Security Bulletin: Vulnerabilities in IBM WebSphere Application Server and WebSphere Application Server Liberty affect IBM Watson Explorer (CVE-2024-22354)

Summary IBM WebSphere Application Server and IBM WebSphere Application Server Liberty is used by IBM Watson Explorer. IBM Watson Explorer has addressed the applicable CVE CVE-2024-22354. Vulnerability Details CVEID:CVE-2024-22354 DESCRIPTION: IBM WebSphere Application Server 8.5, 9.0 and IBM...

Security Bulletin: A security vulnerability has been disclosed in Expat, which is installed as part of IBM Tivoli Network Manager (CVE-2023-52425).

Summary A security vulnerability has been disclosed in the Expat library libexpat, which is installed as part of IBM Tivoli Network Manager. Information about this vulnerability has been published in a security bulletin. Vulnerability Details CVEID:CVE-2023-52425 DESCRIPTION: libexpat is vulnerab...

CVE-2024-25610

In Liferay Portal 7.2.0 through 7.4.3.12, and older unsupported versions, and Liferay DXP 7.4 before update 9, 7.3 before update 4, 7.2 before fix pack 19, and older unsupported versions, the default configuration does not sanitize blog entries of JavaScript, which allows remote authenticated use...

Security Bulletin: Due to the use of XStream, IBM Tivoli Netcool Configuration Manager is vulnerable to Denial of Service (DoS) attacks

Summary XStream is used in ITNCM to serialize XML data and may be vulnerable to Denial of Service attacks DoS. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by causing a stackoverflow. This effect may support a denial of service...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, which is a required product for IBM Tivoli Netcool Configuration Manager (CVE-2023-35890)

Summary IBM WebSphere Application Server is a required product for IBM Tivoli Netcool Configuration Manager version 6.4.2. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security...

Security Bulletin: OpenStack vulnerabilities affect IBM SmartCloud Entry(CVE-2015-5240 CVE-2015-3280)

Summary IBM SmartCloud Entry is vulnerable to a Nova vulnerability that allows a remote authenticated attacker to cause a denial of service. IBM SmartCloud Entry is vulnerable to a Neutron vulnerability that allows an attacker to bypass firewall rules and gain access to applications. Vulnerabilit...

Security Bulletin: OpenStack vulnerabilities affect IBM SmartCloud Entry (CVE-2015-7713, CVE-2015-5286)

Summary IBM SmartCloud Entry is vulnerable to several OpenStack vulnerablities. An attacker can exploit these velnerabilities to launch further attacks on the system or to exhaust all available resources. Vulnerability Details CVEID: CVE-2015-7713 DESCRIPTION: OpenStack Nova could provide weaker...

Security Bulletin: A vulnerability in IBM Java Runtime affect Rational Asset Analyzer (RAA).

Summary A vulnerability in IBM® Runtime Environment Java™ Version 8.0.5.15 used by Rational Asset Analyzer. Rational Asset Analyzer has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2018-3180 DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the Java SE, Java...

IBM WebSphere Application Server 7.0 < Fix Pack 19 Multiple Vulnerabilities

IBM WebSphere Application Server 7.0 before Fix Pack 19 appears to be running on the remote host. As such, it is potentially affected by the following vulnerabilities : - An open redirect vulnerability exists related to the 'logoutExitPage' parameter. This can allow remote attackers to trick user...

IBM WebSphere Application Server 6.0 < 6.0.2.19 HTTP Response Splitting

IBM WebSphere Application Server 6.0.x before Fix Pack 19 appears to be running on the remote host. Such versions are reportedly affected by an HTTP response splitting vulnerability because the application fails to properly sanitize user-supplied data to an unspecified parameter and script. C...

IBM HTTP Server mod_proxy Interim Responses DoS Vulnerability

IBM HTTP Server is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

IBM WebSphere Application Server 6.1 < Fix Pack 19 Unspecified Vulnerability

Binary data 4685.prm...

IBM WebSphere Application Server 6.1 < Fix Pack 19 Multiple Flaws

IBM WebSphere Application Server 6.1 before Fix Pack 19 appears to be running on the remote host. As such, it is reportedly affected by multiple flaws : - An as-yet unspecified security exposure vulnerability exists when the 'FileServing' feature in the Servlet Engine / Web Container component is...

IBM WebSphere应用服务程序存在未明漏洞

BUGTRAQ ID: CNCAN ID：CNCAN-2008072105 IBM WebSphere Application Server是一款商业性质的WEB应用服务程序。 IBM WebSphere应用服务程序"PropFilePasswordEncoder"工具存在未明错误。 目前没有详细漏洞细节提供。 IBM WebSphere Application Server 5.x 可采用Fix Pack 19 5.1.1.19： http://www-1.ibm.com/support/docview.wss?uid=swg27006879...