10 matches found
Security Bulletin: Oracle Outside In Technology (OIT) Security Vulnerabilities - July 2024
Summary Oracle Outside In Technology OIT Security Vulnerabilities CVE-2023-45853 and CVE-2023-52425 - Resolved in July 2024 Oracle OIT v8.5.7 BP3 p36705510 Vulnerability Details CVEID:CVE-2023-45853 DESCRIPTION: MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer...
Security Bulletin: ThoughtWorks XStream CVE-2024-47072 security vulnerability in FileNet Content Manager (FNCM) Content Search Services (CSS)
Summary ThoughtWorks XStream CVE-2024-47072 security vulnerability in FileNet Content Manager FNCM Content Search Services CSS Vulnerability Details CVEID:CVE-2024-47072 DESCRIPTION: XStream is vulnerable to a denial of service, caused by a stack-based buffer overflow in BinaryStreamDriver. By...
Security Bulletin: FileNet Content Manager GraphQL jackson-databind security vulnerabilities, affected but not vulnerable
Summary FileNet Content Manager GraphQL jackson-databind security vulnerabilities CVE-2022-42003 and CVE-2022-42004, affected but not vulnerable Vulnerability Details CVEID:CVE-2022-42003 DESCRIPTION: FasterXML jackson-databind is vulnerable to a denial of service, caused by a lack of a check in...
Security Bulletin: IBM WebSphere Application Server Liberty is vulnerable to HTTP header injection (CVE-2022-34165) in FileNet Content Manager containers
Summary IBM WebSphere Application Server is vulnerable to HTTP header injection when processing web requests. This has been addressed. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products| Versions ---|---...
Security Bulletin: Apache Tika security vulnerabilities found during Open Source Scan in IBM Content Collector for email in Content Search Services (affected, not vulnerable)
Summary Apache Tika security vulnerabilities found during Open Source Scan in IBM Content Collector for email in Content Search Services in Apache Tika v1.28.2 and prior Vulnerability Details CVEID:CVE-2022-30126 DESCRIPTION: Apache Tika is vulnerable to a denial of service, caused by a regular...
Security Bulletin: Apache Derby security vulnerabilities in IBM System Dashboard for Enterprise Content Manager (affected, not vulnerable)
Summary Apache Derby security vulnerabilities in IBM System Dashboard for Enterprise Content Manager affected, not vulnerable Vulnerability Details CVEID:CVE-2018-1313 DESCRIPTION: Apache Derby could allow a remote attacker to bypass security restrictions, caused by improper validation of network...
Security Bulletin: Apache commons-compress security vulnerabilities in IBM Content Manager
Summary Apache commons-compress security vulnerabilities in IBM Content Navigator ICN toolkit affecting Administration Console for Content Platform Engine ACCE Vulnerability Details CVEID: CVE-2021-35516 DESCRIPTION: Apache Commons Compress is vulnerable to a denial of service, caused by an...
Security Bulletin: FileNet Content Manager is affected by a HTTP Client vulnerability
Summary FileNet Content Manager has addressed the following HTTP Client v3.0.1 and v4.0.1 vulnerability. Vulnerability Details CVEID: CVE-2012-5783 DESCRIPTION: Apache Commons HttpClient, as used in Amazon Flexible Payments Service FPS merchant Java SDK and other products, could allow a remote...
Security Bulletin: WebSphere security vulnerability in IBM Content Foundation on Cloud
Summary IBM WebSphere Application Server Network Deployment security vulnerability in Content Platform Engine Container Vulnerability Details CVEID: CVE-2020-4421 DESCRIPTION: IBM WebSphere Application Liberty 19.0.0.5 through 20.0.0.4 could allow an authenticated user using openidconnect to spoo...
Security advisory about Qt for Android
Two vulnerabilities have been identified in Qt for Android which could be used by a malicious application to hijack an existing Qt for Android application on the same device. The vulnerabilities in question were found by Satoru Nagaoka from Cyber Defense Institute, Inc., and have been assigned th...