CVE-2025-23607

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Camoo Sarl CAMOO SMS camoo-sms allows Reflected XSS.This issue affects CAMOO SMS: from n/a through = 3.0.1...

Security Bulletin: Vulnerability in QOS.ch Sarl Logback affects watsonx.data

Summary A serialization vulnerability in logback receiver component part of QOS.ch Sarl Logback allows an attacker to mount a Denial-Of-Service attack on watsonx.data by sending poisoned data. This can affect watsonx.data. Vulnerability Details CVEID:CVE-2023-6378 DESCRIPTION: QOS.ch Sarl Logback...

Security Bulletin: Vulnerability in QOS.ch Sarl Logback affects watsonx.data

Summary A serialization vulnerability in logback receiver component part of QOS.ch Sarl Logback allows an attacker to mount a Denial-Of-Service attack to watsonx.data by sending poisoned data. Vulnerability Details CVEID:CVE-2023-6481 DESCRIPTION: QOS.ch Sarl Logback is vulnerable to a denial of...

Security Bulletin: Multiple Vulnerabilities in IBM Operations Analytics Predictive Insights.

Summary Multiple vulnerabilities were addressed in IBM Operations Analytics Predictive Insights 1.3.6 iFix 8 Vulnerability Details CVEID:CVE-2022-46337 DESCRIPTION: Apache Derby could allow a remote attacker to bypass security restrictions, caused by a LDAP injection vulnerability in authenticato...

Security Bulletin: IBM i Modernization Engine for Lifecycle Integration is vulnerable to multiple vulnerabilities

Summary There are multiple vulnerabilities in components of IBM i Modernization Engine for Lifecycle Integration as described in the Vulnerability Details section. QOS.ch Sarl Logback is vulnerable to a denial of service CVE-2023-6481, CVE-2023-6378. The Bouncy Castle Crypto Package For Java...

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for February 2024.

Summary Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 21.0.3-IF030 and 23.0.2-IF002. Vulnerability Details CVEID:CVE-2023-2976 DESCRIPTION: Google Guava could allow a local authenticated attacker to obtain sensitive information, caused by a flaw with...

Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in QOS.ch Sarl Logback

Summary IBM Watson Discovery Cartridge for IBM Cloud Pak for Data contains a vulnerable version of QOS.ch Sarl Logback Vulnerability Details CVEID:CVE-2023-6481 DESCRIPTION: QOS.ch Sarl Logback is vulnerable to a denial of service, caused by a serialization flaw in the logback receiver component...

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to QOS.ch Sarl Logback denial of service vulnerability ( CVE-2023-6378)

Summary Potential QOS.ch Sarl Logback denial of service vulnerability CVE-2023-6378 has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2023-6378...

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Process Mining 1.14.3 IF001

Summary The following security vulnerabilities are addressed with IBM Process Mining 1.14.3 IF001 Vulnerability Details CVEID:CVE-2023-46589 DESCRIPTION: Apache Tomcat is vulnerable to HTTP request smuggling, caused by improper parsing of the HTTP trailer headers. By sending a specially crafted...

Security Bulletin: IBM Automation Decision Services January 2024 - Multiple CVEs addressed

Summary IBM Automation Decision Services is vulnerable to denial of service attacks in third party and open source used in the product for various functions. See full list below. This vulnerability has been addressed. Vulnerability Details CVEID:CVE-2023-6378 DESCRIPTION: QOS.ch Sarl Logback is...

Security Bulletin: IBM Observability with Instana is affected by Multiple Security Vulnerabilities

Summary Multiple vulnerabilities were remediated in IBM Observability with Instana build 265. Vulnerability Details CVEID:CVE-2023-20861 DESCRIPTION: VMware Tanzu Spring Framework is vulnerable to a denial of service. By sending a specially crafted SpEL expression, a remote attacker could exploit...

Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in QOS.ch Sarl Logback

Summary IBM Watson Discovery Cartridge for IBM Cloud Pak for Data contains a vulnerable version of QOS.ch Sarl Logback. Vulnerability Details CVEID:CVE-2023-6378 DESCRIPTION: QOS.ch Sarl Logback is vulnerable to a denial of service, caused by a serialization flaw in the receiver component. By...

Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in QOS.ch Sarl Logback

Summary IBM Watson Discovery Cartridge for IBM Cloud Pak for Data contains a vulnerable version of QOS.ch Sarl Logback. Vulnerability Details CVEID:CVE-2023-6378 DESCRIPTION: QOS.ch Sarl Logback is vulnerable to a denial of service, caused by a serialization flaw in the receiver component. By...

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for December 2023.

Summary Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 21.0.3-IF028 and 23.0.1-IF006. Vulnerability Details CVEID:CVE-2023-45857 DESCRIPTION: Axios is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By...

CVE-2022-43480

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Magneticlab Sàrl Homepage Pop-up plugin = 1.2.5 versions...

GLPI v10.0.1 - Unauthenticated Sensitive Data Exposure Vulnerability

Exploit Title: GLPI v10.0.1 - Unauthenticated Sensitive Data Exposure Version: =10.0.0 and 10.0.2 Author: Nuri Çilengir Vendor Homepage: https://glpi-project.org/ Software Link: https://github.com/glpi-project/glpi Advisory:...

GLPI v10.0.1 - Unauthenticated Sensitive Data Exposure

Exploit Title: GLPI v10.0.1 - Unauthenticated Sensitive Data Exposure Date: 11 Jun 2022 Version: =10.0.0 and 10.0.2 Author: Nuri Çilengir Vendor Homepage: https://glpi-project.org/ Software Link: https://github.com/glpi-project/glpi Advisory:...

B-swiss 3 Digital Signage System 3.6.5 Cross Site Request Forgery

!-- B-swiss 3 Digital Signage System 3.6.5 CSRF Add Maintenance Admin Vendor: B-Swiss SARL | b-tween Sarl Product web page: https://www.b-swiss.com Affected version: 3.6.5 3.6.2 3.6.1 3.6.0 3.5.80 3.5.40 3.5.20 3.5.00 3.2.00 3.1.00 Summary: Intelligent digital signage made easy. To go beyond the...

B-swiss 3 Digital Signage System 3.6.5 Backdoor Remote Code Execution

Summary Intelligent digital signage made easy. To go beyond the possibilities offered, b-swiss allows you to create the communication solution for your specific needs and your graphic charter. You benefit from our experience and know-how in the realization of your digital signage project...

B-swiss 3 Digital Signage System 3.6.5 Database Disclosure

Summary Intelligent digital signage made easy. To go beyond the possibilities offered, b-swiss allows you to create the communication solution for your specific needs and your graphic charter. You benefit from our experience and know-how in the realization of your digital signage project...