Lucene search
K

2004 matches found

CVE
CVE
added 2018/07/08 3:0 p.m.51 views

CVE-2018-13439

The CVE-2018-13439 entry affects WXPayUtil in the WeChat Pay Java SDK, where the WXPayUtil class is vulnerable to XML External Entity (XXE) attacks via a merchant notification URL. The connected documents confirm XXE exploitation risk and describe the underlying issue as improper XML processing t...

7.5CVSS7.5AI score0.01903EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2018/07/08 3:0 p.m.25 views

CVE-2018-13439

WXPayUtil in WeChat Pay Java SDK allows XXE attacks involving a merchant notification URL...

7.5AI score0.01903EPSS
Exploits1References1
IBM Security Bulletins
IBM Security Bulletins
added 2018/07/04 1:36 p.m.40 views

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Agile Lifecycle Manager

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8 Service Refresh 5 Fix Pack 10 and earlier releases used by IBM Agile Lifecycle Manager. These issues were disclosed as part of the IBM Java SDK updates in April 2018. Vulnerability Details If you run your own...

8.3CVSS1AI score0.15141EPSS
Exploits0Affected Software1
seebug.org
seebug.org
added 2018/07/04 12:0 a.m.137 views

XXE in WeChat Pay SDK

Background “Mobile payments surge to $9 trillion a year, changing how people shop, borrow—even panhandle”, as WSJ.com once reported. As a payment security researcher, I occasionally found a perilous problem about WeChat Pay which I think may be esay to make use of. Therefore, I hope to be able to...

Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/29 1:38 p.m.30 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM OS Images for Red Hat Linux Systems, AIX-based, and Windows-based deployments for IBM PureApplication System

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 6 and 7, used by the OS Images for IBM PureApplication System. Java 7 is used by IBM Base OS images. These issues were disclosed as part of the IBM Java SDK updates in April 2018. IBM OS Image for Red Hat Lin...

8.3CVSS1AI score0.15141EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/29 12:24 p.m.24 views

Security Bulletin: Vulnerability in IBM® Java SDK affects IBM SPSS Analytic Server (CVE-2018-2602, CVE-2018-2634)

Summary An unspecified vulnerability in multiple Oracle products could allow an unauthenticated attacker to obtain sensitive information resulting in a high confidentiality impact using unknown attack vectors, and could cause low confidentiality impact, low integrity impact, and low availability...

6.8CVSS1.6AI score0.04532EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/28 4:41 p.m.30 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM PureApplication System

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 6 and 7, used by the IBM PureApplication System. These issues were disclosed as part of the IBM Java SDK updates in April 2018 and the following vulnerabilities have been addressed. Vulnerability Details CVEI...

8.3CVSS1AI score0.15141EPSS
Exploits0Affected Software1
Veracode
Veracode
added 2018/06/28 7:15 a.m.21 views

Spoofing Vulnerability

The Azure IoT Device Provisioning AMQP Transport library is vulnerable to spoofing due to improper validation of certificates over the AMQP protocol. The vulnerability affects C SDK, C SDK and Java SDK...

5.6CVSS5.6AI score0.01098EPSS
Exploits0References5Affected Software5
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/25 5:54 a.m.38 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK 7 affect IBM Systems Director.

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition, Version 7 that is used by IBM Systems Director. These issues were disclosed as part of the IBM Java SDK updates in October 2016 and January 2017. Vulnerability Details CVEID: CVE-2016-5546 DESCRIPTION: An unspecified...

7.5CVSS0.9AI score0.95707EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/23 4:4 a.m.29 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Integration Designer used in IBM Business Process Manager

Summary There are vulnerabilities in IBM SDK Java™ Technology Edition that is used by IBM Integration Designer in IBM Business Process Manager. These issues were disclosed as part of the IBM Java SDK updates in January 2018. Vulnerability Details CVEID: CVE-2018-2633 DESCRIPTION: An unspecified...

8.3CVSS1.5AI score0.06905EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/23 2:54 a.m.32 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Integration Designer used in IBM Business Process Manager

Summary There are vulnerabilities in IBM SDK Java™ Technology Edition that is used by IBM Integration Designer in IBM Business Process Manager. These issues were disclosed as part of the IBM Java SDK updates in April 2018. Vulnerability Details CVEID: CVE-2018-2783 DESCRIPTION: An unspecified...

