Lucene search
K

101 matches found

OSV
OSV
added 2020/10/20 2:15 p.m.3 views

CVE-2020-6367

There is a reflected cross site scripting vulnerability in SAP NetWeaver Composite Application Framework, versions - 7.20, 7.30, 7.31, 7.40, 7.50. An unauthenticated attacker can trick an unsuspecting authenticated user to click on a malicious link. The end users browser has no way to know that t...

6.1CVSS6.3AI score0.00818EPSS
Exploits0References2
Cvelist
Cvelist
added 2020/10/20 1:32 p.m.16 views

CVE-2020-6367

There is a reflected cross site scripting vulnerability in SAP NetWeaver Composite Application Framework, versions - 7.20, 7.30, 7.31, 7.40, 7.50. An unauthenticated attacker can trick an unsuspecting authenticated user to click on a malicious link. The end users browser has no way to know that t...

8.2CVSS6.2AI score0.00818EPSS
Exploits0References2
CVE
CVE
added 2020/10/20 1:32 p.m.45 views

CVE-2020-6367

CVE-2020-6367 — Affected software and impact: SAP NetWeaver Composite Application Framework (CAF) across versions 7.20, 7.30, 7.31, 7.40, and 7.50 suffers a reflected cross-site scripting (XSS) vulnerability. An unauthenticated attacker can trick an authenticated user into clicking a malicious li...

8.2CVSS6.1AI score0.00818EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2020/10/19 12:0 a.m.2 views

SAP NetWeaver Composite Application Framework Cross-Site Scripting Vulnerability

SAP NetWeaver Composite Application Framework is a tool for using SAP cross-applications and composite applications following the Enterprise Services Architecture of SAP, Germany. A cross-site script execution vulnerability exists in SAP NetWeaver Composite Application Framework 7.20, 7.30, 7.31,...

8.2CVSS6.6AI score0.00818EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2020/09/22 2:34 a.m.49 views

Security Bulletin: A vulneraqbility in SQLite affects IBM Cloud Application Performance Managment R esponse Time Monitoring Agent (CVE-2020-15358)

Summary In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation. Vulnerability Details CVEID: CVE-2020-15358 DESCRIPTION: SQLite is vulnerable to a heap-based buffe...

5.5CVSS1.5AI score0.01027EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/08/21 9:43 a.m.38 views

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Jan 2020 - CVE-2020-2601 affects IBM Tivoli Composite Application Manager for Transactions-Robotic Response Time

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 ,version 8, that is used by IBM Tivoli Composite Application Manager for Transactions - Robotic Response Time. CVE-2020-2601 was disclosed as part of the IBM Java SDK updates in January 2020. Vulnerability...

6.8CVSS1AI score0.04196EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/08/21 9:37 a.m.29 views

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Jan 2020 - Includes Oracle Jan 2020 CPU affects IBM Tivoli Composite Application Manager for Transactions-Robotic Response Time

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 ,version 8, that is used by IBM Tivoli Composite Application Manager for Transactions - Robotic Response Time. These issues were disclosed as part of the IBM Java SDK updates in January 2020. Vulnerability...

8.1CVSS2.1AI score0.04903EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/08/12 3:46 a.m.25 views

Security Bulletin: A vulneraqbility in SQLite affects IBM Cloud Application Performance Managment R esponse Time Monitoring Agent (CVE-2020-9327)

Summary In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations. Vulnerability Details CVEID: CVE-2020-9327 DESCRIPTION: SQLite is vulnerable to a denial of service, caused by a NULL pointer...

7.5CVSS1.9AI score0.03683EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/28 3:18 p.m.49 views

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Oct 2019 - Includes Oracle Oct 2019 CPU affects IBM Tivoli Composite Application Manager for Transactions-Robotic Response Time

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 ,version 8, that is used by IBM Tivoli Composite Application Manager for Transactions - Robotic Response Time. These issues were disclosed as part of the IBM Java SDK updates in October 2019. Vulnerability...

9.1CVSS1.2AI score0.03749EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/17 3:48 p.m.44 views

Security Bulletin: Addressing the Sqlite Vulnerability CVE-2020-11656, CVE-2020-11655

Summary IBM Tivoli Composite Application Manager ITCAM for Transactions - Transaction Tracking has addressed the following SQLite vulnerability: Vulnerability Details CVEID: CVE-2020-11656 DESCRIPTION: SQLite could allow a remote attacker to obtain sensitive information, caused by a use-after-fre...

