24 matches found
EUVD-2014-7992
Malware in sbrugna...
Cisco Secure Email and Web Manager (SMA) HTTP Response Header Injection (cisco-sa-ESA-HTTP-Inject-nvsycUmR)
According to its self-reported version, Cisco Secure Email and Web Manager SMA is affected by a vulnerability due to a failure to sanitize input values. An unauthenticated, remote attacker can exploit this, by injecting malicious HTTP headers, in order to conduct an HTTP response splitting attack...
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2015-2017)
Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions including Maximo for Aviation, Maximo for Energy Optimization, Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation,...
Security Bulletin: Potential vulnerability in IBM HTTP Server (CVE-2016-8743)
Summary There is a potential response splitting attack vulnerability in IBM HTTP Server. The fix for CVE-2016-8743 supercedes CVE-2016-4975. Vulnerability Details CVEID: CVE-2016-8743 DESCRIPTION: Apache HTTPD is vulnerable to HTTP response splitting attacks, caused by improper validation of...
Security Bulletin: A security vulnerability has been identified in WebSphere Application Server that is shipped with IBM Predictive Customer Intelligence (CVE-2015-2017)
Summary WebSphere Application Server is shipped as a component of Predictive Customer Intelligence. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Please consult the security bulletin HTTP response...
JVN#32155106: Multiple vulnerabilities in i-FILTER
i-FILTER provided by Digital Arts Inc. contains multiple vulnerabilities listed below. Cross-site scripting CWE-79 - CVE-2018-16180 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N| Base Score: 6.1 CVSS v2| AV:N/AC:M/Au:N/C:N/I:P/A:N| Base Score: 4.3 HTTP...
Security Bulletin: Multiple security vulnerabilities has been identified in Websphere Application Server embedded in Tivoli Integrated Portal shipped with Tivoli Network Manager IP Edition (CVE-2015-7450) (CVE-2015-2017)
Summary IBM WebSphere Application Server is embedded in Tivoli Integrated Portal shipped as a component of Tivoli Network Manager IP Edition 3.8, 3.9, 4.1, 4.1.1 and 4.2. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulleti...
Security Bulletin: Multiple security vulnerabilities has been identified in Websphere Application Server shipped with Jazz for Service Management (CVE-2015-7450) (CVE-2015-2017)
Summary Websphere Application Server is shipped as a component of Jazz for Service Management. Information about the security vulnerabilities affecting Websphere Application Server has been published in a security bulletin. Vulnerability Details Please consult the below security bulletins Securit...
Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with Tivoli Netcool Service Quality Manager (CVE-2015-2017)
Summary IBM WebSphere Application Server is shipped as a component of Tivoli Netcool Service Quality Manager. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Please consult the security bulletin...
Security Bulletin: Vulnerability in IBM WebSphere Application Server affects Tivoli Netcool Impact (CVE-2015-2017)
Summary IBM WebSphere Application Server is shipped as a component of Tivoli Netcool/Impact. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Please consult the security bulletin Security Bulleti...
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Rational ClearQuest (CVE-2015-2017)
Summary IBM WebSphere Application Server is shipped as a component of IBM Rational ClearQuest. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Please consult the security bulletin Security...
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM PureApplication System (CVE-2015-2017)
Summary IBM WebSphere Application Server is shipped as a component of IBM PureApplication System. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Consult the security bulletin HTTP response...
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Workload Deployer (CVE-2015-2017)
Summary IBM WebSphere Application Server is shipped as a component of IBM Workload Deployer. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Consult the security bulletin HTTP response splitting...
Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere Application Server shipped with WebSphere Business Compass (CVE-2015-7450)
Summary IBM WebSphere Application Server is shipped as a component of WebSphere Business Compass. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Consult the security bulletin HTTP response splittin...
Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with WebSphere Enterprise Service Bus Registry Edition (CVE-2015-2017)
Summary WebSphere Application Server is shipped as a component of WebSphere Enterprise Service Bus Registry Edition. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Please consult the security...
Important: Red Hat Security Advisory: rh-nodejs4-nodejs and rh-nodejs4-http-parser security update
An update for rh-nodejs4-nodejs and rh-nodejs4-http-parser is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
IBM WebSphere Application Server HTTP Response Vulnerability
IBM WebSphere Application Server WAS is an application server product developed and distributed by IBM in the U.S. It is a platform for Java EE and Web services applications, and is the foundation of the IBM WebSphere software platform. There is a security vulnerability in IBM WAS. A remote...
JVN#45928828: H2O vulnerable to HTTP header injection
H2O is an open source web server software. H2O contains an HTTP header injection vulnerability. Impact An HTTP response splitting attack may result in arbitrary cookie values. Solution Update the Software Update to the latest version according to the information provided by the developer. Product...
CentOS Update for perl CESA-2011:1797 centos4 x86_64
Check for the Version of perl OpenVAS Vulnerability Test CentOS Update for perl CESA-2011:1797 centos4 x8664 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...
CentOS Update for perl CESA-2011:1797 centos5 i386
Check for the Version of perl OpenVAS Vulnerability Test CentOS Update for perl CESA-2011:1797 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...