76 matches found
Security Bulletin: Due to the use of IBM Db2, IBM Cloud Pak System is affected by multiple vulnerabilities
Summary Vulnerabilities found in IBM Db2 LUW that affect Foundation and IBM Tivoli Monitoring ITM pattern Types pTypes shipped with IBM Cloud Pak System. Vulnerabilities were addressed in IBM Cloud Pak System. IBM Cloud Pak System v2.3.6.0 has updated Foundation and ITM pTypes to Foundation versi...
EUVD-2019-14199
Malware in sbrugna...
EUVD-2007-5413
Malware in sbrugna...
EUVD-2007-5415
Malware in sbrugna...
EUVD-2023-53003
Malicious code in bioql PyPI...
CVE-2023-48978
An issue in NCR ITM Web terminal v.4.4.0 and v.4.4.4 allows a remote attacker to execute arbitrary code via a crafted script to the IP camera URL component...
CVE-2023-48978
An issue in NCR ITM Web terminal v.4.4.0 and v.4.4.4 allows a remote attacker to execute arbitrary code via a crafted script to the IP camera URL component...
CVE-2023-48978
CVE-2023-48978 affects NCR ITM Web terminal versions 4.4.0 and 4.4.4. The root cause is improper handling of specially crafted scripts by the IP camera URL component, enabling a remote attacker to execute arbitrary code. The CVSS-3.1 score is 9.8 (CRITICAL) with NETWORK attack vector, no privileg...
CVE-2023-48978
An issue in NCR ITM Web terminal v.4.4.0 and v.4.4.4 allows a remote attacker to execute arbitrary code via a crafted script to the IP camera URL component...
CVE-2023-48978
An issue in NCR ITM Web terminal v.4.4.0 and v.4.4.4 allows a remote attacker to execute arbitrary code via a crafted script to the IP camera URL component...
NCR Atleos ITM Web terminal 安全漏洞
NCR Atleos ITM Web terminal is a web terminal from NCR Atleos, Inc. A security vulnerability exists in NCR Atleos ITM Web terminal versions 4.4.0 and 4.4.4, which stems from improper handling of specially crafted scripts by the IP camera URL component, which could lead to the execution of arbitra...
PT-2025-26604 · Ncr · Ncr Itm Web Terminal
Name of the Vulnerable Software and Affected Versions: NCR ITM Web terminal versions 4.4.0 through 4.4.4 Description: The issue allows a remote attacker to execute arbitrary code via a crafted script to the IP camera URL component. Recommendations: For versions 4.4.0 through 4.4.4, consider...
Security Bulletin: Due to use of IBM® SDK Java™ Technology Edition, IBM Tivoli Monitoring (ITM) components is vulnerable to a local authenticated attacker to bypass security restrictions.
Summary A vulnerabilitiy in IBM® SDK Java™ Technology Edition that is shipped as part of multiple IBM Tivoli Monitoring ITM components. CVE-2024-3933 Vulnerability Details CVEID:CVE-2024-3933 DESCRIPTION: Eclipse Openj9 could allow a local authenticated attacker to bypass security restrictions,...
CVE-2023-4801
An improper certification validation vulnerability in the Insider Threat Management ITM Agent for MacOS could be used by an anonymous actor on an adjacent network to establish a man-in-the-middle position between the agent and the ITM server after the agent has registered. All versions prior to...
CVE-2023-4828
The CVE-2023-4828 issue affects Proofpoint Insider Threat Management (ITM) Server versions prior to 7.14.3.69. The root cause is an improper check for an exceptional condition, enabling an attacker with valid agent credentials and hostname to reconfigure any registered agent so that future commun...
CVE-2023-4828 ITM Server Communications Hijack
An improper check for an exceptional condition in the Insider Threat Management ITM Server could be used by an attacker to change the server's configuration of any already-registered agent so that the agent sends all future communications to an attacker-chosen URL. This could result in disclosure...
CVE-2023-4803 ITM Server Cross-site Scripting in WriteWindowTitle Endpoint
A reflected cross-site scripting vulnerability in the WriteWindowTitle endpoint of the Insider Threat Management ITM Server's web console could be used by an authenticated administrator to run arbitrary javascript within another web console administrator's browser. All versions prior to 7.14.3.69...
CVE-2023-4803 ITM Server Cross-site Scripting in WriteWindowTitle Endpoint
A reflected cross-site scripting vulnerability in the WriteWindowTitle endpoint of the Insider Threat Management ITM Server's web console could be used by an authenticated administrator to run arbitrary javascript within another web console administrator's browser. All versions prior to 7.14.3.69...
CVE-2023-4803
CVE-2023-4803 is a reflected cross-site scripting vulnerability in the WriteWindowTitle endpoint of Proofpoint ITM Server’s web console. An authenticated administrator can inject and execute arbitrary JavaScript in another web console administrator’s browser. Affected are all ITM Server versions ...
CVE-2023-4802 ITM Server Cross-site Scripting in UpdateInstalledSoftware Endpoint
A reflected cross-site scripting vulnerability in the UpdateInstalledSoftware endpoint of the Insider Threat Management ITM Server's web console could be used by an authenticated administrator to run arbitrary javascript within another web console administrator's browser. All versions prior to...