683 matches found
UBUNTU-CVE-2018-16083
An out of bounds read in forward error correction code in WebRTC in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page...
Security Bulletin: Multiple vulnerabilities in WebSphere Application Server affect IBM Rational products based on IBM Jazz technology
Summary Multiple vulnerabilities in WebSphere Application Server bundled with IBM Jazz Team Server based Applications affect the following products: Collaborative Lifecycle Management CLM, Rational DOORS Next Generation RDNG, Rational Engineering Lifecycle Manager RELM, Rational Team Concert RTC,...
CVE-2018-1766
IBM Team Concert RTC 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IB...
Cross site scripting
IBM Team Concert RTC 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IB...
CVE-2018-1766
IBM Team Concert RTC 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IB...
CVE-2018-1766
IBM Team Concert (RTC) and Rational CLM are affected by a cross-site scripting (XSS) vulnerability in the Web UI for RTC versions 5.0–5.0.2 and 6.0–6.0.5 (6.0.6 iFix03 or later is the remediation). The underlying issue allows an attacker to embed arbitrary JavaScript, potentially altering functio...
Google Chrome Type Obfuscation Vulnerability (CNVD-2018-17044)
Google Chrome is a web browser developed by the American company Google Google. A type confusion vulnerability exists in WebRTC in Google Chrome. The vulnerability allows remote attackers to submit a special request to execute arbitrary code...
CVE-2018-1408
IBM Rational Team Concert 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted sessio...
CVE-2018-1408
Summary: IBM Rational Team Concert (RTC) is vulnerable to cross-site scripting (XSS) in the Web UI. Affected versions are RTC 5.0–5.0.2 and 6.0–6.0.5 (and Rational Collaborative Lifecycle Management 5.0–6.0.5). The flaw lets an attacker embed arbitrary JavaScript in the Web UI, potentially leadin...
CVE-2018-1407
The CVE-2018-1407 entry applies to IBM Rational Team Concert (RTC) / Rational Collaborative Lifecycle Management versions: RTC 5.0–5.0.2 and 6.0–6.0.5. The vulnerability is a cross-site scripting (XSS) flaw in the Web UI that lets an attacker embed arbitrary JavaScript, potentially leading to cre...
CVE-2018-1521
IBM Rational Team Concert 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted sessio...
Security Bulletin: Vulnerability in IBM® Java SDK affects multiple IBM Rational products based on IBM Jazz technology
Summary There are multiple vulnerabilities in IBM® SDK Java Technology Edition, Version 1.6 and 1.7 that are used by IBM Jazz Team Server affecting the following IBM Jazz Team Server based Applications: Collaborative Lifecycle Management CLM, Rational DOORS Next Generation RDNG, Rational...
CVE-2017-1725
IBM Jazz Team Server affecting the following IBM Rational Products: Collaborative Lifecycle Management CLM, Rational DOORS Next Generation RDNG, Rational Engineering Lifecycle Manager RELM, Rational Team Concert RTC, Rational Quality Manager RQM, Rational Rhapsody Design Manager Rhapsody DM, and...
CVE-2017-1701
Summary: CVE-2017-1701 affects IBM Rational Team Concert / RTC (IBM Engineering Workflow Management) versions 5.0–6.0.5. The root cause is the use of a weak encryption algorithm to store user credentials, enabling an authenticated user to obtain highly sensitive information. Impact: credential le...
CVE-2017-1701
IBM Team Concert RTC 5.0, 5.0.1, 5.0.2, 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, and 6.0.5 stores credentials for users using a weak encryption algorithm, which could allow an authenticated user to obtain highly sensitive information. IBM X-Force ID: 134393...
openSUSE Security Update : libvirt (openSUSE-2018-358) (Spectre)
This update for libvirt and virt-manager fixes the following issues : Security issues fixed : - CVE-2017-5715: Fixes for speculative side channel attacks aka 'SpectreAttack' var2 bsc1079869. - CVE-2018-6764: Fixed guest executable code injection via libnssdns.so loaded by libvirtlxc before init...
CVE-2015-7449
IBM Rational Collaborative Lifecycle Management CLM 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Quality Manager RQM 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational...
CVE-2015-7449
CVE-2015-7449 affects IBM Jazz Foundation-based products (CLM, RRC, RDNG, RELM, RTC, RQM, Rhapsody DM, RSA DM, and related Jazz Team Server components). The root cause is the use of weaker than expected encryption, enabling local users to obtain sensitive information. Affected versions include CL...
CVE-2015-7471
Cross-site scripting XSS vulnerability in IBM Rational Collaborative Lifecycle Management CLM 3.0.1 before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Quality Manager RQM 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x...
CVE-2015-7453
Cross-site scripting XSS vulnerability in IBM Rational Collaborative Lifecycle Management CLM 3.0.1 before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Quality Manager RQM 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x...