Security Bulletin: IBM QRadar SIEM is vulnerable to a publicly disclosed vulnerability in Spring Framework (CVE-2018-15756)

Summary Open source Spring Framework as used in IBM QRadar SIEM is vulnerable to a denial of service Vulnerability Details CVEID: CVE-2018-15756 Description: Pivotal Spring Framework is vulnerable to a denial of service, caused by improper handling of range request by the...

Security Bulletin: IBM QRadar SIEM is vulnerable to cross site scripting (XSS) (CVE-2019-4211)

Summary IBM QRadar SIEM is vulnerable to cross site scripting XSS Vulnerability Details CVEID: CVE-2019-4211 Description: IBM QRadar is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality...

Zimbra Collaboration Suite ProxyServlet Server Side Request Forgery

Added: 06/06/2019 CVE: CVE-2019-9621 Background Zimbra Collaboration Suite is an email, calendar, and collaboration solution for enterprises. Problem The ProxyServlet component allows a remote attacker to upload arbitrary files, which can then be executed, using XML External Entity injection and...

Zimbra Web Client (ZWC) Cross-Site Scripting Vulnerability

Zimbra Collaboration Suite ZCS is an open source collaboration suite from the American company Zimbra. The product includes WebMail, Calendar, Address Book, etc. Zimbra Web Client ZWC is one of the e-mail client program. A cross-site scripting vulnerability exists in the briefcase component of ZW...

CVE-2018-14425

There is a Persistent XSS vulnerability in the briefcase component of Synacor Zimbra Collaboration Suite ZCS Zimbra Web Client ZWC 8.8.8 before 8.8.8 Patch 7 and 8.8.9 before 8.8.9 Patch 1...

Security Bulletin: IBM QRadar SIEM is vulnerable to Information Exposure (CVE-2018-1729)

Summary The product discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. Vulnerability Details CVEID: CVE-2018-1729 Description: IBM QRadar discloses sensitive information to unauthorized users. The information can be used to...

Veeam Availability Console v3 Patch 1 (build 2703)

Challenge Veeam Availability Console v3 Patch 1 build 2703 Cause Please confirm you are running version 3.0.0.2647 prior to installing this Patch 1. You can check this under Windows Programs and features. After upgrading, your build will be version 3.0.0.2703. Note: This patch needs to be install...

EMC RSA Authentication Manager < 8.4 P1 Insecure Credential Management (DSA-2019-038)

The version of EMC RSA Authentication Manager running on the remote host is prior to 8.4 Patch 1. It is, therefore, affected by an insecure credential management vulnerability in the operations console components. An authenticated, remote attacker with administrator privileges can exploit this, t...

Security Bulletin: IBM QRadar SIEM is vulnerable to shell command injection vulnerability in the admin panel. (CVE-2015-4930, CVE-2015-2016 )

Summary IBM QRadar SIEM is vulnerable to a shell command injection the in admin panel if logged in as an admin user. Vulnerability Details CVE-ID: CVE-2015-4930 Description: IBM QRadar could allow a user authenticated with admin access, to execute commands on the server as root. CVSS Base Score:8...

SECURITY BULLETIN: Webmin as used in IBM QRadar SIEM is vulnerable to Execute code as root. (CVE-2015-2011)

Summary The xmlrpc.cgi Webmin script allows arbitrary command execution and escalation of privileges. Vulnerability Details CVE-ID: CVE-2015-2011 Description: IBM QRadar could allow an authenticated user to execute code as root. CVSS Base Score:8.5 CVSS Temporal Score: See...

Security Bulletin: SQL Injection and Incorrect Handling of SSH Connection vulnerability in QRadar (CVE-2014-4824, CVE-2014-4826)

Summary IBM QRadar 7.2 MR2 contains SQL Injection and Incorrect Handling of SSH Connection vulnerabilities . Vulnerability Details CVE ID: CVE-2014-4824 DESCRIPTION: IBM QRadar is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the...

CVE-2015-7610

Cross-site request forgery CSRF vulnerability in the login form in Zimbra Collaboration Suite aka ZCS before 8.6.0 Patch 10, 8.7.x before 8.7.11 Patch 2, and 8.8.x before 8.8.8 Patch 1 allows remote attackers to hijack the authentication of unspecified victims by leveraging failure to use a CSRF...

[SECURITY] [DLA 1348-1] patch security update

Package : patch Version : 2.6.1-3+deb7u1 CVE ID : CVE-2018-1000156 Debian Bug : 894993 It was discovered that there was an input validation vulnerability in the patch1 utility where an ed1 script embedded in a regular input file could result in arbitrary code execution. This was reported by Rache...

HP ArcSight ESM 6.x < 6.9.1.2377.4 / 6.11.0.2385.1 Multiple Vulnerabilities

According to its self-reported version number, the version of HP ArcSight Enterprise Security Manager ESM installed on the remote host is 6.x prior to 6.9.1c Patch 4 or 6.11.0 Patch 1. It is, therefore, affected by multiple vulnerabilities. See advisory for details. C Tenable Network Security, In...

CVE-2017-13991

An information leakage vulnerability in ArcSight ESM and ArcSight ESM Express, any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1, allows disclosure of product license features...

Cross site scripting

A reflected Cross-Site ScriptingXSS vulnerability in ArcSight ESM and ArcSight ESM Express, any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1, allows for unintended information when a specific URL is sent to the system...

RSA Authentication Manager 8.2 SP1 Cross Site Scripting Vulnerability

RSA Authentication Manager versions 8.2 SP1 and below suffer from a stored cross site scripting vulnerability. RSAr Authentication Manager Stored Cross-Site Scripting Vulnerability CVE Identifier: CVE-2017-8000 Severity Rating: CVSSv3: 4.1 AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:N Affected Products: RS...

CVE-2016-5761

Cross-site scripting XSS vulnerability in Novell GroupWise before 2014 R2 Service Pack 1 Hot Patch 1 allows remote attackers to inject arbitrary web script or HTML via a crafted email...

Arbitrary file upload vulnerability in GigaCC OFFICE

Overview GigaCC OFFICE provided by WAM!NET Japan K.K. contains a vulnerability where arbitrary files may be uploaded. WAM!NET Japan K.K. and the following people reported these vulnerabilities to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and WAM!NET Japan K.K. coordinated...

FreeBSD : FreeBSD -- shell injection vulnerability in patch(1) (0c6759dd-600a-11e6-a6c3-14dae9d210b8)

Due to insufficient sanitization of the input patch stream, it is possible for a patch file to cause patch1 to run commands in addition to the desired SCCS or RCS commands. Impact : This issue could be exploited to execute arbitrary commands as the user invoking patch1 against a specially crafted...