26 matches found
CVE-2025-33076
IBM Engineering Systems Design Rhapsody 9.0.2, 10.0, and 10.0.1 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local user could overflow the buffer and execute arbitrary code on the system...
CVE-2025-33077 IBM Engineering Systems Design Rhapsody code execution
IBM Engineering Systems Design Rhapsody 9.0.2, 10.0, and 10.0.1 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local user could overflow the buffer and execute arbitrary code on the system...
CVE-2025-33077 IBM Engineering Systems Design Rhapsody code execution
IBM Engineering Systems Design Rhapsody 9.0.2, 10.0, and 10.0.1 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local user could overflow the buffer and execute arbitrary code on the system...
CVE-2025-33077
IBM Engineering Systems Design Rhapsody is affected by CVE-2025-33077: stack-based buffer overflow due to improper bounds checking in versions 9.0.2, 10.0, and 10.0.1. A local attacker could overflow a buffer and execute arbitrary code. The IBM Security Bulletin confirms the affected versions and...
CVE-2025-33076 IBM Engineering Systems Design Rhapsody code execution
IBM Engineering Systems Design Rhapsody 9.0.2, 10.0, and 10.0.1 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local user could overflow the buffer and execute arbitrary code on the system...
CVE-2025-33020 IBM Engineering Systems Design Rhapsody information disclosure
IBM Engineering Systems Design Rhapsody 9.0.2, 10.0, and 10.0.1 transmits sensitive information without encryption that could allow an attacker to obtain highly sensitive information...
CVE-2025-33020 IBM Engineering Systems Design Rhapsody information disclosure
IBM Engineering Systems Design Rhapsody 9.0.2, 10.0, and 10.0.1 transmits sensitive information without encryption that could allow an attacker to obtain highly sensitive information...
CVE-2025-33020
CVE-2025-33020 affects IBM Engineering Systems Design Rhapsody versions 9.0.2, 10.0, and 10.0.1 . The root issue is transmission of sensitive information without encryption, leading to potential information disclosure. The vulnerability is network-based with no user interaction required and has a...
Security Bulletin: IBM Engineering Systems Design Rhapsody was affected by CVE-2025-33077
Summary IBM Engineering Systems Design Rhapsody was vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local user could overflow the buffer and execute arbitrary code on the system. Vulnerability Details CVEID:CVE-2025-33077 DESCRIPTION: IBM Engineering Systems...
Security Bulletin: IBM Engineering Systems Design Rhapsody was affected by CVE-2025-33020
Summary IBM Engineering Systems Design Rhapsody was vulnerable to transmits sensitive information without encryption that could allow an attacker to obtain highly sensitive information. Vulnerability Details CVEID:CVE-2025-33020 DESCRIPTION: IBM Engineering Systems Design Rhapsody transmits...
Security Bulletin: IBM Engineering Systems Design Rhapsody was affected by CVE-2024-38434
Summary IBM Engineering Systems Design Rhapsody was vulnerable to use of Potentially Dangerous Function which may allow security feature bypass Vulnerability Details CVEID:CVE-2024-38434 DESCRIPTION: Unitronics Vision PLC – CWE-676: Use of Potentially Dangerous Function may allow security feature...
Security Bulletin: IBM Engineering Systems Design Rhapsody was affected by CVE-2025-33076
Summary IBM Engineering Systems Design Rhapsody was vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local user could overflow the buffer and execute arbitrary code on the system. Vulnerability Details CVEID:CVE-2025-33076 DESCRIPTION: IBM Engineering Systems...
PT-2025-30590 · Ibm · Engineering Systems Design Rhapsody
Name of the Vulnerable Software and Affected Versions: IBM Engineering Systems Design Rhapsody versions 9.0.2, 10.0, and 10.0.1 Description: IBM Engineering Systems Design Rhapsody transmits sensitive information without encryption, potentially allowing an attacker to obtain highly sensitive...
PT-2025-30592 · Ibm · Engineering Systems Design Rhapsody
Name of the Vulnerable Software and Affected Versions: IBM Engineering Systems Design Rhapsody versions 9.0.2, 10.0, and 10.0.1 Description: IBM Engineering Systems Design Rhapsody is susceptible to a stack-based buffer overflow due to insufficient bounds checking. A local user can exploit this...
Security Bulletin: IBM Engineering Systems Design Rhapsody was affected by CVE-2024-38081
Summary IBM Engineering Systems Design Rhapsody was affected by Microsoft .NET privilege escalation. Risk was signaficantly low. We have upgraded our Build Environment to resolve this vulnerability. Vulnerability Details CVEID:CVE-2024-38081 DESCRIPTION:.NET, .NET Framework, and Visual Studio...
Security Bulletin: IBM Engineering Systems Design Rhapsody affected by CVE-2024-6763
Summary jetty-http-12.0.9.jar, jetty-server-12.0.9.jar was vulnerable and IBM Engineering Systems Design Rhapsodyhas upgraded JARs to org.eclipse.jetty:jetty-http:12.0.12;org.eclipse.jetty:jetty-server:12.0.12 Vulnerability Details CVEID:CVE-2024-6763 DESCRIPTION: Eclipse Jetty is a lightweight,...
CVE-2024-41779
IBM Engineering Systems Design Rhapsody - Model Manager 7.0.2 and 7.0.3 could allow a remote attacker to bypass security restrictions, caused by a race condition. By sending a specially crafted request, an attacker could exploit this vulnerability to remotely execute code...
Security Bulletin: The IBM® Engineering Lifecycle Engineering products are vulnerable to CVE-2021-28167
Summary A flaw in Eclipse OpenJ9 allows malicious code to access static methods and fields in classes before those classes have been initialized. Following IBM® Engineering Lifecycle Engineering product is vulnerable to this attack, it has been addressed in this bulletin: IBM Engineering Systems...
Security Bulletin: Apache Log4j (CVE-2021-44228) vulnerability in IBM Engineering Systems Design Rhapsody (Rhapsody)
Summary IBM Engineering Systems Design Rhapsody Rhapsody components, Knowledge Center and Test Conductor are impacted by the Apache Log4j vulnerability CVE-2021-44228. Customers are encouraged to take quick action to apply fix. Vulnerability Details CVEID:CVE-2021-44228 DESCRIPTION: Apache Log4j...
Security Bulletin: IBM Engineering Systems Design Rhapsody (Rhapsody) is vulnerable to arbitrary code execution due to Apache Log4j (CVE-2021-44832, CVE-2021-45046, ) and denial of service due to Apache Log4j (CVE-2021-45105)
Summary There are Remote Attack Vulnerabilities in Apache Log4j CVE-2021-45105, CVE-2021-45046, CVE-2021-44832 which is used by IBM Engineering Systems Design Rhapsody RDM components; Knowledge Center and Test Conductor for logging . The fix includes upgrade to Apache Log4j v2.17.1. Vulnerability...