7 matches found
Security Bulletin: Vulnerability in Linux kernel may affect IBM Spectrum Protect Plus
Summary IBM Spectrum Protect Plus can be affected by vulnerability in Linux Kernel. Vulnerability includes elevation of privileges, as described by the CVE in the "Vulnerability Details" section. Vulnerability Details CVEID:CVE-2023-51043 DESCRIPTION: Linux Kernel could allow a local authenticate...
Security Bulletin: Session cookie used by IBM Security Verify Information Queue is not properly secured (CVE-2022-35284)
Summary IBM Security Verify Information Queue ISIQ v10.0.2 does not set the SameSite attribute in the ISIQ session cookie. As a result, any CSRF protections offered by the attribute are disabled. ISIQ v10.0.3 is now correctly setting the SameSite attribute. CVE-2022-35284 Vulnerability Details...
Security Bulletin: IBM Spectrum Protect 8.1.14.000 Server is vulnerable to bypass of security restrictions (CVE-2022-22394)
Summary IBM Spectrum Protect 8.1.14.000 Server could allow a remote attacker to bypass security restrictions due to improper enforcement of access controls. Vulnerability Details CVEID: CVE-2022-22394 DESCRIPTION: The IBM Spectrum Protect 8.1.14.000 server could allow a remote attacker to bypass...
Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Apache Log4j
Summary IBM Watson Discovery for IBM Cloud Pak for Data ships with versions of Apache Log4j vulnerable to serialization gadgets. Vulnerability Details CVEID: CVE-2019-17571 DESCRIPTION: Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by improper...
Security Bulletin: Vulnerability in IBM Java Runtime affects IBM MQ Light (CVE-2016-3485)
Summary There is a vulnerability in IBM® Runtime Environment Java™ Version 8 and earlier releases that is used by IBM MQ Light. This issue was disclosed as part of the IBM Java SDK updates in July 2016. IBM MQ Light 1.0.6 has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2016-348...
IBM Lotus Quickr for Domino ActiveX控件缓冲区溢出漏洞
BUGTRAQ ID: 65191 CVECAN ID: CVE-2013-6748 IBM Lotus Quickr是一款团队协作软件,能够帮助访问人员、信息和完成任务所需的项目材料。 IBM Lotus Quickr for Domino 8.5.1版本中,qp2.cab内的ActiveX控件存在缓冲区溢出漏洞,可使远程攻击者通过特制的HTML文档,利用此漏洞执行任意代码。 0 IBM Lotus Quickr for Domino 8.5.1 厂商补丁: IBM --- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
IBM DB2 Unspecified Vulnerability (Linux)
The host is installed with IBM DB2 and is prone to unspecified vulnerability. OpenVAS Vulnerability Test $Id: gbibmdb2unspesifiedvulnlin.nasl 7113 2017-09-13 06:03:30Z cfischer $ IBM DB2 Unspecified Vulnerability Linux Authors: Antu Sanadi Copyright: Copyright c 2009 Greenbone Networks GmbH,...