MAL-2025-25840 Malicious code in mango-fp2-project (npm)

The package mango-fp2-project was found to contain malicious code...

Malicious code in mango-fp2-project (npm)

The package mango-fp2-project was found to contain malicious code...

Security Bulletin: IBM Spectrum Conductor with IBM WebSphere Application Server Liberty is vulnerable to a denial of service due to Apache Commons FileUpload

Summary IBM Spectrum Conductor with IBM WebSphere Application Server Liberty is vulnerable to a denial of service due to Apache Commons FileUpload Vulnerability Details CVEID:CVE-2023-24998 DESCRIPTION: Apache Commons FileUpload and Tomcat are vulnerable to a denial of service, caused by not limi...

Security Bulletin: IBM Cognos Analytics has addressed a vulnerability (CVE-2021-44906)

Summary IBM Cognos Analytics is vulnerable to arbitrary code execution in the node.js minimist module CVE-2021-44906 . This vulnerability has been addressed in IBM Cognos Analytics 11.2.4 FP2. Vulnerability Details CVEID:CVE-2021-44906 DESCRIPTION: Node.js Minimist module could allow a remote...

Security Bulletin: IBM Cognos Analytics has addressed multiple vulnerabilities (CVE-2023-28530, XFID: 212233, CVE-2022-24999, CVE-2023-28530, CVE-2023-25929)

Summary Security vulnerabilities have been addressed in IBM Cognos Analytics 11.2.4 FP2. These vulnerabilities have also been previously addressed in IBM Cognos Analytics 11.1.7 FP7. Denial of Service DOS vulnerabilities have been addressed in Netplex json-smart-v2 CVE-2023-1370 , node.js d3-colo...

VulnCheck KEV: CVE-2013-6719

delivery.php in the Passive Capture Application PCA web console in IBM Tealeaf CX 7.x, 8.x through 8.6, 8.7 before FP2, and 8.8 before FP2 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the testconnhost parameter...

Mitel Networks MiCollab 跨站脚本漏洞

A cross-site scripting vulnerability exists in the "Join a Meeting" page of Mitel MiCollab, an enterprise collaboration software and tools platform solution, in versions prior to Mitel MiCollab 9.2 FP2. The vulnerability stems from insufficient input validation. An attacker could execute arbitrar...

Design/Logic Flaw

HCL iNotes is susceptible to a sensitive cookie exposure vulnerability. This can allow an unauthenticated remote attacker to capture the cookie by intercepting its transmission within an http session. Fixes are available in HCL Domino and iNotes versions 10.0.1 FP6 and 11.0.1 FP2 and later...

CVE-2020-4126

HCL iNotes is susceptible to a sensitive cookie exposure vulnerability. This can allow an unauthenticated remote attacker to capture the cookie by intercepting its transmission within an http session. Fixes are available in HCL Domino and iNotes versions 10.0.1 FP6 and 11.0.1 FP2 and later...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect WebSphere Service Registry and Repository October 2014 CPU

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped with IBM WebSphere Service Registry and Repository. This also includes a fix for the Padding Oracle On Downgraded Legacy Encryption POODLE SSLv3 vulnerability CVE-2014-3566. These issues were disclosed...

Design/Logic Flaw

IBM Marketing Platform 9.1 before FP2 allows remote authenticated users to hijack sessions, and consequently read records, modify records, or conduct transactions, via an unspecified link injection...

SuSE 10 Security Update : Java 1.5.0 (ZYPP Patch Number 8593)

IBM Java 1.5.0 has been updated to SR13-FP2 which fixes several bugs and security issues. For more details see : http://www.ibm.com/developerworks/java/jdk/alerts/ %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. if NASLLEVEL 3000 exit0;...

SuSE 11.2 / 11.3 Security Update : IBM Java (SAT Patch Numbers 7744 / 7920)

IBM Java 1.6.0 has been updated to SR13-FP2 which fixes bugs and security issues. http://www.ibm.com/developerworks/java/jdk/alerts/ %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text...

SuSE 10 Security Update : IBM Java (ZYPP Patch Number 8582)

IBM Java 1.6.0 has been updated to SR13-FP2 fixing bugs and security issues. http://www.ibm.com/developerworks/java/jdk/alerts/http://www.ibm.co m/developerworks/java/jdk/alerts/ %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. if NASLLEVE...

RHEL 5 / 6 : java-1.5.0-ibm (RHSA-2013:0855)

Updated java-1.5.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give...

IBM Lotus Notes URL Command Injection RCE Vulnerability - Windows

IBM Lotus Notes is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SuSE 11.1 Security Update : IBM Java (SAT Patch Number 4875)

IBM Java 1.6.0 SR9-FP2 fixes several of bugs and thew following security issues : - An unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.231 and earlier allows remote untrusted Java Web Start...

RHEL 4 / 5 : java-1.5.0-ibm (RHSA-2010:0807)

Updated java-1.5.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which gi...

SuSE 10 Security Update : IBM Java 1.4.2 (ZYPP Patch Number 6647)

IBM Java 1.4.2 was updated to Service Refresh 13 Fixpack 2 At least following security issues are fixed by this update: CVE-2009-1100: A vulnerability in the Java Runtime Environment JRE with storing temporary font files might allow an untrusted applet or application to consume a disproportionate...

IBM DB2 'REPEAT()' Heap Buffer Overflow Vulnerability

The host is installed with IBM DB2 and is prone to Buffer Overflow vulnerability. OpenVAS Vulnerability Test $Id: gbibmdb2bofvulnlinfeb10.nasl 5306 2017-02-16 09:00:16Z teissa $ IBM DB2 'REPEAT' Heap Buffer Overflow Vulnerability Authors: Antu Sanadi Copyright: Copyright c 2010 Greenbone Networks...