Security Bulletin: Multiple Vulnerabilities have been identified in IBM Db2 shipped with IBM WebSphere Remote Server

Summary IBM Db2 is shipped with IBM WebSphere Remote Server. Information about security vulnerabilities affecting IBM Db2 have been published in security bulletins Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected...

CVE-2025-42978

The widely used component that establishes outbound TLS connections in SAP NetWeaver Application Server Java does not reliably match the hostname that is used for the connection against the wildcard hostname defined in the received certificate of remote TLS server. This might lead to the outbound...

CVE-2023-50178

An improper certificate validation vulnerability CWE-295 in FortiADC 7.4.0, 7.2.0 through 7.2.3, 7.1 all versions, 7.0 all versions, 6.2 all versions, 6.1 all versions and 6.0 all versions may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication...

Weak password vulnerability in the oter4 management system

Alibaba B2B company, because of the characteristics of the business, the seller is mainly concentrated in the country, the buyer is mainly concentrated in foreign countries, so derived from Hangzhou and the United States of America, the demand for remote server room, and at the same time in order...

phpList <= 2.6.3 Multiple Vulnerabilities

According to its banner, the version of phpList installed on the remote host is prone to arbitrary command execution as well as information disclosure vulnerabilities. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

aspWebAlbum album.asp SQL Injection

The remote host appears to be running aspWebAlbum, an ASP script designed to faciliate the integration of multiple photo albums in a web-based application. There is a flaw in the remote software that could allow anyone to inject arbitrary SQL commands, which may in turn be used to gain...

DSA-447 hsftp - format string

Bulletin has no description...

SGDynamo sgdynamo.exe HTNAME Parameter Path Disclosure

The CGI 'sgdynamo.exe' can be tricked into giving the physical path to the remote web root. This information may be useful to an attacker who can use it to launch more effective attacks against the remote server. %NASLMINLEVEL 70300 This script written by Scott Shebby 12/2003 See the Nessus Scrip...

php-proxima autohtml.php Arbitrary File Retrieval

The remote host is running php-proxima, a website portal. There is a flaw in this version that allows an attacker to read arbitrary files on the remote host. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Ref: From: "Mind Warper" To: [email protected] Date: Thu, 15 May 2003 01:43:40...

smb2www Unspecified Arbitrary Remote Command Execution

The remote host is running smb2www - a SMB to WWW gateway. There is a flaw in the version of this CGI which allows anyone to execute arbitrary commands on this host by sending a malformed argument to smbshr.pl, one of the components of this solution. %NASLMINLEVEL 70300 C Tenable Network Security...

WWWBoard passwd.txt Authentication Credential Disclosure

The remote host is running WWWBoard, a bulletin board system written by Matt Wright. This board system comes with a password file passwd.txt installed next to the file 'wwwboard.html'. An attacker may obtain the contents of this file and decode the password to modify the remote www board...