1072 matches found
PT-2026-25345
IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to...
IBM Sterling Partner Engagement Manager 安全漏洞
IBM Sterling Partner Engagement Manager is an automated management tool provided by IBM Corporation. Versions of IBM Sterling Partner Engagement Manager prior to 6.2.3.5 and 6.2.4.2 contain security vulnerabilities. These vulnerabilities stem from the risk that attackers may use expired access...
IBM Sterling Partner Engagement Manager 安全漏洞
IBM Sterling Partner Engagement Manager is an automated management tool provided by IBM Corporation. Versions of IBM Sterling Partner Engagement Manager prior to 6.2.3.5 and 6.2.4.2 contain security vulnerabilities. These vulnerabilities stem from the possibility of sensitive information being...
PT-2026-25340
IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow an attacker to obtain sensitive information from the query string of an HTTP GET method to process a request which could be obtained using man in the middle techniques...
IBM Sterling Partner Engagement Manager 安全漏洞
IBM Sterling Partner Engagement Manager is an automated management tool provided by IBM Corporation. Versions of IBM Sterling Partner Engagement Manager prior to 6.2.3.5 and 6.2.4.2 contain security vulnerabilities. These vulnerabilities stem from the possibility that attackers could extract...
IBM Sterling Partner Engagement Manager 安全漏洞
IBM Sterling Partner Engagement Manager is an automated management tool provided by IBM Corporation. Versions of IBM Sterling Partner Engagement Manager prior to 6.2.3.5 and 6.2.4.2 contain security vulnerabilities. These vulnerabilities stem from cross-site scripting attacks, which may allow...
PT-2026-25346
IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow a remote attacker to obtain sensitive information in cleartext in a communication channel that can be sniffed by unauthorized actors...
PT-2026-25347
IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow an attacker to obtain sensitive user information using an expired access token...
PT-2026-25348
IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow a remote attacker to obtain sensitive information when detailed technical error messages are returned. This information could be used in further attacks against the system...
Security Bulletin: Multiple Security Vulnerabilities in IBM Sterling Partner Engagement Manager
Summary Multiple vulnerabilities were addressed in IBM Sterling Partner Engagement Manager versions 6.2.3.6 and 6.2.4.3. Vulnerability Details CVEID:CVE-2016-1000338 DESCRIPTION: In Bouncy Castle JCE Provider version 1.55 and earlier the DSA does not fully validate ASN.1 encoding of signature on...
Exploiting PendingIntent Provenance Confusion to Spoof Android SDK Authentication
A single authentication bypass in a partner SDK grants attackers the identity of every partner in the ecosystem -- and millions of apps use SDKs with exactly this vulnerability. OWASP's 2024 Mobile Top 10 ranks Inadequate Supply Chain Security as the second most critical mobile risk, explicitly...
PT-2026-22008
Name of the Vulnerable Software and Affected Versions ServiceNow affected versions not specified Description A remote code execution issue exists within the ServiceNow AI platform. An unauthenticated user, under specific conditions, could potentially execute code within the ServiceNow Sandbox...
Flickr Notifies Users of Data Breach After External Partner Security Flaw
Flickr says a third-party email vendor flaw may have exposed user names, emails, IP data, and activity logs,…...
CVE-2025-15338
Tanium addressed an incorrect default permissions vulnerability in Partner Integration...
CVE-2025-15338
Tanium addressed an incorrect default permissions vulnerability in Partner Integration...
CVE-2025-15338 Tanium addressed an incorrect default permissions vulnerability in Partner Integration.
Tanium addressed an incorrect default permissions vulnerability in Partner Integration...
CVE-2025-15338
The CVE-2025-15338 entry concerns Tanium Partner Integration with an incorrect default permissions issue. Affected component: Tanium Partner Integration. Root cause/impact per the sources: the vulnerability is described as an incorrect default permission problem, with a CVSSv3.1 base score of 6.5...
EUVD-2025-206847
Tanium addressed an incorrect default permissions vulnerability in Partner Integration...
CVE-2025-15338 Tanium addressed an incorrect default permissions vulnerability in Partner Integration.
Tanium addressed an incorrect default permissions vulnerability in Partner Integration...
CVE-2025-15338
Tanium addressed an incorrect default permissions vulnerability in Partner Integration...