12 matches found
CVE-2026-3660
IBM Engineering Lifecycle Management 7.0.3, 7.1.0, and 7.2.0 could allow an unauthenticated remote attacker to update server property files that would allow them to gain unauthorized access to the application...
CVE-2026-3660 IBM Engineering Lifecycle Management - Jazz Foundation is vulnerable to Authentication Bypass
IBM Engineering Lifecycle Management 7.0.3, 7.1.0, and 7.2.0 could allow an unauthenticated remote attacker to update server property files that would allow them to gain unauthorized access to the application...
PT-2026-43375
Name of the Vulnerable Software and Affected Versions IBM Engineering Lifecycle Management versions 7.0.3 through Interim Fix 021 IBM Engineering Lifecycle Management versions 7.1.0 through Interim Fix 009 IBM Engineering Lifecycle Management versions 7.2.0 through Interim Fix 001 Description An...
EUVD-2007-1912
Malware in sbrugna...
CVE-2025-36157
IBM Jazz Foundation 7.0.2 to 7.0.2 iFix035, 7.0.3 to 7.0.3 iFix018, and 7.1.0 to 7.1.0 iFix004 could allow an unauthenticated remote attacker to update server property files that would allow them to perform unauthorized actions...
CVE-2025-36157
IBM Engineering Lifecycle Management’s Jazz Foundation component is affected by CVE-2025-36157 in versions 7.0.2 (iFix035), 7.0.3 (iFix018), and 7.1.0 (iFix004). The issue arises from the ability of an unauthenticated remote attacker to update server property files, enabling unauthorized actions ...
XenMobile OnPremise: Push Required apps in XenMobile by enabling the server property
Push Required apps in XenMobile by enabling the server property. Note: This article refers to XenMobile MDM OnPremise instance only...
VulnCheck KEV: CVE-2007-3148
Buffer overflow in the Yahoo! Webcam Viewer ActiveX control in ywcvwr.dll 2.0.1.4 for Yahoo! Messenger 8.1.0.249 allows remote attackers to execute arbitrary code via a long server property value to the receive method...
VulnCheck KEV: CVE-2007-3147
Buffer overflow in the Yahoo! Webcam Upload ActiveX control in ywcupl.dll 2.0.1.4 for Yahoo! Messenger 8.1.0.249 allows remote attackers to execute arbitrary code via a long server property value to the send method. NOTE: some of these details are obtained from third party information...
CVE-2008-1617
Double free vulnerability in Web TransferCtrl Class 8,2,1,4 iManFile.cab, as used in WorkSite Web 8.2 before SP1 P2, allows remote attackers to execute arbitrary code via JavaScript that sets the Server property to a string, then sets the string to null...
CVE-2008-1617
Double free vulnerability in Web TransferCtrl Class 8,2,1,4 iManFile.cab, as used in WorkSite Web 8.2 before SP1 P2, allows remote attackers to execute arbitrary code via JavaScript that sets the Server property to a string, then sets the string to null...
Buffer overflow
Buffer overflow in the Yahoo! Webcam Viewer ActiveX control in ywcvwr.dll 2.0.1.4 for Yahoo! Messenger 8.1.0.249 allows remote attackers to execute arbitrary code via a long server property value to the receive method...