Security Bulletin: IBM MaaS360 Cloud Extender Agent, Configuration Utility and Mobile Enterprise Gateway (MEG) affected by multiple vulnerabilities (CVE-2024-21907, CVE-2023-39017, CVE-2024-40642, CVE-2015-2325)

Summary Vulnerabilities contained within newtonsoft.json 3rd party components were addressed in the IBM MaaS360 Cloud Extender Agent, Configuration Utility. Vulnerabilities contained within Netty 3rd party components were addressed in the IBM MaaS360 Mobile Enterprise Gateway MEG Module...

Security Bulletin: IBM MaaS360 Mobile Enterprise Gateway and VPN Module affected by multiple vulnerabilities

Summary A vulnerability contained within Open SSL was addressed in the IBM MaaS360 Cloud Extender VPN Module. Vulnerabilities contained within Spring Framework and Eclipse Jetty a 3rd party component were addressed in the IBM MaaS360 Mobile Enterprise Gateway MEG. Vulnerability Details...

Security Bulletin: IBM MaaS360 Cloud Extender Agent, Mobile Enterprise Gateway, Configuration Utility, VPN, Certificate and Base Module affected by multiple vulnerabilities

Summary Vulnerabilities contained within libcurl a 3rd party component and Open SSL were addressed in the IBM MaaS360 Cloud Extender Agent, Configuration Utility, Certificate, VPN and Base Modules. Vulnerabilities contained within Netty a 3rd party component were addressed in the IBM MaaS360 Mobi...

Security Bulletin: IBM MaaS360 Cloud Extender Agent, Mobile Enterprise Gateway and VPN module have multiple vulnerabilities (CVE-2021-22060, CVE-2022-22950, CVE-2022-0547, CVE-2022-0778, CVE-2022-22965)

Summary Vulnerabilities contained within 3rd party components were identified and remediated in the IBM MaaS360 Cloud Extender Agent, Mobile Enterprise Gateway and MaaS360 VPN module. Vulnerability Details CVEID: CVE-2021-22060 DESCRIPTION: VMware Tanzu Spring Framework could allow a remote...

Security Bulletin: IBM MaaS360 Cloud Extender Configuration Utility and Mobile Enterprise Gateway have vulnerability (CVE-2021-43797)

Summary A vulnerability contained within a 3rd party component was identified and remediated in the IBM MaaS360 Mobile Enterprise Gateway and MaaS360 Cloud Extender Configuration Utility module. Vulnerability Details CVEID: CVE-2021-43797 DESCRIPTION: Netty is vulnerable to HTTP request smuggling...

Security Bulletin: IBM MaaS360 Mobile Enterprise Gateway vulnerable to denial of service (CVE-2020-11612)

Summary A vulnerability was identified and remediated in the IBM MaaS360 Mobile Enterprise Gateway Vulnerability Details CVEID: CVE-2020-11612 DESCRIPTION: Netty is vulnerable to a denial of service, caused by unbounded memory allocation while decoding a ZlibEncoded byte stream in the ZlibDecoder...

Security Bulletin: IBM MaaS360 Mobile Enterprise Gateway has security vulnerabilities (CVE-2019-2044, CVE-2019-2045)

Summary Two vulnerabilities were identified and remediated in the IBM MaaS360 Mobile Enterprise Gateway. Vulnerability Details CVEID: CVE-2019-20445 DESCRIPTION: Netty could provide weaker than expected security, caused by non-proper handling of Content-Length and Transfer-Encoding in the...

Reddit Gold: Alice and Bob, Caught in a Web of Lies

Alice and Bob, the beloved or not-so-beloved, depending placeholder characters often used in cryptography examples, have been spotted in the middle of a web of deceit and intrigue by eagle-eyed Redditers. Think lies. Broken hearts. Even…murder. Yep, you heard that right. It all starts with the...

Sybase Unwired Platform本地安全绕过漏洞

Bugtraq ID: 49114 Sybase Unwired Platform是一款移动企业应用程序平台，可支持快捷地开发移动应用程序，以使企业用户能够利用多种移动设备安全地访问广泛的业务数据。 RIM黑莓设备平台上的Sybase Unwired Platform包含一个安全漏洞，其设备数据库在某些条件下没有正确加密。恶意物理能访问的用户可绕过某些安全限制。 Sybase Unwired Platform 2.0 Sybase Unwired Platform 1.5.5 Sybase Unwired Platform 1.5.3 Sybase Unwired Platform...