9.8CVSS1.2AI score0.07407EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/05/07 4:6 p.m.59 views

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect ITCAM for SOA (Jan 2020)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 6/7 used by ITCAM for SOA. ITCAM for SOA has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2020-2604 DESCRIPTION: An unspecified vulnerability in Java SE could allow an unauthenticated attacker ...

8.1CVSS2.1AI score0.04903EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/03/03 2:28 p.m.56 views

Security Bulletin: Addressing the Sqlite Vulnerability CVE-2019-16168, CVE-2019-19242 and CVE-2019-19244

Summary IBM Tivoli Composite Application Manager ITCAM for Transactions - Transaction Tracking has addressed the following SQLite vulnerability: Vulnerability Details CVEID: CVE-2019-16168 DESCRIPTION: SQLite is vulnerable to a denial of service, caused by missing validation of a sqlitestat1 sz...

7.5CVSS1.8AI score0.04253EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/01/21 2:51 a.m.33 views

Security Bulletin: A vulneraqbility in SQLite affects IBM Cloud Application Performance Managment R esponse Time Monitoring Agent (CVE-2019-16168)

Summary SQLite is vulnerable to a denial of service, caused by missing validation of a sqlitestat1 sz field in whereLoopAddBtreeIndex in sqlite3.c. By providing specially-crafted input, a remote attacker could exploit this vulnerability to cause the application to crash. Vulnerability Details...

6.5CVSS0.6AI score0.04253EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/09/06 5:5 a.m.28 views

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Jul 2019 - Includes Oracle Jul 2019 CPU affects IBM Tivoli Composite Application Manager for Transactions-Robotic Response Time

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 ,version 8, that is used by IBM Tivoli Composite Application Manager for Transactions - Robotic Response Time. These issues were disclosed as part of the IBM Java SDK updates in July 2019. Vulnerability...

9.8CVSS0.5AI score0.09393EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/08/23 7:45 a.m.23 views

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect ITCAM for SOA

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 6/7 used by ITCAM for SOA. ITCAM for SOA has addressed the applicable CVEs. Vulnerability Details If you run your own Java code using the IBM Java Runtime delivered with this product, you should evaluate your cod...

8.4CVSS1.1AI score0.0045EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/08/05 7:7 p.m.150 views

Security Bulletin: Public disclosed vulnerability from SQLite CVE-2019-8457

Summary IBM Tivoli Composite Application Manager ITCAM for Transactions - Transaction Tracking has addressed the following SQLite vulnerability: SQLite could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow when the FTS3 extension is enabled. By using...

9.8CVSS1.2AI score0.45426EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/07/11 5:15 a.m.25 views

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Apr 2019 - Includes Oracle Apr 2019 CPU affects IBM Tivoli Composite Application Manager for Transactions-Robotic Response Time

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 ,version 8, that is used by IBM Tivoli Composite Application Manager for Transactions - Robotic Response Time. These issues were disclosed as part of the IBM Java SDK updates in April 2019. Vulnerability...

9CVSS0.9AI score0.37618EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/05/10 2:33 p.m.18 views

Security Bulletin: Tivoli Composite Application Manager for Application Diagnostics Managing Server vulnerability (CVE-2014-0050)

Summary The following security vulnerability has been resolved in the ITCAM for Application Diagnostics Managing Server. This vunlerability could have caused the denial of service. Vulnerability Details CVE ID: CVE-2014-0050 DESCRIPTION: Apache Commons FileUpload and Tomcat are vulnerable to a...

7.5CVSS0.2AI score0.83175EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/05/10 2:33 p.m.43 views

Security Bulletin: A security vulnerability has been identified in an IBM Tivoli Monitoring shared component shipped with IBM Tivoli Composite Application Manager for J2EE (CVE-2014-0411).

Summary An IBM Tivoli Monitoring shared component is included as part of IBM Tivoli Composite Application Manager for J2EE. Information about a security vulnerability affecting an IBM Tivoli Monitoring shared component has been published in a security bulletin. Vulnerability Details Please consul...

1.3AI score0.02414EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/04/26 7:55 a.m.22 views

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Jan 2019 - Includes Oracle Jan 2019 CPU affects IBM Tivoli Composite Application Manager for Transactions-Robotic Response Time

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 ,version 8, that is used by IBM Tivoli Composite Application Manager for Transactions - Robotic Response Time. These issues were disclosed as part of the IBM Java SDK updates in Jan 2019. Vulnerability...

9.8CVSS1.1AI score0.05074EPSS
Exploits2Affected Software1
Rows per page
Query Builder