145 matches found
Security Bulletin: IBM Engineering Requirements Management DOORS and DOORS Web Access is affected by multiple vulnerabilities
Summary This release addresses multiple security vulnerabilities across various components of IBM Engineering Requirements Management DOORS and DOORS Web Access product. Many vulnerabilities are rated Critical CVSS ≥ 9.0, including a Tomcat rewrite rule bypass CVE-2025-31651, Tomcat Improper...
CVE-2025-13734 IBM Engineering Requirements Management DOORS Next could allow an authenticated user to access and modify data beyond authorized permissions
IBM Engineering Requirements Management DOORS Next 7.1, and 7.2 could allow an authenticated user to view and edit data beyond their authorized access permissions...
CVE-2025-13734
IBM Engineering Requirements Management DOORS Next (versions 7.1 and 7.2) contains an access-control flaw (CWE-862) that could allow an authenticated user to view and edit data beyond their authorized permissions. The issue arises from insufficient authorization enforcement and has a CVSS v3.1 ba...
CVE-2023-45192
IBM Engineering Requirements Management DOORS Next 7.0.2 and 7.0.3 is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 268758...
Security Bulletin: The IBM® Engineering Lifecycle Management products using WebSphere Application Server and WebSphere Application Server Liberty are affected by SMTP injection due to Jakarta Mail (CVE-2025-7962)
Summary A vulnerability in javaMail-1.5, javaMail-1.6, mail-2.0, or mail-2.1 features affects IBM WebSphere Application Server Liberty 17.0.0.3 - 25.0.0.11 with specific features enabled. Following IBM® Engineering Lifecycle Management products are vulnerable to this attack, and addressed in this...
EUVD-2025-33896
IBM Engineering Requirements Management Doors Next 7.0.2, 7.0.3, and 7.1 could allow an authenticated user on the network to spoof email identity of the sender due to improper verification of source data...
CVE-2025-2138 IBM Engineering Requirements Management Doors Next data modification
IBM Engineering Requirements Management Doors Next 7.0.2, 7.0.3, and 7.1 could allow an authenticated user on the network to delete comments from other users due to client-side enforcement of server-side security...
CVE-2025-2139 IBM Engineering Requirements Management Doors Next security bypass
IBM Engineering Requirements Management Doors Next 7.0.2, 7.0.3, and 7.1 could allow an authenticated user on the network to delete reviews from other users due to client-side enforcement of server-side security...
CVE-2025-2140
CVE-2025-2140 affects IBM Engineering Requirements Management DOORS Next versions 7.0.2, 7.0.3, and 7.1. An authenticated network user could spoof the sender email identity due to improper verification of source data. The vulnerability has a CVSS v3.1 base score of 5.7 (I(H), A(N), C(N)) with imp...
IBM Engineering Requirements Management DOORS Next 安全漏洞
IBM Engineering Requirements Management DOORS Next is a scalable solution from International Business Machines IBM. The solution helps you capture, track, analyze, and manage systems and advanced IT application development. A security vulnerability exists in IBM Engineering Requirements Managemen...
IBM Engineering Requirements Management DOORS Next 安全漏洞
IBM Engineering Requirements Management DOORS Next is a scalable solution from International Business Machines IBM. The solution helps you capture, track, analyze, and manage systems and advanced IT application development. A security vulnerability exists in IBM Engineering Requirements Managemen...
EUVD-2021-16264
Malware in sbrugna...
EUVD-2021-16273
Malware in sbrugna...
EUVD-2020-25911
Malware in sbrugna...
EUVD-2021-25305
Malware in sbrugna...
EUVD-2021-16373
Malware in sbrugna...
EUVD-2023-32567
Malicious code in bioql PyPI...
EUVD-2025-5586
Malicious code in bioql PyPI...
EUVD-2025-5585
Malicious code in bioql PyPI...
EUVD-2024-54752
Malicious code in bioql PyPI...