[SECURITY] Fedora 36 Update: yggdrasil-0.2.98^1.ffb580f-0.3.20220127gitffb580f.fc36

yggdrasil is a client daemon that establishes a receiving queue for instructi ons to be sent to the system via a broker...

IBM Security Verify Information Queue Information Disclosure Vulnerability (CNVD-2022-54888)

IBM Security Verify Information Queue using the acronym "ISIQ" is a cross-product integrator that uses Kafka technology and a publish/subscribe model to integrate data between IBM Security products. Security Verify Information Queue is vulnerable to information disclosure in version 10.0.2. An...

CVE-2022-34558

WMAgent v1.3.3rc2 and 1.3.3rc1, reqmgr 2 1.4.1rc5 and 1.4.0rc2, reqmon 1.4.1rc5, and global-workqueue 1.4.1rc5 allows attackers to execute arbitrary code via a crafted dbs-client package...

PYSEC-2022-43163

WMAgent v1.3.3rc2 and 1.3.3rc1, reqmgr 2 1.4.1rc5 and 1.4.0rc2, reqmon 1.4.1rc5, and global-workqueue 1.4.1rc5 allows attackers to execute arbitrary code via a crafted dbs-client package...

PYSEC-2022-43174

WMAgent v1.3.3rc2 and 1.3.3rc1, reqmgr 2 1.4.1rc5 and 1.4.0rc2, reqmon 1.4.1rc5, and global-workqueue 1.4.1rc5 allows attackers to execute arbitrary code via a crafted dbs-client package...

PYSEC-2022-43136

WMAgent v1.3.3rc2 and 1.3.3rc1, reqmgr 2 1.4.1rc5 and 1.4.0rc2, reqmon 1.4.1rc5, and global-workqueue 1.4.1rc5 allows attackers to execute arbitrary code via a crafted dbs-client package...

IBM Security Verify Information Queue Cross-Site Request Forgery Vulnerability (CNVD-2022-54907)

IBM Security Verify Information Queue is an integration product from IBM USA. It utilizes Kafka technology and a publish/subscribe model to integrate data between IBM Security products. A cross-site request forgery vulnerability exists in IBM Security Verify Information Queue version 10.0.2, whic...

DEBIAN-CVE-2022-36946

nfqnlmangle in net/netfilter/nfnetlinkqueue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service panic because, in the case of an nfqueue verdict with a one-byte nftapayload attribute, an skbpull can encounter a negative skb-len...

AZL-10440 CVE-2022-36946 affecting package kernel for versions less than 5.15.67.1-4

nfqnlmangle in net/netfilter/nfnetlinkqueue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service panic because, in the case of an nfqueue verdict with a one-byte nftapayload attribute, an skbpull can encounter a negative skb-len...

IBM Security Verify Information Queue Cross-Site Request Forgery Vulnerability (CNVD-2022-55633)

IBM Security Verify Information Queue is an integration product from IBM of America, Inc. IBM Security Verify Information Queue version 10.0.2 contains a cross-site request forgery vulnerability that originates when a WEB application does not adequately verify that a request is from a trusted use...

IBM Security Verify Information Queue Trust Management Issue Vulnerability

IBM Security Verify Information Queue is an integration product from IBM of America, Inc. IBM Security Verify Information Queue version 10.0.2 is vulnerable to a trust management issue stemming from its use of hard-coded credentials used for inbound authentication, outbound communication to...

IBM Security Verify Information Queue Information Disclosure Vulnerability (CNVD-2022-55635)

IBM Security Verify Information Queue is an integration product from IBM of America, Inc. Leverages Kafka technology and a publish/subscribe model to integrate data between IBM Security products. IBM Security Verify Information Queue version 10.0.2 is vulnerable to an information disclosure...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel version 5.18.14 and earlier, which stems from nfqnlmangle in net/netfilter/nfnetlinkqueue.c that allows a remote attacker to cau...

CVE-2022-35286

IBM Security Verify Information Queue 10.0.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 230814...

CVE-2022-35286

IBM Security Verify Information Queue 10.0.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 230814...

Cross site request forgery (csrf)

IBM Security Verify Information Queue 10.0.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 230814...

CVE-2022-35286

CVE-2022-35286 affects IBM Security Verify Information Queue (ISIQ) 10.0.2. The vulnerability is a cross-site request forgery (CSRF) in the web UI that could allow an attacker to perform malicious, unauthorized actions on behalf of a trusted user. The root cause relates to insufficient request ve...

IBM Security Verify Information Queue 跨站请求伪造漏洞

IBM Security Verify Information Queue is an integration product from IBM USA. It utilizes Kafka technology and a publish/subscribe model to integrate data between IBM Security products. A cross-site request forgery vulnerability exists in IBM Security Verify Information Queue version 10.0.2, whic...

Security Bulletin: IBM Security Verify Information Queue web UI is vulnerable to cross-site request forgery (CVE-2022-35286)

Summary IBM Security Verify Information Queue ISIQ may be vulnerable to cross-site request forgery. The code has been updated to address the issue. Vulnerability Details CVEID:CVE-2022-35286 DESCRIPTION: IBM Security Verify Information Queue is vulnerable to cross-site request forgery which could...

CVE-2022-35288

IBM Security Verify Information Queue 10.0.2 could allow a user to obtain sensitive information that could be used in further attacks against the system. IBM X-Force ID: 230818...