CVE-2022-22325

IBM MQ IBM MQ for HPE NonStop 8.1.0 can inadvertently disclose sensitive information under certain circumstances to a local user from a stack trace. IBM X-Force ID: 218853...

Jenkins allows Unauthorized Viewing of Queue API Information

Jenkins before 1.638 and LTS before 1.625.2 allow remote attackers to obtain sensitive information via a direct request to queue/api...

GHSA-5XMF-9VGR-53MJ Jenkins allows Unauthorized Viewing of Queue API Information

Jenkins before 1.638 and LTS before 1.625.2 allow remote attackers to obtain sensitive information via a direct request to queue/api...

IBM MQ for HPE NonStop 信息泄露漏洞

IBM MQ IBM WebSphere MQ is a messaging middleware product from IBM. The product is mainly for the service-oriented architecture SOA to provide a reliable and proven messaging backbone. An information disclosure vulnerability exists in IBM MQ for HPE NonStop version 8.1.0, which can be exploited b...

Vulnerabilities fixed in IBM MQ

IBM has fixed multiple vulnerabilities in supporting software supplied with IBM MQ. The vulnerabilities are in Java, Eclipse Jetty and Websphere Liberty and were previously fixed in the individual products. A malicious party could potentially exploit the vulnerabilities to cause a...

The vulnerability of the print spooler daemon on Windows operating systems allows attackers to escalate their privileges.

The vulnerability of the Windows Print Spooler in operating systems related to the print queue is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

IBM Robotic Process Automation Licensing Issue Vulnerability

IBM Robotic Process Automation is a robotic process automation product from IBM Corporation. IBM Robotic Process Automation version 21.0.1 contains an authorization issue vulnerability that stems from the application's lack of privilege restrictions on queue deletion, which could be exploited by ...

kernel: RDMA/rxe: Return CQE error if invalid lkey was supplied

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Return CQE error if invalid lkey was supplied RXE is missing update of WQE status in LOCALWRITE failures. This caused the following kernel panic if someone sent an atomic operation with an explicitly wrong lkey. leonro@...

kernel: dm rq: don't queue request to blk-mq during DM suspend

In the Linux kernel, the following vulnerability has been resolved: dm rq: don't queue request to blk-mq during DM suspend DM uses blk-mq's quiesce/unquiesce to stop/start device mapper queue. But blk-mq's unquiesce may come from outside events, such as elevator switch, updating nrrequests or...

kernel: igc: avoid kernel warning when changing RX ring parameters

In the Linux kernel, the following vulnerability has been resolved: igc: avoid kernel warning when changing RX ring parameters Calling ethtool changing the RX ring parameters like this: $ ethtool -G eth0 rx 1024 on igc triggers kernel warnings like this: 225.198467 ------------ cut here...

kernel: Linux kernel: integer overflow and information disclosure via undefined shift operation in drm/amdkfd

A flaw was found in the Linux kernel’s AMD Kernel Fusion Driver amdkfd within the drm subsystem. When either getnumsdmaqueues or getnumxgmisdmaqueues returned 0, the driver performed a bit shift where the number of bits shifted equaled the operand width. Such a shift is undefined behavior in C an...

a2 (>=0.5.0-alpha.6 <=0.5.0-alpha.7), abci-rs (=0.2.0) +425 more potentially affected by unknown CVE via crossbeam-queue (>=0.1.2 <=0.2.0)

crossbeam-queue CARGO version =0.1.2, =0.5.0-alpha.6, =0.0.2, =0.0.1, =0.1.0-alpha.2, =0.1.5, =0.12.0, =0.5.0, =0.1.0, =0.3.0 - amethyst-navigation =0.1.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2022-0021...

CVE-2022-22319

IBM Robotic Process Automation 21.0.1 could allow a register user on the system to physically delete a queue that could cause disruption for any scripts dependent on the queue. IBM X-Force ID: 218366...

CVE-2022-22319

IBM Robotic Process Automation 21.0.1 could allow a register user on the system to physically delete a queue that could cause disruption for any scripts dependent on the queue. IBM X-Force ID: 218366...

CVE-2022-22319

IBM Robotic Process Automation 21.0.1 contains an authorization issue: a registered user can delete a queue, disrupting scripts dependent on that queue. The root cause is lack of privilege restrictions on queue deletion. A fix is available: upgrade to IBM Robotic Process Automation 21.0.1.2 or hi...

CVE-2022-22319

IBM Robotic Process Automation 21.0.1 could allow a register user on the system to physically delete a queue that could cause disruption for any scripts dependent on the queue. IBM X-Force ID: 218366...

IBM Robotic Process Automation 安全漏洞

IBM Robotic Process Automation is a robotic process automation product from IBM Corporation. IBM Robotic Process Automation version 21.0.1 contains an authorization issue vulnerability that stems from the application's lack of privilege restrictions on queue deletion, which could be exploited by ...

PT-2022-15358 · Ibm · Ibm Robotic Process Automation

Name of the Vulnerable Software and Affected Versions: IBM Robotic Process Automation version 21.0.1 Description: The issue allows a registered user on the system to physically delete a queue, which could cause disruption for any scripts dependent on the queue. Recommendations: For IBM Robotic...

CVE-2022-22319

IBM Robotic Process Automation 21.0.1 could allow a register user on the system to physically delete a queue that could cause disruption for any scripts dependent on the queue. IBM X-Force ID: 218366...

Cross-site request forgery in Apache ActiveMQ

Cross-site request forgery CSRF vulnerability in createDestination.action in Apache ActiveMQ before 5.3.1 allows remote attackers to hijack the authentication of unspecified victims for requests that create queues via the JMSDestination parameter in a queue action...