898 matches found
CVE-2014-3009
The GDS component in IBM InfoSphere Master Data Management - Collaborative Edition 10.0 through 11.0 and InfoSphere Master Data Management Server for Product Information Management 9.0 and 9.1 does not properly handle FRAME elements, which makes it easier for remote authenticated users to conduct...
CVE-2014-0968
Cross-site scripting XSS vulnerability in the GDS component in IBM InfoSphere Master Data Management - Collaborative Edition 10.x and 11.x before 11.0 FP4 and InfoSphere Master Data Management Server for Product Information Management 9.0 and 9.1 allows remote authenticated users to inject...
CVE-2014-0968
CVE-2014-0968 affects IBM InfoSphere Master Data Management - Collaborative Edition (GDS) and MDM Server for Product Information Management. The root cause is improper validation of user-supplied input, enabling cross-site scripting via a crafted URL for an MHTML document. Affected products/versi...
CVE-2014-3064
CVE-2014-3064 affects IBM InfoSphere Master Data Management - Collaborative Edition (GDS component) and InfoSphere MDM Server for Product Information Management. A remote authenticated user can read arbitrary files via a crafted UNIX file parameter. Affected: Collaborative Edition v10.0/10.1/11.x...
CVE-2014-0970
IBM’s Security Bulletin confirms CVE-2014-0970 affects the GDS component of IBM InfoSphere Master Data Management - Collaborative Edition (versions 11.3, 11.0, 10.1 and 10.0) and IBM InfoSphere Master Data Management Server for Product Information Management (versions 9.1 and 9.0). The issue is a...
CVE-2014-0968
Cross-site scripting XSS vulnerability in the GDS component in IBM InfoSphere Master Data Management - Collaborative Edition 10.x and 11.x before 11.0 FP4 and InfoSphere Master Data Management Server for Product Information Management 9.0 and 9.1 allows remote authenticated users to inject...
Crowd-Sourced Threat Intelligence: AlienVault Open Threat Exchange™ (OTX)
For years, the systems and networks that run our businesses have been secured by the efforts of IT and security practitioners acting on their own. We continue to deploy the latest countermeasures, always trying to keep up with adversaries. Criminal attackers, on the other hand, have shared...
ACollab Multiple Vulnerabilities
No description provided by source. www.BugReport.ir AmnPardaz Security Research Team Title: ACollab Multiple Vulnerabilities Vendor: http://www.atutor.ca/acollab Vulnerable Version: 1.2 Latest version till now Exploitation: Remote with browser Fix: N/A - Description: ACollab as described by its...
Collaborative Portal Server 3.4 POS Parameter Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/17774/info Collaborative Portal Server is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to...
Entrans SQL Injection Vulnerablility
No description provided by source. Exploit Title: Entrans SQLi vulnerablility Date: 2010/9/27 Author: keracker Software Link: http://sourceforge.net/projects/entrans/ Software Description: Entrans is an online collaborative translation tool used for editing and translation of PO files. It provide...
IBM Rational Collaborative Lifecycle Management Products Unspecified Remote Code Execution
The version of at least one IBM Rational Collaborative Lifecycle Management component installed on the remote Windows host is 3.x prior to 3.0.1.6 iFix2 or 4.x prior to 4.0.6. It is, therefore, potentially affected by an unspecified remote code execution vulnerability in the Jazz Team Server. C...
CVE-2014-0862
Unspecified vulnerability in Jazz Team Server in IBM Rational Collaborative Lifecycle Management CLM 3.x before 3.0.1.6 iFix 2 and 4.x before 4.0.6 allows remote attackers to execute arbitrary code via unknown vectors...
Code injection
Unspecified vulnerability in Jazz Team Server in IBM Rational Collaborative Lifecycle Management CLM 3.x before 3.0.1.6 iFix 2 and 4.x before 4.0.6 allows remote attackers to execute arbitrary code via unknown vectors...
CVE-2014-0862
The CVE-2014-0862 entry concerns an unspecified remote-code-execution vulnerability in Jazz Team Server used by IBM Rational CLM components. Relevant fixed versions, per connected advisories, are: CLM 4.x before 4.0.6; CLM 3.x prior to 3.0.1.6 iFix 2. IBM advisories note CLM components affected i...
CVE-2013-5427
CVE-2013-5427 : IBM InfoSphere Master Data Management — Collaborative Edition (CD Edition) and related MDM Server for PIM are affected by a CSRF vulnerability. The IBM bulletin identifies the affected products/versions as: Collaborative Edition 10.x up to 11.0 (specifically 10.0, 10.1 with FP8, a...
Narrative Authentication System an Alternative to Passwords
Remember the age of text-based gaming where natural language phrasing would help you maneuver a character through scenes in a virtual world? In a gaming context, that has long been a dinosaur, replaced by intricate and massive online role-playing games. But researchers from Carleton University in...
[Faraday] Penetration Test IDE
Faraday introduces a new concept IPE Integrated Penetration-Test Environment a multiuser Penetration test IDE. Designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the...
CVE-2013-5426
Session fixation vulnerability in IBM InfoSphere Master Data Management - Collaborative Edition 10.x before 10.1 IF5 and 11.0 before IF1 and InfoSphere Master Data Management Server for Product Information Management 9.x before 9.1 IF11 allows remote authenticated users to hijack web sessions via...
CVE-2013-5426
CVE-2013-5426 affects IBM InfoSphere Master Data Management - Collaborative Edition (11.0, 10.1, 10.0) and IBM InfoSphere Master Data Management Server for Product Information Management (9.0, 9.1). The issue is a session-fixation vulnerability that could allow an authenticated attacker to hijack...
CVE-2013-4036
CVE-2013-4036 affects IBM InfoSphere Master Data Management products: InfoSphere Master Data Management Server for Product Information Management (PIM) versions 9.0/9.1 and Collaborative Edition (MDMCS) versions 10.0/10.1/11.0. The vulnerability is an XSS due to improper validation of user-suppli...