EUVD-2015-2090

Malware in sbrugna...

EUVD-2015-7344

Malware in sbrugna...

CVE-2024-50800

Cross Site Scripting vulnerability in M2000 Smart4Web before v.5.020241004 allows a remote attacker to execute arbitrary code via the error parameter in URL...

CVE-2024-50800

Cross Site Scripting vulnerability in M2000 Smart4Web before v.5.020241004 allows a remote attacker to execute arbitrary code via the error parameter in URL...

CVE-2024-50800

Cross Site Scripting vulnerability in M2000 Smart4Web before v.5.020241004 allows a remote attacker to execute arbitrary code via the error parameter in URL...

PT-2024-34411 · Unknown · M2000 Smart4Web

Name of the Vulnerable Software and Affected Versions: M2000 Smart4Web versions prior to 5.020241004 Description: The issue allows a remote attacker to execute arbitrary code via the error parameter in the URL. This is a Cross Site Scripting vulnerability, which can lead to the execution of...

CVE-2024-50800

CVE-2024-50800 affects M2000 Smart4Web prior to v5.020241004. The issue is a Cross Site Scripting vulnerability in which an attacker can execute arbitrary code via the URL’s error parameter, remotely. The base metrics indicate a network-exposed, low-privilege, user-interaction-required, partial i...

CVE-2024-50800

Cross Site Scripting vulnerability in M2000 Smart4Web before v.5.020241004 allows a remote attacker to execute arbitrary code via the error parameter in URL...

Foba Fiber Laser Marking Machine M2000

Binary data 764786.prm...

Security Bulletin: Vulnerability in OpenSSL affects IBM MQ Appliance (CVE-2015-1788)

Summary An OpenSSL denial of service vulnerability disclosed by the OpenSSL Project affects GSKit. IBM MQ Appliance uses GSKit and addressed the applicable CVE. Vulnerability Details CVEID: CVE-2015-1788 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by an error when processing...

Security Bulletin: Vulnerability in RC4 stream cipher affects IBM WebSphere MQ (CVE-2015-2808)

Summary The RC4 “Bar Mitzvah” Attack for SSL/TLS affects IBM WebSphere MQ. Vulnerability Details CVEID: CVE-2015-2808 DESCRIPTION: The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this...

Security Bulletin: Vulnerabilities in GSKit affect IBM WebSphere MQ (CVE-2015-0159, CVE-2015-0138 and CVE-2014-6221)

Summary GSKit is an IBM component that is used by IBM WebSphere MQ. The GSKit that is shipped with IBM WebSphere MQ contains multiple security vulnerabilities including the "FREAK: Factoring Attack on RSA-EXPORT keys" TLS/SSL client and server vulnerability. Vulnerability Details CVEID:...

Command injection

MQCLI on IBM MQ Appliance M2000 and M2001 devices allows local users to execute arbitrary shell commands via a crafted 1 Disaster Recovery or 2 High Availability command...

IBM MQ M2000 Appliance Information Disclosure Vulnerability

The IBM MQ M2000 Appliance is an all-in-one appliance for rapid deployment of enterprise-class messaging middleware from IBM USA. A security vulnerability exists in queue manager in IBM MQ M2000 Appliance versions prior to 8.0.0.4. A local attacker can exploit this vulnerability by leveraging the...

IBM MQ M2000 Appliance GSKit Privilege Access Control Vulnerability

GSKit on IBM MQ M2000 appliancesIBM MQ M2000 Appliance is an all-in-one appliance for rapid deployment of enterprise-class messaging middleware from IBM, U.S.A. GSKit is a set of security management tools. A security vulnerability exists in GSKit in IBM MQ M2000 Appliance versions prior to 8.0.0....

IBM MQ M2000 Appliance GSKit Information Disclosure Vulnerability

The IBM MQ M2000 Appliance is an all-in-one appliance for rapid deployment of enterprise-class messaging middleware from IBM, USA.GSKit is a set of security management tools within it. A security vulnerability exists in GSKit in IBM MQ M2000 Appliance versions prior to 8.0.0.4. A remote attacker...

CVE-2015-1985

The queue manager on IBM MQ M2000 appliances before 8.0.0.4 allows local users to bypass an intended password requirement and read private keys by leveraging the existence of a stash file...

Design/Logic Flaw

The queue manager on IBM MQ M2000 appliances before 8.0.0.4 allows local users to bypass an intended password requirement and read private keys by leveraging the existence of a stash file...

CVE-2015-1985

Affected product: IBM MQ Appliance M2000. Vulnerability: local attacker with read authority can bypass password and read private keys by exploiting the stash file in versions prior to 8.0.0.4. Root cause: stash-file presence enabling unauthorized access to key material. Impact: potential exposure...

CVE-2015-1985

The queue manager on IBM MQ M2000 appliances before 8.0.0.4 allows local users to bypass an intended password requirement and read private keys by leveraging the existence of a stash file...