23 matches found
EUVD-2021-16373
Malware in sbrugna...
EUVD-2020-25911
Malware in sbrugna...
EUVD-2021-25305
Malware in sbrugna...
EUVD-2021-16264
Malware in sbrugna...
EUVD-2021-16273
Malware in sbrugna...
Security Bulletin: The IBM® Engineering Lifecycle Engineering product using IBM SDK, Java Technology Edition Quarterly CPU - Apr 2023 - Includes Oracle April 2023 CPU is vulnerable to (CVE-2023-2597)
Summary All appicable Java SE CVEs published by Oracle as part of their April 2023 Critical Patch Update, plus CVE-2023-2597. Following IBM® Engineering Lifecycle Engineering product is vulnerable to this attack, it has been addressed in this bulletin: IBM Engineering Requirements Quality Assista...
Security Bulletin: There are multiple vulnerabilites that affect IBM Engineering Requirements Quality Assistant On-Premises
Summary IBM Engineering Requirements Quality Assistant On-Premises affected by multiple vulnerabilities due to which an attacker could exploit this vulnerability to execute arbitrary code on the system and cause the application to crash cause a denial of service condition on the system. This...
Security Bulletin: There are multiple vulnerabilites that affect IBM Engineering Requirements Quality Assistant On-Premises (CVE-2021-22939, CVE-2021-22931, CVE-2020-7598)
Summary IBM Engineering Requirements Quality Assistant On-Premises affected by multiple vulnerabilites CVE-2021-22939, CVE-2021-22931, CVE-2020-7598 which allowed a remote attacker to exploit this vulnerability to add or modify properties of Object.prototype, connect to servers using an expired...
CVE-2021-29790
IBM Engineering Requirements Quality Assistant On-Premises All versions is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...
CVE-2021-29799
IBM Engineering Requirements Quality Assistant On-Premises All versions could allow an authenticated user to obtain sensitive information due to improper client side validation. IBM X-Force ID: 203738...
CVE-2021-29799
IBM Engineering Requirements Quality Assistant On-Premises All versions could allow an authenticated user to obtain sensitive information due to improper client side validation. IBM X-Force ID: 203738...
CVE-2021-29799
IBM Engineering Requirements Quality Assistant On-Premises (All versions) is vulnerable to CVE-2021-29799 due to improper client-side validation, allowing an authenticated user to obtain sensitive information ( Confidentiality impact: High; Integrity/Availability: None). The issue is documented a...
CVE-2021-29790
IBM Engineering Requirements Quality Assistant On-Premises All versions is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...
IBM Engineering Requirements Quality Assistant 跨站脚本漏洞
IBM Engineering Requirements Quality Assistant is a Watson AI-based software from IBM to assist developers in improving the quality of engineering requirements. The application can significantly reduce the cost of finding defects and facilitate the early detection of requirements errors in the...
Security Bulletin: There are multiple vulnerabilites that affect IBM Engineering Requirements Quality Assistant On-Premises (CVE-2022-0778, CVE-2021-38868, CVE-2021-29799, CVE-2021-29790, CVE-2021-29788)
Summary IBM Engineering Requirements Quality Assistant On-Premises affected by multiple vulnerabilites including OpenSSL, cross-site scripting, cross-site request forgery CVE-2022-0778, CVE-2021-38868, CVE-2021-29799, CVE-2021-29790, CVE-2021-29788 which allowed an attacker or an unauthenticated...
Security Bulletin: There are multiple vulnerabilites that affect IBM Engineering Requirements Quality Assistant On-Premises (CVE-2021-4104, CVE-2021-29469, CVE-2021-44531, CVE-2021-44531, CVE-2022-21824, CVE-2021-29899, CVE-2021-27290 )
Summary There are multiple vulnerabilites that affect IBM Engineering Requirements Quality Assistant On-Premises. All issues listed below are fixed in RQA release 3.1.3 Vulnerability Details CVEID: CVE-2021-29899 DESCRIPTION: IBM Engineering Requirements Quality Assistant could allow an...
Security Bulletin: Multiple vulnerabilites affect Engineering Lifecycle Management and IBM Engineering products.
Summary There are multiple vulnerabilities that are used by IBM Jazz Team Server affecting the following IBM Jazz Team Server based Applications: Engineering Lifecycle Management ELM, IBM Engineering Requirements Management DOORS Next DOORS Next, IBM Engineering Workflow Management EWM, IBM...
Security Bulletin: Security Vulnerabilities in IBM® Java SDK July 2021 CPU affect multiple IBM Continuous Engineering products based on IBM Jazz Technology
Summary There are multiple vulnerabilities in IBM® SDK Java Technology Edition from July 2021 CPU that are used by IBM Jazz Team Server affecting the following IBM Jazz Team Server based Applications: Engineering Lifecycle Management ELM, IBM Engineering Requirements Management DOORS Next DOORS...
Security Bulletin: Multiple vulnerabilites affect IBM Jazz Foundation and IBM Engineering products.
Summary There are multiple vulnerabilities that are used by IBM Jazz Team Server affecting the following IBM Jazz Team Server based Applications: Engineering Lifecycle Management ELM, IBM Engineering Requirements Management DOORS Next DOORS Next, IBM Engineering Workflow Management EWM, IBM...
IBM Engineering Requirements Quality Assistant Cross-Site Scripting Vulnerability (CNVD-2021-14752)
IBM Engineering Requirements Quality Assistant is a Watson AI based software from IBM USA used to assist developers in improving the quality of engineering requirements. A cross-site scripting vulnerability exists in IBM Engineering Requirements Quality Assistant. An attacker can exploit the...