Security Bulletin: Vulnerability in Spring Framework affects IBM Tivoli Application Dependency Discovery Manager (CVE-2023-20863).

Summary Vulnerability in Spring Framework affects IBM Tivoli Application Dependency Discovery Manager CVE-2023-20863. IBM has addressed the vulnerabilities. Vulnerability Details CVEID:CVE-2023-20863 DESCRIPTION: VMware Tanzu Spring Framework is vulnerable to a denial of service, caused by improp...

AIX is affected by a denial of service due to Python

IBM SECURITY ADVISORY First Issued: Thu Dec 22 10:15:28 CST 2022 The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/pythonadvisory3.asc https://aix.software.ibm.com/aix/efixes/security/pythonadvisory3.asc...

Security Bulletin: Vulnerability in Apache Log4j affects IBM Spectrum Scale for IBM Elastic Storage Server (CVE-2021-44228)

Summary A vulnerability in Apache Log4j could allow an attacker to execute arbitrary code on the system. This library is used by the Graphical User Interface GUI of IBM Spectrum Scale for IBM Elastic Storage Server for logging . This vulnerability may affect IBM Spectrum Scale for IBM Elastic...

Security Bulletin: Power Hardware Management Console is Affected by Vulnerabilities in OpenSSL (CVE-2014-0224, CVE-2014-0221, CVE- 2014-0195, CVE-2014-0198, CVE-2010-5298, CVE-2014-3470)

Summary Security vulnerabilities have been discovered in OpenSSL. Vulnerability Details CVE-ID: CVE-2014-0224 DESCRIPTION: OpenSSL is vulnerable to a man-in-the-middle attack, caused by the use of weak keying material in SSL/TLS clients and servers. A remote attacker could exploit this...

Security Bulletin: Vulnerability in Spring Framework affects IBM Tivoli Application Dependency Discovery Manager (TADDM) (CVE-2018-15756)

Summary Vulnerability in Spring Framework affects IBM Tivoli Application Dependency Discovery Manager. Vulnerability Details CVE-ID: CVE-2018-15756 Description: Pivotal Spring Framework is vulnerable to a denial of service, caused by improper handling of range request by the...

Security Bulletin: Open Source Apache Tomcat vulnerabilities affect IBM Tivoli Application Dependency Discovery Manager (TADDM) (CVE-2018-11784)

Summary Multiple vulnerabilities in Open Source Apache Tomcat reported by The Apache Software Foundation affect IBM Tivoli Application Dependency Discovery Manager Vulnerability Details CVEID: CVE-2018-11784 DESCRIPTION: Apache Tomcat could allow a remote attacker to conduct phishing attacks,...

Security Bulletin: Open Source Apache Tomcat vulnerabilities affect IBM Tivoli Application Dependency Discovery Manager (TADDM) (CVE-2017-15698, CVE-2017-15706, CVE-2018-1304, CVE-2018-1305)

Summary Multiple vulnerabilities in Open Source Apache Tomcat reported by The Apache Software Foundation affect IBM Tivoli Application Dependency Discovery Manager Vulnerability Details CVEID: CVE-2017-15706 DESCRIPTION: Apache Tomcat could provide weaker than expected security, caused by the...

Security Bulletin: Open Source Apache Tomcat vulnerabilities affect IBM Tivoli Application Dependency Discovery Manager (TADDM) (CVE-2017-5648, CVE-2017-5647)

Summary Multiple vulnerabilities in Open Source Apache Tomcat reported by The Apache Software Foundation affect IBM Tivoli Application Dependency Discovery Manager Vulnerability Details CVEID: CVE-2017-5648 DESCRIPTION: Apache Tomcat could allow a remote attacker to bypass security restrictions,...

Security Bulletin: Open Source Apache Tomcat vulnerability affects IBM Tivoli Application Dependency Discovery Manager (TADDM) (CVE-2016-3092)

Summary This vulnerability to Open Source Apache Tomcat was reported by The Apache Software Foundation on 20 June 2016. Vulnerability Details CVEID: CVE-2016-3092 DESCRIPTION: Apache Tomcat is vulnerable to a denial of service, caused by an error in the Apache Commons FileUpload component. By...

Security Bulletin: Vulnerability in Apache Commons affects IBM Tivoli Application Dependency Discovery Manager (TADDM) (CVE-2015-7450)

Summary An Apache Commons Collections vulnerability for handling Java object deserialization was addressed by TADDM. Vulnerability Details CVEID: CVE-2015-7450 DESCRIPTION: Apache Commons Collections could allow a remote attacker to execute arbitrary code on the system, caused by the...

Security Bulletin: IBM Tivoli Application Dependency Discovery Manager (TADDM) is vulnerable to cross-site scripting (CVE-2014-6150)

Summary IBM Tivoli Application Dependency Discovery Manager is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. Vulnerability Details CVE ID: CVE-2014-6150 DESCRIPTION: A remote attacker could exploit this vulnerability using a specially-crafted URL to...

IBM AIX/Virtual I/O Server OpenSSH AES-GCM密文特权提升漏洞

CVE ID:CVE-2013-4548 IBM AIX是一款商业性质的操作系统。 IBM AIX / Virtual I/O Server包含的OpenSSH存在安全漏洞密钥交换过程中选择AES-GCM密文存在错误，允许恶意本地用户利用漏洞提升权限。 0 IBM AIX 5.x IBM AIX 6.x IBM AIX 7.x IBM Virtual I/O Server VIOS 1.x IBM Virtual I/O Server VIOS 2.x 厂商补丁： IBM ----- 用户可参考如下厂商提供的安全公告获取补丁以修复该漏洞：...