Malicious code in polymer-afahof-raa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5fbc1e133bb03c4b7190a6f3a704073fe7b2ac071e8efa9278c972c4bf98739b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-138625

Malicious code in polymer-afahof-raa npm...

Malicious code in @zalastax/nolb-_raa (npm)

The package @zalastax/nolb-raa was found to contain malicious code...

MAL-2025-10354 Malicious code in @zalastax/nolb-_raa (npm)

The package @zalastax/nolb-raa was found to contain malicious code...

Security Bulletin: Asset Analyzer (RAA) is affected by a WebSphere Application Server vulnerability

Summary Rational Asset Analyzer RAA has addressed the following vulnerability in WebSphere Application Server. Vulnerability Details CVEID: CVE-2020-4329 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0 and Liberty 17.0.0.3 through 20.0.0.4 could allow a remote, authenticated...

Security Bulletin: Asset Analyzer (RAA) is affected by two WebSphere Application Server vulnerabilities.

Summary Rational Asset Analyzer RAA has addressed the following vulnerabilities in WebSphere Application Server. Vulnerability Details CVEID: CVE-2020-4303 DESCRIPTION: IBM WebSphere Application Server - Liberty 17.0.0.3 through 20.0.0.3 is vulnerable to cross-site scripting. This vulnerability...

Security Bulletin: Asset Analyzer (RAA) is affected by a WebSphere Application Server vulnerability

Summary Rational Asset Analyzer RAA has addressed the following vulnerability in WebSphere Application Server. Vulnerability Details CVEID: CVE-2019-12406 DESCRIPTION: Apache CXF is vulnerable to a denial of service, caused by the failure to restrict the number of message attachments present in a...

Security Bulletin: Asset Analyzer (RAA) is affected by a WebSphere Application Server vulnerability

Summary Rational Asset Analyzer RAA has addressed the following vulnerability. IBM WebSphere Application Server Liberty could allow a remote attacker to obtain sensitive information caused by the improper setting of a cookie. Vulnerability Details CVEID: CVE-2019-4305 DESCRIPTION: IBM WebSphere...

Security Bulletin: Rational Asset Analyzer is affected by a WebSphere Application Server vulnerability

Summary Rational Asset Analyzer RAA has addressed the following vulnerability.BM WebSphere Application Server - Liberty could allow a remote attacker to bypass security restrictions caused by improper session validation. Vulnerability Details CVEID: CVE-2019-4304 DESCRIPTION: IBM WebSphere...

Security Bulletin: Rational Asset Analyzer (RAA) is affected by several WebSphere Application Server vulnerabilities.

Summary Rational Asset Analyzer RAA has addressed the following WebSphere Application Server vulnerabilities. Vulnerability Details CVEID: CVE-2019-9515 DESCRIPTION: Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service. The attacker sends a...

Security Bulletin: Asset Analyzer (RAA) is affected by a WebSphere Application Server vulnerability

Summary Asset Analyzer RAA has addressed the following vulnerability. IBM WebSphere Application Server could allow a remote attacker to temporarily gain elevated privileges on the system, caused by incorrect cached value being used. Vulnerability Details CVEID: CVE-2018-1901 DESCRIPTION: IBM...

Security Bulletin: Rational Asset Analyzer (RAA) is affected by a WAS Liberty vulnerability.

Summary Rational Asset Analyzer has addressed the following vulnerability. IBM WebSphere Application Server Liberty could allow a remote attacker to obtain sensitive information, caused by the failure to encrypt ORB communication. Vulnerability Details CVEID: CVE-2018-1683 DESCRIPTION: IBM...

CVE-2016-5967

The IBM Security Bulletin confirms CVE-2016-5967 affects Rational Asset Analyzer 6.1.0 prior to FP10, where the installation/upgrade process could expose the WAS Admin password by reading IM native logs. The vulnerability is local and arises from viewing installation logs, enabling credential dis...

RAA Ransomware Composed Entirely of JavaScript

We’ve already seen ransomware take on many forms this year, but researchers this week claim they’ve noticed a new strain unlike any they’ve seen prior–a type composed entirely of JavaScript. The ransomware, dubbed RAA by researchers, has been circulating through attachments masquerading as Word...