Lucene search
K

13 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2021/04/28 6:35 p.m.33 views

Security Bulletin: Security vulnerabilities affect multiple IBM Rational products based on IBM Jazz technology

Summary Multiple security vulnerabilities affect components used by the following products that may affect those products: Collaborative Lifecycle Management CLM, Rational DOORS Next Generation RDNG, Rational Engineering Lifecycle Manager RELM, Rational Team Concert RTC, Rational Quality Manager...

9.8CVSS1AI score0.94774EPSS
Exploits4Affected Software8
IBM Security Bulletins
IBM Security Bulletins
added 2021/04/28 6:35 p.m.29 views

Security Bulletin: Multiple Security Vulnerabilities affect IBM® Rational® Quality Manager

Summary IBM® Rational® Quality Manager is vulnerable to multiple security vulnerabilities. Vulnerability Details CVEID: CVE-2019-10173 DESCRIPTION: xstream API could allow a remote attacker to execute arbitrary commands on the system, caused by insecure XML deserialization. By sending a...

9.8CVSS0.8AI score0.94774EPSS
Exploits4Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2020/11/18 8:31 p.m.44 views

Security Bulletin: CVE-2019-10173CVE-2019-10173 xstream API If the security framework has not been initialized, it may allow a remote attacker to run arbitrary shell commands

Summary CVE-2019-10173 xstream API If the security framework has not been initialized, it may allow a remote attacker to run arbitrary shell commands Vulnerability Details CVEID: CVE-2019-10173 DESCRIPTION: xstream API could allow a remote attacker to execute arbitrary commands on the system,...

9.8CVSS2.4AI score0.94774EPSS
Exploits4Affected Software1
RedHat Linux
RedHat Linux
added 2020/03/05 12:53 p.m.56 views

Important: Red Hat Security Advisory: Red Hat Data Grid 7.3.3 security update

An update for Red Hat Data Grid is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

9.8CVSS7.7AI score0.94774EPSS
Exploits15References15
Check Point Advisories
Check Point Advisories
added 2020/02/26 12:0 a.m.2 views

XStream Library Insecure Deserialization (CVE-2019-10173)

An insecure serialization vulnerability exists in XStream Library. The vulnerability is due to insufficient validation of event handler type in user-supplied XML data. A remote attacker could exploit this vulnerability by sending specially crafted XML file to the affected application. Successful...

7.5CVSS3.9AI score0.94774EPSS
Exploits4
RedHat Linux
RedHat Linux
added 2019/12/19 5:37 p.m.54 views

Important: Red Hat Security Advisory: Red Hat JBoss Fuse/A-MQ 6.3 R14 security and bug fix update

An update is now available for Red Hat JBoss Fuse 6.3 and Red Hat JBoss A-MQ 6.3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS7.7AI score0.94774EPSS
Exploits7References11
IBM Security Bulletins
IBM Security Bulletins
added 2019/11/20 5:14 p.m.47 views

Security Bulletin: XStream as used by IBM QRadar SIEM is vulnerable to OS command injection (CVE-2019-10173)

Summary XStream as used by IBM QRadar SIEM is vulnerable to OS command injection Vulnerability Details CVEID: CVE-2019-10173 DESCRIPTION: It was found that xstream API version 1.4.10 before 1.4.11 introduced a regression for a previous deserialization flaw. If the security framework has not been...

9.8CVSS1.3AI score0.94774EPSS
Exploits9Affected Software1
RedHat Linux
RedHat Linux
added 2019/11/14 9:17 p.m.144 views

Important: Red Hat Security Advisory: Red Hat Fuse 7.5.0 security update

A minor version update from 7.4 to 7.5 is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...

10CVSS7.9AI score0.94774EPSS
Exploits20References30
NVD
NVD
added 2019/07/23 1:15 p.m.21 views

CVE-2019-10173

It was found that xstream API version 1.4.10 before 1.4.11 introduced a regression for a previous deserialization flaw. If the security framework has not been initialized, it may allow a remote attacker to run arbitrary shell commands when unmarshalling XML or any supported format. e.g. JSON...

9.8CVSS8.6AI score0.94774EPSS
Exploits4References11
CVE
CVE
added 2019/07/23 12:50 p.m.212 views

CVE-2019-10173

XStream library vulnerability CVE-2019-10173 affects version 1.4.10 prior to 1.4.11, introducing a regression of CVE-2013-7285 where, if the security framework is not initialized, a remote attacker can execute arbitrary shell commands during unmarshalling XML or other supported formats (e.g., JSO...

9.8CVSS9.5AI score0.94774EPSS
Exploits4References11Affected Software1
RedHat Linux
RedHat Linux
added 2019/07/22 2:53 p.m.153 views

Important: Red Hat Security Advisory: Red Hat Decision Manager 7.4.0 Security Update

An update is now available for Red Hat Decision Manager. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links i...

10CVSS7.6AI score0.94774EPSS
Exploits9References14
RedHat Linux
RedHat Linux
added 2019/07/22 2:53 p.m.108 views

Important: Red Hat Security Advisory: Red Hat Process Automation Manager 7.4.0 Security Update

An update is now available for Red Hat Process Automation Manager. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

10CVSS7.6AI score0.94774EPSS
Exploits9References14
RedhatCVE
RedhatCVE
added 2019/07/22 2:36 p.m.63 views

CVE-2019-10173

It was found that xstream API version 1.4.10 introduced a regression for a previous deserialization flaw. If the security framework has not been initialized, it may allow a remote attacker to run arbitrary shell commands when unmarshalling XML or any supported format. This a regression of...

9.8CVSS6AI score0.94774EPSS
Exploits9References2
Rows per page
Query Builder