CGA-5PRM-G7P3-2HC5

Bulletin has no description...

CGA-PCXV-43R4-92MM

Bulletin has no description...

Security Bulletin: IBM License Metric Tool v9 and IBM Endpoint Manager for Software Use Analysis v2.2 and v9 are vulnerable to Padding Oracle On Downgraded Legacy Encryption (POODLE) attack on SSLv3 connections (CVE-2014-3566)

Summary SSLv3 protocol used to secure a number of connection paths in IBM License Metric Tool and IBM Endpoint Manager for Software Use Analysis is vulnerable to POODLE attack. This attack enables a man-in-the-middle attacker to decrypt and intercept communications, including user-server and...

Google Releases New Framework to Prevent Software Supply Chain Attacks

As software supply chain attacks emerge as a point of concern in the wake of SolarWinds and Codecov security incidents, Google is proposing a solution to ensure the integrity of software packages and prevent unauthorized modifications. Called "Supply chain Levels for Software Artifacts" SLSA, and...

CVE-2014-8926

Common Inventory Technology CIT before 2.7.0.2050 in IBM License Metric Tool 7.2.2, 7.5, and 9; Endpoint Manger for Software Use Analysis 9; and Tivoli Asset Discovery for Distributed 7.2.2 and 7.5 allows remote attackers to cause a denial of service CPU consumption or application crash via a...