Lucene search
K

405 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/06/28 5:18 p.m.18 views

Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere Application Server used by IBM Master Data Management

Summary IBM WebSphere Application Server, used by Master Data Management, is vulnerable to spoofing via the optional and separately installable Web Server Plug-ins for IBM WebSphere Application Server component. This has been addressed in the remediation section. Vulnerability Details...

5.3CVSS5.1AI score0.00362EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/28 5:16 p.m.22 views

Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere Application Server used by IBM Master Data Management

Summary IBM WebSphere Application Server is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 249185. Vulnerability Details...

9.1CVSS7.6AI score0.00859EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/27 7:1 p.m.30 views

Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere Application Server used by IBM Master Data Management (CVE-2023-30441)

Summary IBM Runtime Environment, Java Technology Edition IBMJCEPlus and JSSE components could expose sensitive information using a combination of flaws and configurations within WebSphere Application Server used by Master Data Management. Vulnerability Details CVEID:CVE-2023-30441 DESCRIPTION: IB...

7.5CVSS7.5AI score0.00609EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/27 6:51 p.m.19 views

Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere Application Server used by IBM Master Data Management

Summary There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVEs listed in this document might affect some configurations of IBM WebSphere Application Server traditiona...

7.2AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/27 1:56 a.m.43 views

Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere Application Server used by IBM Master Data Management

Summary IBM Master Data Management is affected by vulnerablity in IBM WebSphere Application Server being vulnerable to cross-site scripting in the Admin Console when using the Application Migration Report function. This has been addressed. Vulnerability Details CVEID:CVE-2022-40750 DESCRIPTION: I...

5.4CVSS5.4AI score0.00371EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/11 9:10 p.m.46 views

Security Bulletin: Vulnerabilities in IBM Java Runtime affect IBM WebSphere Application Servers used by IBM Master Data Management (CVE-2022-21496, CVE-2022-21434, CVE-2022-21443)

Summary There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. These might affect some configurations of IBM WebSphere Application Server traditional and IBM WebSphere...

5.3CVSS6.2AI score0.03458EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/11 6:26 p.m.46 views

Security Bulletin: Security vulnerability in Apache CXF affects IBM InfoSphere Master Data Management

Summary By default, Apache CXF creates a /services page containing a listing of the available endpoint names and addresses. This webpage is vulnerable to a reflected Cross-Site Scripting XSS attack via the styleSheetPath, which allows a malicious actor to inject javascript into the web page. This...

6.1CVSS6.1AI score0.42993EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/10 4:7 p.m.7 views

Security Bulletin: Multiple vulnerabilities may affect IBM® SDK, Java™ Technology Edition used by IBM Master Data Management

Summary Java SE issues disclosed in the Oracle July 2022 Critical Patch Update could affect IBM Master Data Management. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products| Versions ---|--- InfoSphere Maste...

6.7AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/10 3:46 p.m.23 views

Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere Application Server used by IBM Master Data Management

Summary IBM WebSphere Application Server is vulnerable to information disclosure. IBM WebSphere Application Server 8.5, and 9.0 could allow a remote attacker to obtain sensitive information caused by improper handling of Administrative Console data. This information could be used in further attac...

5.3CVSS4.5AI score0.00819EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/10 3:7 p.m.30 views

Security Bulletin: Security vulnerabilities have been identified in IBM® SDK, Java™ Technology Edition used in IBM WebSphere Application Server used by IBM Master Data Management

Summary CVE-2022-21299 was disclosed as part of the Oracle January 2022 Critical Patch Update. An unspecified vulnerability in Java SE related to the JAXP component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack...

5.3CVSS5.5AI score0.03458EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/10 2:51 p.m.28 views

Security Bulletin: Security vulnerabilities have been identified in IBM® SDK, Java™ Technology Edition used in IBM WebSphere Application Server and used by IBM Master Data Management

Summary CVE-2021-35561 was disclosed as part of the Oracle October 2021 Critical Patch Update. Vulnerability Details CVEID:CVE-2021-35561 DESCRIPTION: An unspecified vulnerability in Java SE related to the Utility component could allow an unauthenticated attacker to cause a denial of service...

