Lucene search
K

3 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2024/03/27 9:25 a.m.23 views

Security Bulletin: Enterprise Content Manager System Monitor For March 2024 - Multiple CVE adressed

Summary Enterprise Content Manager System Monitor is vulnerable to multiple remote code execution and denial of service attacks in third party and open source used in the product for various functions. See full list below. The vulnerabilities have been addressed. Vulnerability Details...

9.8CVSS7.4AI score0.02921EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/22 7:13 p.m.41 views

Security Bulletin: Improper Restriction of XML External Entity Reference in liquibase prior to 4.8.0 Affects IBM Partner Engagement Manager (CVE-2022-0839)

Summary IBM Sterling Partner Engagement Manager uses Liquibase that is vulnerable to XML external entity processing, caused by improper validation of user-supplied input by the XMLChangeLogSAXParser function. A remote attacker could exploit this vulnerability to input a malicious XML reference to...

9.8CVSS7.9AI score0.02921EPSS
Exploits1Affected Software1
CVE
CVE
added 2022/03/04 2:25 p.m.243 views

CVE-2022-0839

CVE-2022-0839 affects Liquibase in liquibase/liquibase prior to 4.8.0, due to improper validation in XMLChangeLogSAXParser() that enables XML External Entity processing. This could allow a remote attacker to disclose sensitive information or perform SSRF. The documented remediation is to upgrade ...

9.8CVSS8.3AI score0.02921EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder