XenServer Security Update for CVE-2025-27465

Severity: Medium Description of Problem An issue has been identified in XenServer 8.4 that may allow privileged code in a guest VM to cause the host to crash or become unresponsive. This issue has the following identifier: CVE-2025-27465 Affected Versions This issue affects XenServer 8.4. Note th...

Security Bulletin: A Remote Attack Vulnerability in Apache Log4j affects IBM Engineering Lifecycle Optimization - Publishing

Summary There is a Vulnerability in Apache Log4j CVE-2021-44228 which is used by "IBM Engineering Lifecycle Optimization - Publishing PUB" and "Rational Publishing Engine RPE." Vulnerability Details CVEID:CVE-2021-44228 DESCRIPTION: Apache Log4j could allow a remote attacker to execute arbitrary...

Security Bulletin: Apache Log4j vulnerability is affecting IBM Engineering Requirements Management DOORS

Summary There is a vulnerability in Apache Log4j CVE-2021-44228 that is affecting IBM Engineering Requirements Management DOORS. This only affects customer who install the knowledge center on their computer. The IBM Engineering Requirements Management DOORS Server Windows installer contains the...

Citrix Hypervisor Security Update

Description of Problem Two security issues have been identified in Citrix Hypervisor formerly Citrix XenServer that may allow privileged code in a guest VM to cause the host to crash or become unresponsive. These issues affect all currently supported versions of Citrix Hypervisor up to and...

Security Bulletin: IBM Cloud Pak for Integration is affected by multiple Go vulnerabilities

Summary IBM Cloud Pak for Integration is vulnerable to Go CVE-2020-28366, CVE-2020-28362, CVE-2020-28367 Vulnerability Details CVEID: CVE-2020-28366 DESCRIPTION: Golang Go could allow a remote attacker to execute arbitrary code on the system, caused by a code injection flaw in go command when cgo...

CVE-2019-11634 - Remote Code Execution Vulnerability in Citrix Workspace app and Receiver for Windows

Description of Problem A vulnerability has been identified in Citrix Workspace app and Receiver for Windows that could result in local drive access preferences not being enforced allowing an attacker read/write access to the clients local drives which could enable code execution on the client...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Rational Developer for i and Rational Developer for AIX and Linux - October 2019

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 that is used by Rational Developer for i and Version 7 that is used by Rational Developer for AIX and Linux. These issues were disclosed as part of the IBM Java SDK updates in October 2019. Vulnerability...

Security Bulletin: IBM Resilient SOAR could allow a privileged user to inject malicious commands through Python3 scripting (CVE-2020-4636).

Summary It was possible for a privileged user to inject malicious commands through Python3 scripting, using the sys module, in a Beta version of Resilient. Vulnerability Details CVEID: CVE-2020-4636 DESCRIPTION: IBM Resilient could allow a privileged user to inject malicious commands through...

Security Bulletin: IBM Resilient SOAR is Using Components with Known Vulnerabilities - OkHttp 3.x (CVE-2018-20200)

Summary CertificatePinner.java in OkHttp 3.x through 3.12.0 allows man-in-the-middle attackers to bypass certificate pinning by changing SSLContext and the boolean values while hooking the application. Vulnerability Details CVEID: CVE-2018-20200 DESCRIPTION: DISPUTED CertificatePinner.java in...

Security Bulletin: IBM Resilient users may experience a denial of service of the SOAR Platform due to a insufficient input validation (CVE-2019-4579)

Summary IBM Resilient users may experience a denial of service of the SOAR Platform if a form field contains a extremely large data in a POST, PUT, or PATCH http request. Vulnerability Details CVEID: CVE-2019-4579 DESCRIPTION: IBM Resilient OnPrem uses incomplete blocklisting for input validation...

Citrix ShareFile storage zones Controller multiple security updates

Description of Problem Security issues have been identified in customer-managed Citrix ShareFile storage zone controllers. These vulnerabilities, if exploited, would allow an unauthenticated attacker to compromise the storage zones controller potentially giving an attacker the ability to access...

Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect WebSphere Application Server January 2020 CPU

Summary There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server. These might affect some configurations of IBM WebSphere Application Server Traditional, IBM WebSphere Application Server Liberty and IBM WebSphere Applicatio...

Security Bulletin: Apache Commons Collections library in WebSphere Application Server Knowledge Center is vulnerable in IBM Cloud (CVE-2015-7450)

Summary The Knowledge Center Component used in Version 9 of the WebSphere Application Server needs an updated Apache Commons Collections library. Vulnerability Details CVEID: CVE-2015-7450 DESCRIPTION: Serialized-object interfaces in certain IBM analytics, business solutions, cognitive, IT...

Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect WebSphere Application Server April 2019 CPU

Summary There are multiple vulnerabilities in the IBM® SDK Java™ Technology Edition that is shipped with IBM WebSphere Application Server. These may affect some configurations of IBM WebSphere Application Server Traditional, IBM WebSphere Application Server Liberty and IBM WebSphere Application...

Unable to Launch Applications or Desktops Using HTTPS URL via Workspace App for HTML5

When using StoreFront or Cloud Workspace with Workspace App for HTML5 through an HTTPS URL, applications and desktops cannot be started. One of the following error messages is displayed: “Cannot create a secure connection in this browser. Refer to the Citrix Knowledge Center article CTX134123.”...

prnewswire.co.uk XSS vulnerability

Open Bug Bounty ID: OBB-444514 Description| Value ---|--- Affected Website:| prnewswire.co.uk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

ironmountain.ch XSS vulnerability

Vulnerable URL: http://www.ironmountain.ch/de/Knowledge-Center/Reference-Library/Search-Result.aspx?topic=%22%3E%3Csvg/onload=window.onerror=alert;throw/OPENBUGBOUNTY/%3E0=teubieni Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| XSS...

Jawahar Knowledge Center website Hacked & Databse leaked by PCA

Jawahar Knowledge Center website Hacked & Databse leaked by PCA Pakistan Cyber Army PCA admin Shak hack the website of Jawahar Knowledge Center . They Release the Database backup, which is available for Download at . The database includes the password, surname, name, designation, address, phone,...

Jawahar Knowledge Center website Hacked & Databse leaked by PCA

Jawahar Knowledge Center website Hacked & Databse leaked by PCA Pakistan Cyber Army PCA admin Shak hack the website of Jawahar Knowledge Center https://www.ieg.gov.in/ . They Release the Database backup, which is available for Download at https://www.multiupload.com/IFLRXDT53W . The database...

Citrix Presentation Server heap based buffer overflow

Overview A heap-based buffer overflow in Citrix Presentation Server may allow a remote attacker to execute arbitrary code on an vulnerable system in the context of the system user. Description Citrix Presentation Server is an application delivery system providing access to users accross a network...