48 matches found
DEBIAN-CVE-2024-26697
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix data corruption in dsync block recovery for small block sizes The helper function nilfsrecoverycopyblock of nilfsrecoverydsyncblocks, which recovers data from logs created by data sync writes during a mount after an...
Intel Unison Security Vulnerability
Intel Unison is an application from Intel Corporation USA used to synchronize various data before PCs and smartphones. A security vulnerability exists in Intel Unison software. An attacker exploiting this vulnerability could cause elevation of privilege, information disclosure, or denial of servi...
Intel Unison Security Vulnerability
Intel Unison is an application from Intel Corporation USA used to synchronize various data before PCs and smartphones. A security vulnerability exists in Intel Unison software. An attacker exploiting this vulnerability could cause elevation of privilege, information disclosure, or denial of servi...
Intel Unison Security Vulnerability
Intel Unison is an application from Intel Corporation USA used to synchronize various data before PCs and smartphones. A security vulnerability exists in Intel Unison software. An attacker exploiting this vulnerability could cause elevation of privilege, information disclosure, or denial of servi...
Security Bulletin: IBM QRadar Data Synchronization App for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities
Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM QRadar Data Synchronization App for IBM QRadar SIEM has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2022-46175 DESCRIPTION: JSON5 could...
IBM QRadar Data Synchronization App Encryption Issue Vulnerability
IBM QRadar Data Synchronization App is a data resiliency solution from IBM USA. An encryption issue vulnerability exists in IBM QRadar Data Synchronization App versions 1.0 through 3.0.1, which stems from the use of a weaker-than-expected encryption algorithm. An attacker could exploit the...
CVE-2022-22313
IBM QRadar Data Synchronization App 1.0 through 3.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 217370...
CVE-2022-22313
IBM QRadar Data Synchronization App 1.0 through 3.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 217370...
CVE-2022-22313 IBM QRadar Data Synchronization App information disclosure
IBM QRadar Data Synchronization App 1.0 through 3.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 217370...
CVE-2022-22313
CVE-2022-22313 affects IBM QRadar Data Synchronization App (versions 1.0–3.0.1). The issue is the use of weaker-than-expected cryptographic algorithms, which could allow an attacker to decrypt highly sensitive information. IBM’s security bulletin and multiple feeds confirm the root cause as encry...
PT-2023-12684 · Ibm · Ibm Qradar Data Synchronization App
Name of the Vulnerable Software and Affected Versions: IBM QRadar Data Synchronization App versions 1.0 through 3.0.1 Description: The issue is related to the use of weaker than expected cryptographic algorithms, which could allow an attacker to decrypt highly sensitive information...
IBM QRadar Data Synchronization App 加密问题漏洞
IBM QRadar Data Synchronization App is a data resiliency solution from IBM USA. An encryption issue vulnerability exists in IBM QRadar Data Synchronization App versions 1.0 through 3.0.1, which stems from the use of a weaker-than-expected encryption algorithm. An attacker could exploit the...
Vulnerabilities fixed in IBM QRadar SIEM
IBM fixed vulnerabilities in subcomponents of QRadar SIEM: Data Synchronization App, Use Case Manager app, QRadar Assistant app, Data Synchronization app and Wincollect agent. A malicious party can exploit the vulnerabilities to cause a denial-of-service, to gain access to sensitive data, or to...
Security Bulletin: IBM QRadar Data Synchronization App for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities
Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM QRadar Data Synchronization App for IBM QRadar SIEM has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2022-0235 DESCRIPTION: Node.js...
Security Bulletin: IBM QRadar Data Synchronization App for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities
Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM QRadar Data Synchronization App for IBM QRadar SIEM has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2022-22313 DESCRIPTION: IBM QRadar Dat...
_distributeProfit will use the stale globalIC.swingTraderCollateralDeficit()/swingTraderCollateralRatio(), which will result in incorrect profit distribution
Lines of code Vulnerability details Impact The distributeProfit called by handleProfit will use globalIC.swingTraderCollateralDeficit/swingTraderCollateralRatio when distributing profits, and the latest globalIC.swingTraderCollateralDeficit/swingTraderCollateralRatio needs to be used to ensure th...
StabilizerNode.stabilize uses stale GlobalImpliedCollateralService data, which will make stabilize incorrect
Lines of code Vulnerability details Impact In StabilizerNode.stabilize, impliedCollateralService.syncGlobalCollateral is called only at the end of the function to synchronize the GlobalImpliedCollateralService data. if !shouldAdjustSupplyexchangeRate, stabilizeToPeg lastStabilize = block.timestam...
Vulnerabilities fixed in IBM QRadar SIEM
Vulnerabilities have been fixed in the IBM QRadar Data Synchronization App for IBM QRadar SIEM. The vulnerabilities are are in underlying software and libraries, such as Node.js and SQLite. The vulnerabilities potentially enable a malicious person to able to perform attacks that result in the...
CVE-2021-32728
The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with a computer. Clients using the Nextcloud end-to-end encryption feature download the public and private key via an API endpoint. In versions prior to 3.3.0, the Nextcloud Desktop client fails to check if a privat...
Hebei OuRun TianTeng YunMengBar Network Studio YMBCMS Command Execution Vulnerability
YMBCMS is one of the self-developed products under Hebei OuRun TianTeng YunMengBar Network Studio.YMBCMS integrates computer station, cell phone station, WeChat public platform, small program, APP in one, sharing space, data synchronization and so on. Hebei OuRunTianTeng YunMengBar Network Studio...