EUVD-2022-43042

Malicious code in bioql PyPI...

EUVD-2022-43043

Malicious code in bioql PyPI...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Enterprise Content Management System Monitor

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version Java 6 and Java 7 used by Enterprise Content Management System Monitor. These issues were disclosed as part of the IBM Java SDK updates in October 2016. Vulnerability Details CVEID: CVE-2016-5573 DESCRIPTION:...

Security Bulletin: Three vulnerabilities in IBM FileNet Content Manager, IBM Content Foundation and IBM FileNet BPM (CVE-2014-6593, CVE-2015-0410, and CVE-20150-0383)

Summary Three security vulnerabilities exist in IBM FileNet Content Manager, IBM Content Foundation and IBM FileNet BPM. See the individual description for the details. Vulnerability Details CVEID: CVE-2014-6593 DESCRIPTION: An unspecified vulnerability in Oracle Java SE and JRockit related to th...

IBM DB2 9.7 < FP11 Special Build 37314 / 10.1 < FP6 Special Build 37313 / 10.5 < FP10 Special Build 37311 / 11.1.3 < FP3 JDBC Driver Unsafe Deserialization Local Privilege Escalation (UNIX)

According to its version, the installation of IBM DB2 running on the remote host is either 9.7 prior to Fix Pack 11 Special Build 37314, 10.1 prior to Fix Pack 6 Special Build 37313, 10.5 prior to Fix Pack 10 Special Build 37311, or 11.1.3 prior to Fix Pack 3. It is, therefore, affected by a loca...

Lotus Notes Diagnostic Tool 8.5 / 9.0 Privilege Escalation

Exploit Title: Lotus Notes Diagnostic Tool nsd.exe Privelege Escalation Date: 02-09-2017 Exploit Author: ParagonSec Website: https://github.com/paragonsec Version: 8.5 & 9.0 Tested on: Windows 7 Enterprise CVE: CVE-2015-0179 Vendor CVE URL: http://www-01.ibm.com/support/docview.wss?uid=swg2170002...

Low: Red Hat Security Advisory: Red Hat Satellite IBM Java Runtime security update

Updated java-1.6.0-ibm packages that fix several security issues are now available for Red Hat Satellite 5.6. Red Hat Product Security has rated this update as having Low security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available for...

CVE-2014-8372

AirWatch by VMware On-Premise 7.3.x before 7.3.3.0 FP3 allows remote authenticated users to obtain the organizational information and statistics from arbitrary tenants via vectors involving a direct object reference...

CVE-2013-4069

The Portal application in IBM SPSS Collaboration and Deployment Services 4.2.1 before 4.2.1.3 IF3 and 5.0 before FP3 allows remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue...

CVE-2013-4032

CVE-2013-4032 affects IBM DB2 DB2 Enterprise/Advanced Enterprise Server editions (10.1 before FP3 and 10.5) in multi-node configurations. The vulnerability resides in the Fast Communications Manager (FCM), allowing an unauthenticated, remote attacker to cause a denial of service by sending arbitr...

SuSE 10 Security Update : java-1_5_0-ibm (ZYPP Patch Number 8653)

IBM Java 1.5.0 has been updated to SR16-FP3 to fix bugs and security issues. Please see also http://www.ibm.com/developerworks/java/jdk/alerts/ Also the following bug has been fixed : - add Europe/Busingen to tzmappings. bnc817062 - mark files in jre/bin and bin/ as executable bnc823034...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Basic Services component in IBM Tivoli Monitoring ITM 6.2.0 through FP3, 6.2.1 through FP4, 6.2.2 through FP9, and 6.2.3 before FP3, as used in IBM Application Manager for Smart Business formerly Tivoli Foundations Application Manager 1.2.1...

Input validation

InfoSphere Import Export Manager in InfoSphere Information Server MetaBrokers & Bridges MBB in IBM InfoSphere Information Server 8.1, 8.5 before FP3, 8.7, and 9.1 does not validate unspecified input data, which allows remote authenticated users to execute arbitrary commands via unknown vectors...

IBM Lotus Notes Web Application XSS Vulnerability - Windows

IBM Lotus Notes is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

IBM Lotus Symphony Multiple Vulnerabilities - Linux

IBM Lotus Symphony is prone to multiple unspecified vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2011-2884

Multiple unspecified vulnerabilities in IBM Lotus Symphony 3 before FP3 have unknown impact and attack vectors, related to "critical security vulnerability issues."...

Design/Logic Flaw

Multiple unspecified vulnerabilities in IBM Lotus Symphony 3 before FP3 have unknown impact and attack vectors, related to "critical security vulnerability issues."...

CVE-2011-2885

CVE-2011-2885 affects IBM Lotus Symphony 3 prior to Fix Pack 3. The vulnerability stems from processing a sample .doc that uses a user-defined toolbar, allowing remote attackers to trigger an application crash (DoS). The connected Nessus/OpenVAS entries corroborate the Fix Pack 3 remediation path...

CVE-2011-2888

IBM Lotus Symphony 3.x before Fix Pack 3 is affected. The vulnerability (CVE-2011-2888) involves processing complex graphics in a presentation and can cause an application hang/denial of service. The issue is tied to the rendering of complex graphics inside presentations, with impact described as...

CVE-2011-2886

CVE-2011-2886 affects IBM Lotus Symphony 3.x prior to Fix Pack 3. The vulnerability allows remote attackers to crash the application by opening a .docx document with empty bullet styles for parent bullets, leading to a denial of service. Public technical details across connected documents specify...