5.3CVSS5.7AI score0.06468EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2023/01/09 12:0 a.m.5 views

Talend Open Studio for MDM 代码问题漏洞

Talend Open Studio for MDM is an open source software from Talend Open Source. It provides master data management, data management, integration and data quality in a single platform. A code issue vulnerability exists in Talend Open Studio for MDM that stems from unknown code in the component XML...

9.8CVSS6.3AI score0.00669EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/12/28 12:0 a.m.4 views

Talend Open Studio for MDM 代码问题漏洞

Talend Open Studio for MDM is an open source software from Talend Open Source. It provides master data management, data management, integration and data quality in a single platform. A code issue vulnerability exists in Talend Open Studio for MDM, which stems from a problem with an unknown functi...

5.5CVSS5.6AI score0.00522EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2022/12/28 12:0 a.m.5 views

PT-2022-28117 · Talend · Talend Open Studio For Mdm

Name of the Vulnerable Software and Affected Versions: Talend Open Studio for MDM versions prior to 20221220 1938 Description: A vulnerability was found in Talend Open Studio for MDM, affecting an unknown functionality of the file...

5.5CVSS5.8AI score0.00522EPSS
Exploits0References8
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/09 2:43 p.m.13 views

Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere Application Server used by IBM Master Data Management

Summary IBM InfoSphere Master Data Management is affected by IBM WebSphere Application Server which is vulnerable to SOAPAction spoofing when processing JAX-WS Web Services requests Vulnerability Details CVEID:CVE-2022-38712 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Web...

5.9CVSS5.8AI score0.00475EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/09 2:27 p.m.22 views

Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere Application Server used by IBM Master Data Management

Summary IBM InfoSphere Master Data Management is affected by vulnerbility in IBM WebSphere Application Server to a server-side request forgery vulnerability. This has been addressed. Vulnerability Details CVEID:CVE-2022-35282 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is...

6.5CVSS5AI score0.00312EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/09 1:56 p.m.19 views

Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere Application Server used by IBM Master Data Management

Summary IBM InfoSphere Master Data Management is affected by IBM WebSphere Application Server vulnerability to cross-site scripting in the Admin Console. This has been addressed. Vulnerability Details CVEID:CVE-2022-34336 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is...

5.4CVSS5.4AI score0.00412EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/01 2:44 p.m.28 views

Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere Application Server used by IBM Master Data Management

Summary IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force...

6.1CVSS5.9AI score0.00495EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/25 11:13 p.m.31 views

Security Bulletin: IBM InfoSphere Master Data Management Java API Documentation Frame Injection Vulnerability (CVE-2013-1571)

Abstract API Documentation contains a frame injection vulnerability Content VULNERABILITY DETAILS: CVEID: CVE-2013-1571 DESCRIPTION: HTML documentation generated by the Javadoc tool contains a security vulnerability. The vulnerability allows an attacker to craft a malicious link to the...

4.3CVSS7.4AI score0.66817EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/25 11:13 p.m.42 views

Security Bulletin: IBM InfoSphere Master Data Management Reference Data Management – Java CPU Feb 2013 (CVE-2013-0440, CVE-2013-0443, CVE-2013-0169)

Abstract Multiple security vulnerabilities exist in the IBM Java SDK shipped with IBM WebSphere Application Server that affects IBM InfoSphere Master Data Management versions 10.0.0, 10.1.0,and 11.0.0 Content VULNERABILITY DETAILS: CVE-2013-0440 - Unspecified vulnerability in Java Runtime...

5CVSS0.7AI score0.35584EPSS
Exploits2Affected Software2
Rows per page
Query Builder