109 matches found
Security Bulletin: WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is vulnerable to LDAP Injection (CVE-2021-39031)
Summary WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is vulnerable to LDAP Injection CVE-2021-39031 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products and...
Security Bulletin: IBM Cloud Transformation Advisor, which is bundled with IBM Cloud Pak for Applications, has addressed multiple security vulnerabilities.
Summary IBM Cloud Transformation Advisor, which is bundled with IBM Cloud Pak for Applications, has addressed multiple security vulnerabilities CVE-2021-35517, CVE-2021-36090, CVE-2021-45105, CVE-2021-45046, CVE-2021-22960, CVE-2021-35560, CVE-2021-35586, CVE-2021-35578, CVE-2021-35564,...
Security Bulletin: Multiple vulnerabilities in Apache log4j affect IBM WebSphere Application Server which is bundled with IBM Cloud Pak for Applications(CVE-2021-45105, CVE-2021-44832)
Summary Multiple vulnerabilities in Apache log4j affect IBM WebSphere Application Server CVE-2021-45105, CVE-2021-44832. IBM WebSphere Application Server is bundled with IBM Cloud Pak for Applications. There is a vulnerability in the Apache log4j library used by IBM WebSphere Application Server...
Security Bulletin: IBM Application Navigator, which is bundled with IBM Cloud Pak for Applications, is vulnerable to a remote attacker exploitation of Apache Log4j (CVE-2021-44228)
Summary IBM Application Navigator, which is bundled with IBM Cloud Pak for Applications, is vulnerable to a remote attacker exploitation of Apache Log4j CVE-2021-44228. The IBM Application Navigator contains a copy of Apache Log4j which is not used by the IBM Application Navigator function. Out o...
CVE-2021-42295
Visual Basic for Applications Information Disclosure Vulnerability...
CVE-2021-42295 Visual Basic for Applications Information Disclosure Vulnerability
...
Microsoft Office 2016 Information Disclosure Vulnerability (KB4504710)
This host is missing an important security update according to Microsoft KB4504710 Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...
Microsoft Office 2013 Information Disclosure Vulnerability (KB4486726)
This host is missing an important security update according to Microsoft KB4486726 Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...
Description of the security update for Office 2016: December 14, 2021 (KB4504710)
None None...
KLA12389 Multiple vulnerabilities in Microsoft Office
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, spoof user interface, obtain sensitive information. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in...
Security Bulletin: WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is vulnerable to a Denial of Service (CVE-2021-38951)
Summary WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is vulnerable to a Denial of Service CVE-2021-38951 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Principal Products and...
Security Bulletin: A vulnerabilty in encoding/unicode in the UTF-16 decoder has been found in x/text package before v0.3.3 for Go that could lead to an infinite loop and denial of service, affecting IBM Cloud Pak for Applications
Summary A vulnerabilty in encoding/unicode in the UTF-16 decoder has been found in x/text package before v0.3.3 for Go that could lead to an infinite loop and denial of service, affecting IBM Cloud Pak for Applications Vulnerability Details CVEID: CVE-2020-14040 DESCRIPTION: Go Language x/text...
Security Bulletin: WebSphere Application Server, which is included in IBM Cloud Pak for Applications, is vulnerable to a Privilege Escalation vulnerability (CVE-2021-29754)
Summary WebSphere Application Server, which is included in IBM Cloud Pak for Applications, is vulnerable to a privilege escalation vulnerability. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products and...
Security Bulletin: A vulnerability has been found in IBM Cloud Pak for Applications v4.3 where insecure http communications is used
Summary A vulnerability has been found in IBM Cloud Pak for Applications v4.3 where insecure http communications is used Vulnerability Details CVEID: CVE-2021-20360 DESCRIPTION: IBM Cloud Pak for Applications uses weaker than expected cryptographic algorithms that could allow an attacker to decry...
CVE-2021-20368
IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 195357...
IBM Cloud Pak for Applications 跨站脚本漏洞
IBM Cloud Pak for Applications is an enterprise containerized application development runtime platform that helps you modernize existing applications, embed additional security, and develop new applications for developing digital initiatives.A cross-site scripting vulnerability exists in IBM Clou...
IBM Cloud Pak for Applications安全漏洞
IBM Cloud Pak for Applications is an application from IBM America, Inc. Provides cloud-native development solutions that deliver value quickly. A security vulnerability exists in IBM Cloud Pak for Applications v4.3, which can be exploited by attackers to obtain sensitive information...
Security Bulletin: WebSphere Application Server, which is bundled in IBM Cloud Pak for Applications, contains a vulnerability in Dojo (CVE-2020-5258)
Summary WebSphere Application Server, which is bundled in IBM Cloud Pak for Applications, contains a vulnerability in Dojo CVE-2020-5258 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Principal Affected Products and...
Security Bulletin: WebSphere Application Server, which is bundled in IBM Cloud Pak for Applications, is vulnerable to a Server-side Request Forgery vulnerability (CVE-2021-20480)
Summary WebSphere Application Server, which is bundled in IBM Cloud Pak for Applications, is vulnerable to a Server-side Request Forgery vulnerability CVE-2021-20480 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions...
Security Bulletin: WebSphere Application Server, which is a component of IBM Cloud Pak for Aplications, is vulnerable to a Directory Traversal vulnerability (CVE-2020-5016)
Summary WebSphere Application Server is shipped as a component of IBM Cloud Pak for Applications. Information about security vulnerabilities affecting WebSphere Application Server have been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the...