166 matches found
Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by OS Command Injection vulnerability (CVE-2016-0236)
Summary IBM Security Guardium Database Activity Monitor could allow an authenticated attacker to injection commands into the search field that will be executed as root. Vulnerability Details CVEID: CVE-2016-0236 DESCRIPTION: IBM Security Guardium Database Activity Monitor could allow an...
Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by Execution with Unnecessary Privileges vulnerability (CVE-2016-0328)
Summary IBM Security Guardium Database Activity Monitor could allow a local user to injection commands that would be executed with administrator privileges. Vulnerability Details CVEID: CVE-2016-0328 DESCRIPTION: IBM Security Guardium Database Activity Monitor could allow a local user to injectio...
Code injection
Moodle has a database activity export permission issue where the export function of the database activity module exports all entries even those from groups the user does not belong to...
CVE-2012-1155
Moodle has a database activity export permission issue where the export function of the database activity module exports all entries even those from groups the user does not belong to Versions 2.2 to 2.2.1+, 2.1 to 2.1.4+, 2.0 to 2.0.7+, 1.9 to 1.9.16+ are affected...
Default credentials
IBM Security Guardium 10.0, 10.0.1, 10.1, 10.1.2, 10.1.3, 10.1.4, and 10.5 Database Activity Monitor does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 132610...
Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by a Weak Passsword Policy vulnerability
Summary IBM Security Guardium Database Activity Monitor has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2017-1597 DESCRIPTION: IBM Security Guardium Database Activity Monitor does not require that users should have strong passwords by default, which makes it easier for...
Security Bulletin: Vulnerability in IBM Java Runtime affect IBM Guardium Database Activity Monitoring (CVE-2014-3566)
Summary Multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 6 that is used by IBM Guardium Database Activity Monitoring, were disclosed as part of the IBM Java SDK updates in October 2014. The only fix applicable was for Padding Oracle On Downgraded Legacy...
Security Bulletin: IBM InfoSphere Guardium Database Activity Monitor is affected by CVE-2014-0221, CVE-2014-0224, CVE-2014-0195, CVE-2014-0198, CVE-2010-5298, CVE-2014-3470
Summary Guardium appliance is RHEL 5.8 based and uses OpenSSL from Red Hat for communications between appliances. Vulnerability Details CVE-2014-0224 OpenSSL is vulnerable to a man-in-the-middle attack, caused by the use of weak keying material in SSL/TLS clients and servers. A remote attacker...
Security Bulletin: IBM InfoSphere Guardium Database Activity Monitor is affected by: CVE-2014-4263 and CVE-2014-4244
Summary An unspecified vulnerability related to the Security component has partial confidentiality impact, partial integrity impact, and no availability impact, reported on July 15, 2014. Vulnerability Details CVE-ID: CVE-2014-4263 DESCRIPTION: Unspecified vulnerability in Oracle Java SE 5.0u65,...
Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by a User Enumeration - CLI vulnerability (CVE-2017-1601)
Summary IBM Security Guardium Database Activity Monitor has addressed the following vulnerability Vulnerability Details CVEID: CVE-2017-1601 DESCRIPTION: IBM Security Guardium Database Activity Monitor does not require that users should have strong passwords by default, which makes it easier for...
Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by a Public disclosed vulnerability from Apache Struts vulnerability (CVE-2017-15707)
Summary IBM Security Guardium Database Activity Monitor has addressed the following vulnerability Vulnerability Details CVEID: CVE-2017-15707 DESCRIPTION: Apache Struts is vulnerable to a denial of service. By sending a specially crafted JSON request using outdated json-lib with the Struts REST...
Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by Insufficient Authorization Checks vulnerability (CVE-2018-1368 )
Summary IBM Security Guardium Database Activity Monitor has addressed the following vulnerability Vulnerability Details CVEID: CVE-2018-1368 DESCRIPTION: IBM Security Guardium Database Activity Monitor could allow a local user with low privileges to view report pages and perform some actions that...
Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by SQL Injection - gimservlet Vulnerability(CVE-2017-1757 )
Summary IBM Security Guardium Database Activity Monitor has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2017-1757 DESCRIPTION: IBM Security Identity Governance Virtual Appliance is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL...
Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by vulnerabilities in Oracle MySQL
Summary IBM Security Guardium Database Activity Monitor has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2017-3641 DESCRIPTION: An unspecified vulnerability in Oracle MySQL related to the Server: DML component could allow an authenticated attacker to cause a denial of...
Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by vulnerabilities in Oracle MySQL (Multiple CVEs)
Summary IBM Security Guardium Database Activity Monitor has addressed the following vulnerabilities Vulnerability Details CVEID: CVE-2017-3642 DESCRIPTION: An unspecified vulnerability in Oracle MySQL related to the Server: Optimizer component could allow an authenticated attacker to cause a deni...
Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by vulnerabilities in Oracle MySQL
Summary IBM Security Guardium Database Activity Monitor has addressed the following vulnerabilities Vulnerability Details CVEID: CVE-2017-3651 DESCRIPTION: An unspecified vulnerability in Oracle MySQL related to the Server Client mysqldump component could allow an authenticated attacker to cause ...
Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by vulnerabilities in Oracle MySQL
Summary IBM Security Guardium Database Activity Monitor has addressed the following vulnerabilities Vulnerability Details CVEID: CVE-2017-3641 DESCRIPTION: An unspecified vulnerability in Oracle MySQL related to the Server: DML component could allow an authenticated attacker to cause a denial of...
Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by Lack or Misconfiguration of Browser Security Header (CVE-2017-1600)
Summary IBM Security Guardium Database Activity Monitor is vulnerable to cross-site scripting. IBM Security Guardium Database Activity Monitor has fixed this vulenrability Vulnerability Details CVEID: CVE-2017-1600 DESCRIPTION: IBM Security Guardium Database Activity Monitor is vulnerable to...
Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by Sensitive Information Leakage vulenrability (CVE-2017-1595)
Summary IBM Security Guardium Database Activity Monitor could allow a local attacker to obtain sensitive information via unspecified vectors. IBM Security Guardium Database Activity Monitor has provided a fix for this vulnerability. Vulnerability Details CVEID: CVE-2017-1595 DESCRIPTION: IBM...
Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by Password Returned in HTTP Response vulnerability (CVE-2017-1596)
Summary IBM Security Guardium Database Activity Monitor could allow a local attacker to obtain sensitive information via unspecified vectors. IBM Security Guardium Database Activity Monitor has fixed this vulenrability. Vulnerability Details CVEID: CVE-2017-1596 DESCRIPTION: IBM Security Guardium...