35 matches found
EUVD-2019-13738
Malware in sbrugna...
EUVD-2020-25972
Malware in sbrugna...
EUVD-2018-11966
Malware in sbrugna...
CVE-2020-4725
IBM Monitoring IBM Cloud APM 8.1.4 could allow an authenticated user to modify HTML content by sending a specially crafted HTTP request to the APM UI, which could mislead another user. IBM X-Force ID: 187974...
CVE-2020-4725
CVE-2020-4725 affects IBM Cloud APM (IBM Monitoring) 8.1.4. An authenticated user can modify HTML content via a specially crafted HTTP request to the APM UI, potentially misleading another user. Root cause: UI content modification without proper access segregation. Impact is limited to HTML conte...
IBM Monitoring File Tampering Vulnerability
IBM Monitoring is an application service from IBM USA. It provides a cloud monitoring feature. IBM Monitoring suffers from a file tampering vulnerability that allows an authenticated user to modify HTML content by sending a specially crafted HTTP request to the APM UI. No detailed vulnerability...
IBM Monitoring 安全漏洞
IBM Monitoring is an application service from IBM USA. It provides a cloud monitoring feature. IBM Monitoring suffers from a file tampering vulnerability that allows an authenticated user to modify HTML content by sending a specially crafted HTTP request to the APM UI. No detailed vulnerability...
Security Bulletin: A vulnerability in IBM Jazz for Service Management affects IBM Performance Management products (CVE-2016-9975)
Summary IBM Jazz for Service Management is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. Vulnerability Details CVEID: CVE-2016-9975 DESCRIPTION: IBM Jazz for Service Management ...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Performance Management products
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition used by IBM Monitoring. IBM Monitoring has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2019-2422 DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the Java SE Libraries compone...
Security Bulletin: A vulnerability in IBM Websphere Application Server affects the IBM Performance Management product (CVE-2018-1901)
Summary IBM WebSphere Application Server could allow a remote attacker to temporarily gain elevated privileges on the system, caused by incorrect cached value being used. Vulnerability Details CVEID: CVE-2018-1901 DESCRIPTION: IBM WebSphere Application Server could allow a remote attacker to...
Security Bulletin: A vulnerability in IBM Websphere Application Server affects the IBM Performance Management product (CVE-2019-4046)
Summary IBM WebSphere Application Server is vulnerable to a denial of service, caused by improper handling of request headers. A remote attacker could exploit this vulnerability to cause the consumption of Memory. IBM Performance Management has addressed the applicable CVE. Vulnerability Details...
Security Bulletin: IBM Application Performance Management could allow a remote attacker to hijack the clicking action of the victim (CVE-2019-4086)
Summary IBM Application Performance Management could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attac...
CVE-2019-4131
IBM Application Performance Management IBM Monitoring 8.1.4 could allow a remote attacker to induce the application to perform server-side DNS lookups of arbitrary domain names. IBM X-Force ID: 158270...
CVE-2019-4131
IBM Application Performance Management (IBM Monitoring 8.1.4) is affected by CVE-2019-4131, where a remote attacker could induce the Cloud APM server to perform server-side DNS lookups for arbitrary domain names. Affected products/versions: IBM Cloud Application Performance Management, Base Priva...
Security Bulletin: A vulnerability in IBM WebSphere Application Server OpenID Connect affects IBM Performance Management products
Summary IBM WebSphere Application Server OpenID Connect could allow a remote attacker to execute arbitrary code on the system, caused by improper deserialization. By sending a specially-crafted request to the RP service, an attacker could exploit this vulnerability to execute arbitrary code...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Performance Management products
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition used by IBM Monitoring. IBM Monitoring has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2018-3139 DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the Java SE, Java SE Embedded...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Performance Management products
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition used by IBM Monitoring. IBM Monitoring has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-0705 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a double-free error when parsin...
Security Bulletin: Multiple vulnerabilities have been identified in DB2 that affect the IBM Performance Management product
Summary DB2 contains several vulnerabilities which can affect the IBM Performance Management product. Some of the information about security vulnerabilities affecting DB2 has been published in security bulletins. Vulnerability Details CVEID: CVE-2018-2783 DESCRIPTION: An unspecified vulnerability...
Security Bulletin: Multiple vulnerabilities have been identified in DB2 that affect the IBM Performance Management product
Summary DB2 contains several vulnerabilities which can affect the IBM Performance Management product. Some of the information about security vulnerabilities affecting DB2 has been published in security bulletins. Vulnerability Details CVEID: CVE-2017-1571 DESCRIPTION: IBM DB2 for Linux, UNIX and...
Security Bulletin: A vulnerability in Apache Derby could affect IBM Performance Management products (CVE-2018-1313)
Summary Apache Derby could allow a remote attacker to bypass security restrictions, caused by improper validation of network packets received. By sending a specially-crafted network packet, an attacker could exploit this vulnerability to boot a database whose location and contents are under the...