Security Bulletin: IBM Security Access Manager for Enterprise Single Sign-On may be vulnerable to arbitrary code execution due to Apache Log4j (CVE-2021-4104)

Summary Vulnerability in Apache Log4j CVE-2021-4104 may affect IBM Security Access Manager for Enterprise Single Sign-On. Although no known vulnerability impact has been proven, it is strongly recommended to apply the fix that upgrades log4j from version 1.x to version 2.1.17. Vulnerability Detai...

Security Bulletin: A security vulnerability has been identified in Xstream, which is a required product for IBM Tivoli Network Configuration Manager (CVE-2020-26258, CVE-2020-26259)

Summary A security vulnerability has been disclosed in the Xstream library , which is installed as part of IBM Tivoli Network Configuration Manager version 6.4.2. Information about this vulnerability has been published in a security bulletin. Vulnerability Details CVEID: CVE-2020-26258 DESCRIPTIO...

Code injection

Unspecified vulnerability in the Administrative Console in IBM WebSphere Application Server 6.1 before Fix Pack 13 has unknown impact and attack vectors, related to "security concerns with monitor role users." NOTE: it was later reported that 6.0.2 before Fix Pack 25 is also affected...

CVE-2007-6679

Unspecified vulnerability in the Administrative Console in IBM WebSphere Application Server 6.1 before Fix Pack 13 has unknown impact and attack vectors, related to "security concerns with monitor role users." NOTE: it was later reported that 6.0.2 before Fix Pack 25 is also affected...

IBM DB2 < 8.1 Fix Pack 13 CONNECT Processing Unspecified DoS

According to its version, the installation of IBM DB2 running on the remote host may crash in certain scenarios, such as when a user connects using a specially crafted ACCSEC command during the handshake process. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc...

IBM WebSphere Application Server 6.0.2.13之前版本多个漏洞

IBM Websphere Application Server是功能强大的WEB应用服务程序。 IBM Websphere Application Server 6.0.2.13之前版本存在多个安全问题，远程攻击者可以利用漏洞获得敏感信息或进行拒绝服务等攻击。 IBM Websphere Application Server 6.0.2 .9 IBM Websphere Application Server 6.0.2 .7 IBM Websphere Application Server 6.0.2 .5 IBM Websphere Application Server 6.0.2 ...