Security Bulletin: FileNet Content Manager (FNCM) FileNet Content Search Services (CSS) ThoughtWorks XStream security vulnerabilities, affected, not vulnerable

Summary Security vulnerability in FileNet Content Manager FNCM FileNet Content Search Services CSS ThoughtWorks XStream, affected, not vulnerable. Vulnerability Details CVEID:CVE-2022-41966 DESCRIPTION: XStream is vulnerable to a denial of service, caused by a stack-based buffer overflow. By...

Security Bulletin: FileNet Content Manager (FNCM) FileNet Content Search Services (CSS) ThoughtWorks XStream security vulnerabilities, affected, not vulnerable

Summary Security vulnerability in FileNet Content Manager FNCM FileNet Content Search Services CSS ThoughtWorks XStream, affected, not vulnerable. Vulnerability Details CVEID:CVE-2022-40151 DESCRIPTION: XStream is vulnerable to a denial of service, caused by a stack-based buffer overflow. By...

Security Bulletin: Apache Tika security vulnerabilities found during Open Source Scan in IBM Content Collector for email in Content Search Services (affected, not vulnerable)

Summary Apache Tika security vulnerabilities found during Open Source Scan in IBM Content Collector for email in Content Search Services in Apache Tika v1.28.2 and prior Vulnerability Details CVEID:CVE-2022-30126 DESCRIPTION: Apache Tika is vulnerable to a denial of service, caused by a regular...

Security Bulletin: junrar Denial of Service (DoS) security vulnerability in IBM FileNet Content Manager Content Search Services (CSS)

Summary junrar Denial of Service DoS security vulnerability in IBM FileNet Content Manager Content Search Services CSS. Junrar before v1.0.1 is affected by a denial of service vulnerability due to an infinite loop when handling corrupt RAR files. Vulnerability Details CVEID: CVE-2018-12418...

Security Bulletin: junrar v7.4.0 and prior Denial of Service (DoS) security vulnerability in IBM FileNet Content Manager Content Search Services (CSS)

Summary junrar v7.4.0 and prior Denial of Service DoS security vulnerability in IBM FileNet Content Manager Content Search Services CSS. A carefully crafted RAR archive can trigger an infinite loop while parsing the file. This could be used to mount a denial of service attack against services tha...

New Study Warns of Security Threats Linked to Recycled Phone Numbers

A new academic study has highlighted a number of privacy and security pitfalls associated with recycling mobile phone numbers that could be abused to stage a variety of exploits, including account takeovers, conduct phishing and spam attacks, and even prevent victims from signing up for online...

How Internet Savvy are Your Leaders?

Back in April 2015, I tweeted about receiving a letter via snail mail suggesting the search engine rankings for a domain registered in my name would suffer if I didn't pay a bill for some kind of dubious-looking service I'd never heard of. But it wasn't until the past week that it become clear ho...

CVE-2018-8529

A remote code execution vulnerability exists when Team Foundation Server TFS does not enable basic authorization on the communication between the TFS and Search services, aka "Team Foundation Server Remote Code Execution Vulnerability." This affects Team...

CVE-2018-8529

A remote code execution vulnerability exists when Team Foundation Server TFS does not enable basic authorization on the communication between the TFS and Search services, aka "Team Foundation Server Remote Code Execution Vulnerability." This affects Team...

Remote code execution

A remote code execution vulnerability exists when Team Foundation Server TFS does not enable basic authorization on the communication between the TFS and Search services, aka "Team Foundation Server Remote Code Execution Vulnerability." This affects Team...

CVE-2018-8529

A remote code execution vulnerability exists when Team Foundation Server TFS does not enable basic authorization on the communication between the TFS and Search services, aka "Team Foundation Server Remote Code Execution Vulnerability." This affects Team...

CVE-2018-8529

A remote code execution vulnerability exists when Team Foundation Server TFS does not enable basic authorization on the communication between the TFS and Search services, aka "Team Foundation Server Remote Code Execution Vulnerability." This affects Team...

CVE-2018-8529

CVE-2018-8529 : A remote code execution vulnerability exists in Team Foundation Server (TFS) where basic authorization is not enabled on the communication between TFS and the Search services. The underlying issue allows an attacker to execute commands on the Search service. Microsoft’s security u...

Microsoft Team Foundation Server Code Execution Vulnerability

Microsoft Team Foundation Server is a source code management, project management and team collaboration platform within the Application Lifecycle Management ALM suite of tools from Microsoft. The platform helps teams collaborate more flexibly and effectively and deliver high-quality software more...

Security Bulletin: IBM Content Collector affected by information disclosure vulnerability (CVE-2015-0146)

Summary IBM Content Collector for Email could allow a local attacker to obtain sensitive information, caused by improper handling of a search query. This error occurs only for searches on IBM FileNet P8 systems that are configured with IBM Content Search Services. Vulnerability Details CVEID:...

Security Bulletin: IBM FileNet Content Manager and IBM Content Foundation – Oracle Outside In Technology security vulnerabilities (CVE-2013-5791, CVE-2013-5763)

Summary Outside In Technology Security vulnerabilities Vulnerability Details The following security vulnerabilities exist in the Oracle Outside In Technology OIT software shipped with IBM FileNet Content Manager 5.1.0 and 5.2.x, and IBM Content Foundation 5.2.0. CVEID: CVE-2013-5791 CVSS Base...

IBM Content Collector for Email Information Disclosure Vulnerability

IBM Content Collector for Email is an email archiving solution for regulatory, compliance and IT management from IBM USA. The solution supports customized policies for collecting and archiving messages, managing legal evidence retention and record retention on the same system, and more. A securit...

CVE-2015-0146

IBM Content Collector for Email 3.0 before 3.0.0.6-IBM-ICC-Server-IF001 and 4.0 before 4.0.0.3-IBM-ICC-Server-IF001 does not properly handle an unspecified query operator during searches of IBM FileNet P8 systems with IBM Content Search Services, which allows local users to bypass intended...

CVE-2015-0146

IBM Content Collector for Email (3.0 before 3.0.0.6-IBM-ICC-Server-IF001 and 4.0 before 4.0.0.3-IBM-ICC-Server-IF001) is affected by an information-disclosure vulnerability due to improper handling of an unspecified query operator when searching IBM FileNet P8 systems via IBM Content Search Servi...