44 matches found
EUVD-2020-25476
Malware in sbrugna...
EUVD-2017-10516
Malware in sbrugna...
EUVD-2017-10788
Malware in sbrugna...
EUVD-2014-0918
Malware in sbrugna...
EUVD-2013-5231
Malware in sbrugna...
IBM Maximo Anywhere Encryption Issue Vulnerability
IBM Maximo Anywhere is a next-generation mobile solution from IBM built on the IBM Worklight platform. An encryption vulnerability exists in IBM Maximo Anywhere, which stems from the product's failure to effectively protect program source code. An attacker could obfuscate the source code through...
IBM Maximo Anywhere Information Disclosure Vulnerability (CNVD-2022-56488)
IBM Maximo Anywhere is a set of next-generation mobile solutions built on the IBM Worklight platform from IBM U.S. IBM Maximo Anywhere has an information disclosure vulnerability that could be exploited by attackers to obtain sensitive information...
IBM Maximo Anywhere Encryption Issue Vulnerability (CNVD-2022-12745)
IBM Maximo Anywhere is a next-generation mobile solution from IBM built on the IBM Worklight platform. The solution supports remote access to IBM Maximo Asset Management a comprehensive asset lifecycle and maintenance management solution workflow and asset management via mobile devices. an...
Security Bulletin: Session is not invalidated After Logout
Summary IBM Worklight/MobileFoundation has addressed the following vulnerability.The application does not invalidate the validation cookie when the user logs out from the application Vulnerability Details CVEID: CVE-2020-4229 DESCRIPTION: IBM Worklight does not properly invalidate session cookies...
Security Bulletin: User Credentials submitted using GET method
Summary IBM Worklight/MobileFoundation has addressed the following vulnerability. User Credentials submitted using GET method Vulnerability Details CVEID: CVE-2020-4226 DESCRIPTION: IBM WorkLight stores highly sensitive information in URL parameters. This may lead to information disclosure if...
Security Bulletin: WebSphere Liberty susceptible to HTTP2 implementation vulnerablility.
Summary IBM Worklight/MobileFoundation has addressed the following vulnerability. WebSphere Liberty susceptible to HTTP2 implementation vulnerablility. Vulnerability Details CVEID: CVE-2019-9515 DESCRIPTION: Multiple vendors are vulnerable to a denial of service, caused by a Settings Flood attack...
Security Bulletin: WebSphere App Server - Out of Memory Exception can cause DOS
Summary IBM Worklight/MobileFoundation has addressed the following vulnerability. WebSphere App Server - Out of Memory Exception can cause DOS Vulnerability Details CVEID: CVE-2019-4046 DESCRIPTION: IBM WebSphere Application Server is vulnerable to a denial of service, caused by improper handling...
Security Bulletin: Multiple Vulnerabilities in OpenSSL affect IBM Worklight and IBM MobileFirst Platform Foundation
Summary OpenSSL vulnerabilities were disclosed on 30 October 2018 and later by the OpenSSL Project. OpenSSL is used by IBM Worklight and IBM MobileFirst Platform Foundation. IBM Worklight and IBM MobileFirst Platform Foundation have addressed the applicable CVEs. Vulnerability Details CVE-ID:...
Security Bulletin: Multiple Vulnerabilities in OpenSSL affect IBM Worklight and IBM MobileFirst Platform Foundation
Summary OpenSSL vulnerabilities were disclosed on APR 16, 2018 onward by the OpenSSL Project. OpenSSL is used by IBM Worklight and IBM MobileFirst Platform Foundation. IBM Worklight and IBM MobileFirst Platform Foundation have addressed the applicable CVEs. Vulnerability Details CVEID:...
Security Bulletin: Multiple Vulnerabilities in OpenSSL affect IBM Worklight and IBM MobileFirst Platform Foundation
Summary OpenSSL vulnerabilities were disclosed on Nov 02, 2017 onward by the OpenSSL Project. OpenSSL is used by IBM Worklight and IBM MobileFirst Platform Foundation. IBM Worklight and IBM MobileFirst Platform Foundation have addressed the applicable CVEs. Vulnerability Details CVEID:...
Security Bulletin: Open Source Apache Cordova Android Vulnerabilities affect IBM Worklight and IBM MobileFirst Platform Foundation
Summary Apache Cordova is an open source framework for mobile development. The Cordova framework is used in all Mobile environments in IBM Workligh and IBM MobileFirst Platform Foundation but this particluar Open Source Apache Cordova vulnerability is affected only for Android platform. Affected...
Security Bulletin: Reflected XSS in IBM Worklight OAuth Server Web Api
Summary A Reflected Cross Site Scripting XSS vulnerability exists in the authorization function exposed by RESTful Web Api of IBM Worklight Framework. The vulnerable parameter is "scope", if you set as value a "realm"; not defined in authenticationConfig.xml you get an HTTP 403 Forbidden response...
Security Bulletin: Multiple Vulnerabilities in IBM WebSphere Application Server Liberty affect IBM Worklight and IBM MobileFirst Platform Foundation
Summary IBM WebSphere Application Server Liberty vulnerabilities have been disclosed by IBM WebSphere Application Server Liberty . IBM WebSphere Application Server Liberty is used by IBM Worklight and IBM MobileFirst Platform Foundation. IBM Worklight and IBM MobileFirst Platform Foundation have...
Security Bulletin: Vulnerabilities in OpenSSL affect IBM Worklight and IBM MobileFirst Platform Foundation (CVE-2015-3194, CVE-2015-3195, CVE-2015-3196)
Summary OpenSSL vulnerabilities were disclosed on December 3, 2015 by the OpenSSL Project. OpenSSL is used by IBM Worklight and IBM MobileFirst Platform Foundation. IBM Worklight and IBM MobileFirst Platform Foundation has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2015-3194...
Security Bulletin: Vulnerability in Apache Commons affects IBM Worklight and IBM MobileFirst Platform Foundation (CVE-2015-7450)
Summary An Apache Commons Collections vulnerability for handling Java object deserialization was addressed by IBM Worklight and IBM MobileFirst Platform Foundation. Vulnerability Details CVEID: CVE-2015-7450 DESCRIPTION: Apache Commons Collections could allow a remote attacker to execute arbitrar...