101 matches found
CVE-2020-6367
There is a reflected cross site scripting vulnerability in SAP NetWeaver Composite Application Framework, versions - 7.20, 7.30, 7.31, 7.40, 7.50. An unauthenticated attacker can trick an unsuspecting authenticated user to click on a malicious link. The end users browser has no way to know that t...
CVE-2020-6367
There is a reflected cross site scripting vulnerability in SAP NetWeaver Composite Application Framework, versions - 7.20, 7.30, 7.31, 7.40, 7.50. An unauthenticated attacker can trick an unsuspecting authenticated user to click on a malicious link. The end users browser has no way to know that t...
CVE-2020-6367
CVE-2020-6367 — Affected software and impact: SAP NetWeaver Composite Application Framework (CAF) across versions 7.20, 7.30, 7.31, 7.40, and 7.50 suffers a reflected cross-site scripting (XSS) vulnerability. An unauthenticated attacker can trick an authenticated user into clicking a malicious li...
SAP NetWeaver Composite Application Framework Cross-Site Scripting Vulnerability
SAP NetWeaver Composite Application Framework is a tool for using SAP cross-applications and composite applications following the Enterprise Services Architecture of SAP, Germany. A cross-site script execution vulnerability exists in SAP NetWeaver Composite Application Framework 7.20, 7.30, 7.31,...
Security Bulletin: A vulneraqbility in SQLite affects IBM Cloud Application Performance Managment R esponse Time Monitoring Agent (CVE-2020-15358)
Summary In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation. Vulnerability Details CVEID: CVE-2020-15358 DESCRIPTION: SQLite is vulnerable to a heap-based buffe...
Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Jan 2020 - CVE-2020-2601 affects IBM Tivoli Composite Application Manager for Transactions-Robotic Response Time
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 ,version 8, that is used by IBM Tivoli Composite Application Manager for Transactions - Robotic Response Time. CVE-2020-2601 was disclosed as part of the IBM Java SDK updates in January 2020. Vulnerability...
Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Jan 2020 - Includes Oracle Jan 2020 CPU affects IBM Tivoli Composite Application Manager for Transactions-Robotic Response Time
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 ,version 8, that is used by IBM Tivoli Composite Application Manager for Transactions - Robotic Response Time. These issues were disclosed as part of the IBM Java SDK updates in January 2020. Vulnerability...
Security Bulletin: A vulneraqbility in SQLite affects IBM Cloud Application Performance Managment R esponse Time Monitoring Agent (CVE-2020-9327)
Summary In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations. Vulnerability Details CVEID: CVE-2020-9327 DESCRIPTION: SQLite is vulnerable to a denial of service, caused by a NULL pointer...
Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Oct 2019 - Includes Oracle Oct 2019 CPU affects IBM Tivoli Composite Application Manager for Transactions-Robotic Response Time
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 ,version 8, that is used by IBM Tivoli Composite Application Manager for Transactions - Robotic Response Time. These issues were disclosed as part of the IBM Java SDK updates in October 2019. Vulnerability...
Security Bulletin: Addressing the Sqlite Vulnerability CVE-2020-11656, CVE-2020-11655
Summary IBM Tivoli Composite Application Manager ITCAM for Transactions - Transaction Tracking has addressed the following SQLite vulnerability: Vulnerability Details CVEID: CVE-2020-11656 DESCRIPTION: SQLite could allow a remote attacker to obtain sensitive information, caused by a use-after-fre...
Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect ITCAM for SOA (Jan 2020)
Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 6/7 used by ITCAM for SOA. ITCAM for SOA has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2020-2604 DESCRIPTION: An unspecified vulnerability in Java SE could allow an unauthenticated attacker ...
Security Bulletin: Addressing the Sqlite Vulnerability CVE-2019-16168, CVE-2019-19242 and CVE-2019-19244
Summary IBM Tivoli Composite Application Manager ITCAM for Transactions - Transaction Tracking has addressed the following SQLite vulnerability: Vulnerability Details CVEID: CVE-2019-16168 DESCRIPTION: SQLite is vulnerable to a denial of service, caused by missing validation of a sqlitestat1 sz...
Security Bulletin: A vulneraqbility in SQLite affects IBM Cloud Application Performance Managment R esponse Time Monitoring Agent (CVE-2019-16168)
Summary SQLite is vulnerable to a denial of service, caused by missing validation of a sqlitestat1 sz field in whereLoopAddBtreeIndex in sqlite3.c. By providing specially-crafted input, a remote attacker could exploit this vulnerability to cause the application to crash. Vulnerability Details...
Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Jul 2019 - Includes Oracle Jul 2019 CPU affects IBM Tivoli Composite Application Manager for Transactions-Robotic Response Time
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 ,version 8, that is used by IBM Tivoli Composite Application Manager for Transactions - Robotic Response Time. These issues were disclosed as part of the IBM Java SDK updates in July 2019. Vulnerability...
Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect ITCAM for SOA
Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 6/7 used by ITCAM for SOA. ITCAM for SOA has addressed the applicable CVEs. Vulnerability Details If you run your own Java code using the IBM Java Runtime delivered with this product, you should evaluate your cod...
Security Bulletin: Public disclosed vulnerability from SQLite CVE-2019-8457
Summary IBM Tivoli Composite Application Manager ITCAM for Transactions - Transaction Tracking has addressed the following SQLite vulnerability: SQLite could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow when the FTS3 extension is enabled. By using...
Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Apr 2019 - Includes Oracle Apr 2019 CPU affects IBM Tivoli Composite Application Manager for Transactions-Robotic Response Time
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 ,version 8, that is used by IBM Tivoli Composite Application Manager for Transactions - Robotic Response Time. These issues were disclosed as part of the IBM Java SDK updates in April 2019. Vulnerability...
Security Bulletin: Tivoli Composite Application Manager for Application Diagnostics Managing Server vulnerability (CVE-2014-0050)
Summary The following security vulnerability has been resolved in the ITCAM for Application Diagnostics Managing Server. This vunlerability could have caused the denial of service. Vulnerability Details CVE ID: CVE-2014-0050 DESCRIPTION: Apache Commons FileUpload and Tomcat are vulnerable to a...
Security Bulletin: A security vulnerability has been identified in an IBM Tivoli Monitoring shared component shipped with IBM Tivoli Composite Application Manager for J2EE (CVE-2014-0411).
Summary An IBM Tivoli Monitoring shared component is included as part of IBM Tivoli Composite Application Manager for J2EE. Information about a security vulnerability affecting an IBM Tivoli Monitoring shared component has been published in a security bulletin. Vulnerability Details Please consul...
Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Jan 2019 - Includes Oracle Jan 2019 CPU affects IBM Tivoli Composite Application Manager for Transactions-Robotic Response Time
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 ,version 8, that is used by IBM Tivoli Composite Application Manager for Transactions - Robotic Response Time. These issues were disclosed as part of the IBM Java SDK updates in Jan 2019. Vulnerability...