risks. Catastrophic and costly data breaches...

5.9AI score
Exploits0
Hacker One
Hacker One
added 2020/11/05 2:54 p.m.15 views

Mail.ru: Disk-o Cloud application (Windows) does not validate server certificate on a TLS connection

A debugging/staging functionality disabling TLS certificate check was accidentally enabled in production code for Disk-O 20.10.0133, fixed in version 20.11.0006. 21.04 version adds integrity check for update process...

4.7AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2020/09/22 2:34 a.m.49 views

Security Bulletin: A vulneraqbility in SQLite affects IBM Cloud Application Performance Managment R esponse Time Monitoring Agent (CVE-2020-15358)

Summary In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation. Vulnerability Details CVEID: CVE-2020-15358 DESCRIPTION: SQLite is vulnerable to a heap-based buffe...

5.5CVSS1.5AI score0.01027EPSS
Exploits1Affected Software1
Microsoft Secure
Microsoft Secure
added 2020/06/18 6:0 p.m.27 views

Barracuda and Microsoft: Securing applications in public cloud

This blog post is part of the Microsoft Intelligence Security Association guest blog series. To learn more about MISA, go here. Barracuda Cloud Application Protection CAP platform features integrations with Microsoft Azure Active Directory Azure AD and Azure Security Center. A component of CAP,...

0.1AI score
Exploits0
Imperva Blog
Imperva Blog
added 2020/05/18 1:42 p.m.38 views

Cloud Compliance – A Top Challenge for organizations

Regulatory compliance violations are among the top three biggest Cloud Application Security challenges for organizations, according to the CyberEdge Group’s ‘2020 Cyberthreat Defense Report’. Equally concerning are ‘Limitations of cloud service provider’s security tools’ which come in joint secon...

6.7AI score
Exploits0
Imperva Blog
Imperva Blog
added 2020/04/27 9:34 a.m.52 views

Advanced Bot Protection integrated into Imperva’s Cloud Application Security

Today, Imperva announced the general availability of Advanced Bot Protection that now fully integrates the industry-leading bot protection technology into its Cloud Application Security platform. By integrating Advanced Bot Protection this enables true defense-in-depth security by delivering bot...

7.1AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2020/03/20 5:1 a.m.23 views

Security Bulletin: Multiple vulnerabilities in the IBM SDK, Java Technology Edition affects IBM Performance Management products

Summary Multiple vulnerabilities in the Oracle Java SE and the Java SE Embedded impact the IBM SDK, Java Technology Edition. Vulnerability Details CVEID: CVE-2020-2593 DESCRIPTION: An unspecified vulnerability in Java SE related to the Java SE Networking component could allow an unauthenticated...

8.1CVSS0.5AI score0.04903EPSS
Exploits0Affected Software1
Talos
Talos
added 2020/03/09 12:0 a.m.69 views

WAGO PFC200 Cloud Connectivity Remote Code Execution Vulnerability

Summary An exploitable remote code execution vulnerability exists in the Cloud Connectivity functionality of WAGO PFC200. A specially crafted XML file will direct the Cloud Connectivity service to download and execute a shell script with root privileges. Tested Versions WAGO PFC200 Firmware versi...

9.1CVSS9.4AI score0.02508EPSS
Exploits1
CNVD
CNVD
added 2020/02/29 12:0 a.m.2 views

Information leakage vulnerability with the application of the Citizen Cloud App

With the application of the Citizen Cloud APP is a life service platform designed for Shanghai citizens. There is an information leakage vulnerability in the APP, which can be exploited by attackers to obtain the user's corresponding ID card information...

6.6AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2020/01/21 2:51 a.m.33 views

Security Bulletin: A vulneraqbility in SQLite affects IBM Cloud Application Performance Managment R esponse Time Monitoring Agent (CVE-2019-16168)

Summary SQLite is vulnerable to a denial of service, caused by missing validation of a sqlitestat1 sz field in whereLoopAddBtreeIndex in sqlite3.c. By providing specially-crafted input, a remote attacker could exploit this vulnerability to cause the application to crash. Vulnerability Details...

6.5CVSS0.6AI score0.04253EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/10/24 5:48 p.m.25 views

Security Bulletin: A vulnerability in IBM Websphere Application Server affects the IBM Performance Management product (CVE-2018-1901)

Summary IBM WebSphere Application Server could allow a remote attacker to temporarily gain elevated privileges on the system, caused by incorrect cached value being used. Vulnerability Details CVEID: CVE-2018-1901 DESCRIPTION: IBM WebSphere Application Server could allow a remote attacker to...

8.8CVSS0.9AI score0.01504EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/10/24 5:37 p.m.15 views

Security Bulletin: A vulnerability in IBM Websphere Application Server affects the IBM Performance Management product (CVE-2019-4046)

Summary IBM WebSphere Application Server is vulnerable to a denial of service, caused by improper handling of request headers. A remote attacker could exploit this vulnerability to cause the consumption of Memory. IBM Performance Management has addressed the applicable CVE. Vulnerability Details...

7.5CVSS1.2AI score0.0322EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/10/24 5:36 p.m.38 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Performance Management products

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition used by IBM Monitoring. IBM Monitoring has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2019-2684 DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the Java SE, Java SE Embedded...

8.1CVSS1AI score0.37618EPSS
Exploits2Affected Software1
Positive Technologies
Positive Technologies
added 2019/09/17 12:0 a.m.5 views

PT-2019-16891 · Ibm · Ibm Application Performance Management

Name of the Vulnerable Software and Affected Versions: IBM Cloud Application Performance Management version 8.1.4 Description: A remote attacker could hijack the clicking action of a victim by persuading them to visit a malicious Web site, potentially launching further attacks against the victim...

6.1CVSS6.2AI score0.01194EPSS
Exploits0References3
Prion
Prion
added 2019/08/16 5:15 p.m.22 views

Design/Logic Flaw

Creative Cloud Desktop Application 4.6.1 and earlier versions have an insecure transmission of sensitive data vulnerability. Successful exploitation could lead to information leakage...

5CVSS7.7AI score0.0367EPSS
Exploits0References1Affected Software1
Imperva Blog
Imperva Blog
added 2019/08/01 4:0 p.m.34 views

Stronger Together, Red Hat 3scale Integration

Most enterprises today rely on customers accessing their applications to conduct daily business. These enterprises know by now that application programming interfaces APIs are becoming more common than ever before to enable communication between applications and end users. Even though they are...

Exploits0
Prion
Prion
added 2019/07/03 7:15 p.m.16 views

Design/Logic Flaw

In several versions of JetBrains IntelliJ IDEA Ultimate, creating run configurations for cloud application servers leads to saving a cleartext unencrypted record of the server credentials in the IDE configuration files. If the Settings Repository plugin was then used and configured to synchronize...

4.3CVSS8AI score0.01153EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/07/03 6:40 p.m.170 views

CVE-2019-9872

CVE-2019-9872 affects JetBrains IntelliJ IDEA Ultimate. When creating run configurations for cloud application servers, credentials could be saved in plaintext in IDE configuration files. If the Settings Repository plugin was used to synchronize settings to a public repository, these credentials ...

8.1CVSS8AI score0.01153EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder