296 matches found
EUVD-2014-6015
Malware in sbrugna...
EUVD-2017-10637
Malware in sbrugna...
EUVD-2018-12101
Malware in sbrugna...
Security Bulletin: The IBM® Engineering Lifecycle Engineering products using IBM® SDK, Java™ Technology Edition are affected by multiple vulnerabilities (CVE-2022-21628, CVE-2022-21626, CVE-2022-21624, CVE-2022-21619)
Summary This covers all applicable Java SE CVEs published by Oracle as part of their October 2022 Critical Patch Update. Following IBM® Engineering Lifecycle Engineering products are vulnerable to this attack, it has been addressed in this bulletin: Jazz Foundation, IBM Engineering Lifecycle...
Security Bulletin: The IBM® Engineering Lifecycle Engineering products are vulnerable to CVE-2021-28167
Summary A flaw in Eclipse OpenJ9 allows malicious code to access static methods and fields in classes before those classes have been initialized. Following IBM® Engineering Lifecycle Engineering products are vulnerable to this attack, it has been addressed in this bulletin: Jazz Foundation, IBM...
GHSA-J8XR-2279-88QJ Jenkins RQM Plugin vulnerable to Improper Restriction of XML External Entity Reference
Jenkins RQM Plugin 2.8 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers able to provide crafted API responses from Rational Quality Manager to have Jenkins parse a crafted XML document that uses external entities for extraction of...
Jenkins RQM Plugin vulnerable to Improper Restriction of XML External Entity Reference
Jenkins RQM Plugin 2.8 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers able to provide crafted API responses from Rational Quality Manager to have Jenkins parse a crafted XML document that uses external entities for extraction of...
Security Bulletin: Vulnerabilities (CVE-2021-39038, CVE-2021-23450) in IBM WebSphere Application Server may impact IBM Engineering Lifecycle Management (ELM) products based on IBM Jazz technology
Summary IBM Engineering Lifecycle Management ELM products based on IBM Jazz technology may integrate with IBM WebSphere Application Server WAS. Please review the following WAS Bulletins CVE-2021-39038, CVE-2021-23450 and take corrective actions. Vulnerability Details Refer to the security bulleti...
Security Bulletin: Multiple vulnerabilities in IBM Jazz Team Server affect IBM Rational products based on IBM Jazz technology
Summary There are multiple vulnerabilities in the IBM Jazz Team Server affecting the following IBM Rational Products: Collaborative Lifecycle Management CLM, Rational DOORS Next Generation RDNG, Rational Engineering Lifecycle Manager RELM, Rational Team Concert RTC, Rational Quality Manager RQM,...
Security Bulletin: Multiple vulnerabilities in IBM Jazz Team Server affect IBM Rational products based on IBM Jazz technology
Summary There are multiple vulnerabilities in the IBM Jazz Team Server affecting the following IBM Rational Products: Collaborative Lifecycle Management CLM, Rational DOORS Next Generation RDNG, Rational Engineering Lifecycle Manager RELM, Rational Team Concert RTC, Rational Quality Manager RQM,...
Security Bulletin: A security vulnerability for cross-site scripting affects multiple IBM Rational products based on IBM Jazz technology (CVE-2016-2986)
Summary This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session affecting the following IBM Jazz Team Server based Applications: Collaborative Lifecycle...
Security Bulletin: Potential Information Disclosure vulnerability in WebSphere Application Server affects multiple IBM Rational products based on IBM Jazz technology (CVE-2016-5986)
Summary Potential Information Disclosure vulnerability in WebSphere Application Server bundled with IBM Jazz Team Server based Applications affects multiple products: Collaborative Lifecycle Management CLM, Rational DOORS Next Generation RDNG, Rational Engineering Lifecycle Manager RELM, Rational...
Security Bulletin: Vulnerability affects multiple IBM Rational products based on IBM Jazz technology (CVE-2016-2947)
Summary An undisclosed information disclosure vulnerability in the IBM Jazz Foundation affects the following IBM Jazz based Applications: Collaborative Lifecycle Management CLM, Rational DOORS Next Generation RDNG, Rational Engineering Lifecycle Manager RELM, Rational Team Concert RTC, Rational...
Security Bulletin: Security vulnerability in Apache Tomcat affect multiple IBM Rational products based on IBM's Jazz technology
Summary The Jazz Team Server is shipped with/or supports versions of the Apache Tomcat web server which contains a security vulnerability that could potentially impact the following IBM Rational products deployed on Apache Tomcat: Collaborative Lifecycle Management CLM, Rational DOORS Next...
Security Bulletin: Cross-site scripting vulnerability in IBM Jazz Team Server affect IBM Rational products based on IBM Jazz technology
Summary Potential cross-site scripting vulnerability in the IBM Jazz Team Server affects the following IBM Rational Products: Collaborative Lifecycle Management CLM, Rational DOORS Next Generation RDNG, Rational Engineering Lifecycle Manager RELM, Rational Team Concert RTC, Rational Quality Manag...
Security Bulletin: Vulnerability in WebSphere Application Server affects multiple IBM Rational products based on IBM Jazz technology (CVE-2016-8934)
Summary Cross-site scripting vulnerability in WebSphere Application Server bundled with IBM Jazz Team Server based Applications affects multiple products: Collaborative Lifecycle Management CLM, Rational DOORS Next Generation RDNG, Rational Engineering Lifecycle Manager RELM, Rational Team Concer...
Security Bulletin: Information disclosure vulnerability affects multiple IBM Rational products based on IBM Jazz technology (CVE-2016-9735)
Summary Information disclosure vulnerability in the IBM Jazz Foundation affects the following IBM Jazz based Applications: Collaborative Lifecycle Management CLM, Rational DOORS Next Generation RDNG, Rational Engineering Lifecycle Manager RELM, Rational Team Concert RTC, Rational Quality Manager...
Security Bulletin: XXE Vulnerability in IBM Jazz Foundation affects multiple IBM Rational products based on IBM Jazz technology (CVE-2015-0112)
Summary An XML External Entity Injection vulnerability affects the following IBM Jazz Team Server based Applications: Collaborative Lifecycle Management CLM, Rational Requirements Composer RRC, Rational DOORS Next Generation RDNG, Rational Engineering Lifecycle Manager RELM, Rational Team Concert...
Security Bulletin: Clickjack vulnerability affects multiple IBM Rational products based on IBM Jazz technology (CVE-2015-1928)
Summary A vulnerability in the IBM Jazz Foundation affects the following IBM Jazz Team Server based Applications: Collaborative Lifecycle Management CLM, Rational Requirements Composer RRC, Rational DOORS Next Generation RDNG, Rational Engineering Lifecycle Manager RELM, Rational Team Concert RTC...
Security Bulletin: Cross-site scripting vulnerability affects multiple IBM Rational products based on IBM Jazz technology (CVE-2016-8968)
Summary Cross-site scripting vulnerability in the IBM Jazz Foundation affects the following IBM Jazz based Applications: Collaborative Lifecycle Management CLM, Rational DOORS Next Generation RDNG, Rational Engineering Lifecycle Manager RELM, Rational Team Concert RTC, Rational Quality Manager RQ...