7.4CVSS1AI score0.03966EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/22 5:47 a.m.51 views

Security Bulletin: Vulnerabilities in IBM Java SDK affect IBM Storwize V7000 Unified (CVE-2015-0488, CVE-2015-2808, CVE-2015-1916, and CVE-2015-0204)

Summary There are vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 6 that is used by IBM Storwize V7000 Unified. These issues were disclosed as part of the IBM Java SDK updates in April 2015. Vulnerability Details CVEID: CVE-2015-0488 DESCRIPTION: An unspecified...

5CVSS1.3AI score0.98685EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/22 5:47 a.m.37 views

Security Bulletin: Vulnerability in IBM Java SDK affect IBM SONAS (CVE-2015-2808)

Summary There is a vulnerability in IBM® Runtime Environment Java™ Technology Edition, Version 6 that is used by IBM SONAS. This issue was disclosed as part of the IBM Java SDK updates in April 2015. Vulnerability Details CVEID: CVE-2015-2808 DESCRIPTION: The RC4 algorithm, as used in the TLS...

5CVSS0.9AI score0.74006EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/22 2:27 a.m.6 views

Security Bulletin: Multiple vulnerabilities in IBM® Java SDK affects WebSphere Application Server shipped with IBM Security Key Lifecycle Manager April 2018 CPU

Summary There are multiple vulnerabiltities in the IBM® SDK Java™ Technology Edition that is shipped with IBM WebSphere Application Server. WebSphere Application Server is shipped as a component of IBM Security Key Lifecycle Manager. Vulnerability Details Please consult the security bulletin...

2.7AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/22 1:40 a.m.54 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM Algo One - Core

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7.0.10.15 and earlier and 8.0.5.7 and earlier and IBM® Runtime Environment Java™ Version 7.0.10.15 and earlier and 8.0.5.7 and earlier used by IBM Algo One - Core. These issues were disclosed as part of the I...

8.3CVSS0.8AI score0.03328EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/22 1:30 a.m.21 views

Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affects Liberty for Java for IBM Cloud April 2018 CPU

Summary There are multiple vulnerabiltities in the IBM® SDK Java™ Technology Edition that is shipped with IBM WebSphere Application Server. These issues were disclosed as part of the IBM Java SDK updates in April 2018. These may affect some configurations of IBM WebSphere Application Server...

7.4CVSS0.7AI score0.0541EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 1:44 a.m.31 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Spectrum LSF Analytics

Summary There are multiple vulnerabilities in IBM®Runtime Environment Java™Version 7 used by IBM Spectrum LSF Analytics. These issues were disclosed as part of the IBM Java SDK updates in April 2018 Vulnerability Details If you run your own Java code using the IBM Java Runtime delivered with this...

8.3CVSS0.8AI score0.15141EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 1:44 a.m.52 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect AIX

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition, Versions 7, 7.1, 8 that are used by AIX. These issues were disclosed as part of the IBM Java SDK updates in April 2018. Vulnerability Details CVEID: CVE-2018-2800 DESCRIPTION: An unspecified vulnerability in Oracle Jav...

7.7CVSS1AI score0.15141EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 1:43 a.m.40 views

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Platform Symphony and IBM Spectrum Symphony

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions, Version 6 Service Refresh 16 Fix Pack 55 and earlier releases used by IBM Platform Symphony 6.1.1, Version 7 Service Refresh 10 Fix Pack 15 and earlier releases used by IBM Platform Symphony 7.1 Fix Pack 1,...

8.3CVSS0.7AI score0.07525EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 1:42 a.m.47 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect AIX

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 7, 7.1, and 8 that are used by AIX. These issues were disclosed as part of the IBM Java SDK updates in January 2018. Vulnerability Details CVEID: CVE-2018-2639 DESCRIPTION: An unspecified vulnerability relat...

8.3CVSS0.8AI score0.07525EPSS
Exploits0Affected Software1
Rows per page
Query Builder