50 matches found
EUVD-2018-12112
Malware in sbrugna...
EUVD-2018-12113
Malware in sbrugna...
EUVD-2016-3987
Malware in sbrugna...
EUVD-2019-14038
Malware in sbrugna...
EUVD-2016-3985
Malware in sbrugna...
Security Bulletin: The IBM® Engineering Lifecycle Engineering products using IBM® SDK, Java™ Technology Edition are affected by multiple vulnerabilities (CVE-2022-21628, CVE-2022-21626, CVE-2022-21624, CVE-2022-21619)
Summary This covers all applicable Java SE CVEs published by Oracle as part of their October 2022 Critical Patch Update. Following IBM® Engineering Lifecycle Engineering products are vulnerable to this attack, it has been addressed in this bulletin: Jazz Foundation, IBM Engineering Lifecycle...
Security Bulletin: The IBM® Engineering Lifecycle Engineering products are vulnerable to CVE-2021-28167
Summary A flaw in Eclipse OpenJ9 allows malicious code to access static methods and fields in classes before those classes have been initialized. Following IBM® Engineering Lifecycle Engineering products are vulnerable to this attack, it has been addressed in this bulletin: Jazz Foundation, IBM...
Security Bulletin: A Remote Attack Vulnerability in Apache Log4j affects IBM Engineering Lifecycle Optimization - Publishing
Summary There is a Vulnerability in Apache Log4j CVE-2021-44228 which is used by "IBM Engineering Lifecycle Optimization - Publishing PUB" and "Rational Publishing Engine RPE." Vulnerability Details CVEID:CVE-2021-44228 DESCRIPTION: Apache Log4j could allow a remote attacker to execute arbitrary...
Security Bulletin: Session cookie is missing secure attribute and affects IBM Publishing Engine
Summary There is a vulnerability in the session cookie which misses a secure attribute and affects IBM Publishing Engine Vulnerability Details CVEID: CVE-2020-4316 DESCRIPTION: IBM Publishing Engine does not set the secure attribute on authorization tokens or session cookies. Attackers may be abl...
Security Bulletin: Vulnerabilities in IBM Java Runtime affect Rational Publishing Engine
Summary There are multiple vulnerabilities in IBM Java Runtime Environment, Versions 7 and 8 that are used by Rational Publishing Engine. Vulnerability Details CVEID: CVE-2018-2783 DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the Java SE, Java SE Embedded, JRockit Securi...
IBM Rational Publishing Engine Cross-Site Scripting Vulnerability (CNVD-2020-05095)
IBM Rational Publishing Engine is a set of document automation solutions from IBM. The program can generate Rational product documentation , but also supports the choice of other vendors to generate documentation for the application . A cross-site scripting vulnerability exists in IBM Rational...
CVE-2019-4431
IBM Rational Publishing Engine 6.0.6 and 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...
CVE-2019-4431
IBM Rational Publishing Engine 6.0.6 and 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...
Cross site scripting
IBM Rational Publishing Engine 6.0.6 and 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...
CVE-2019-4431
IBM Rational Publishing Engine (RPE) versions 6.0.6 and 6.0.6.1 are affected by a cross-site scripting vulnerability in the Web UI, allowing attackers to inject arbitrary JavaScript and potentially disclose credentials in a trusted session. Root cause: Web UI XSS; impact as described in CVE-2019-...
CVE-2019-4431
IBM Rational Publishing Engine 6.0.6 and 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...
Security Bulletin: Multiple vulnerabilities affect Rational Publishing Engine
Summary Multiple security vulnerabilities affecting Rational Publishing Engine. Vulnerability Details CVEID: CVE-2015-0254 DESCRIPTION: Apache Standard Taglibs before 1.2.3 allows remote attackers to execute arbitrary code or conduct external XML entity XXE attacks via a crafted XSLT extension in...
Security Bulletin: Security vulnerabilities in IBM Java Runtime affect Rational Publishing Engine
Summary There are multiple vulnerabilities in IBM Java Runtime Environment, Versions 7 and 8 that are used by Rational Publishing Engine. These issues were disclosed as part of the IBM Java SDK updates in August 2019. Vulnerability Details CVEID: CVE-2019-2816 DESCRIPTION: Vulnerability in the Ja...
Security Bulletin: Security vulnerabilities in IBM Java Runtime affect Rational Publishing Engine
Summary There are multiple vulnerabilities in IBM Java Runtime Environment, Versions 7 and 8 that are used by Rational Publishing Engine. These issues were disclosed as part of the IBM Java SDK updates in April 2019. Vulnerability Details CVEID: CVE-2019-2602 DESCRIPTION: An unspecified...
Security Bulletin: Security vulnerabilities in IBM Java Runtime affect Rational Publishing Engine
Summary There are multiple vulnerabilities in IBM Java Runtime Environment, Versions 7 and 8 that are used by Rational Publishing Engine. These issues were disclosed as part of the IBM Java SDK updates in January 2019. Vulnerability Details CVEID: CVE-2019-2422 DESCRIPTION: An unspecified...