Linux Distros Unpatched Vulnerability : CVE-2023-53138

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: caif: Fix use-after-free in cfusbldevicenotify syzbot reported use-after-free in cfusbldevicenotify 1. This causes a stack trace like below: BUG: KASAN:...

Linux Distros Unpatched Vulnerability : CVE-2025-47917

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mbed TLS before 3.6.4 allows a use-after-free in certain situations of applications that are developed in accordance with the documentation. The function...

How to create a Rewrite policy that will change characters in URL to lowercase

How to create a Rewrite policy that will change characters in URL to lowercase...

CVE-2022-1196

After a VR Process is destroyed, a reference to it may have been retained and used, leading to a use-after-free and potentially exploitable crash. This vulnerability affects Thunderbird 91.8 and Firefox ESR 91.8...

CVE-2022-3559

A vulnerability was found in Exim and classified as problematic. This issue affects some unknown processing of the component Regex Handler. The manipulation leads to use after free. The name of the patch is 4e9ed49f8f12eb331b29bd5b6dc3693c520fddc2. It is recommended to apply a patch to fix this...

SUSE-SU-2022:3597-1 Security update for expat

This update for expat fixes the following issues: - CVE-2022-40674: Fixed use-after-free in the doContent function in xmlparse.c bsc1203438...

Security Bulletin: A security vulnerability has been identified in WebSphere Liberty Profile and WebSphere Application Server shipped with License Metric Tool, IBM Endpoint Manager for Software Use Analysis and IBM Tivoli Asset Discovery for Distributed

Summary WebSphere Liberty Profile which is a base component of IBM License Metric Tool v9 & and IBM Endpoint Manager for Software Use Analysis v9 and WebSphere Application Server which is a base component of IBM License Metric Tool v7.5 and IBM Tivoli Asset Discovery for Distributed v7.5 are...

Security Bulletin: IBM License Metric Tool v9 and IBM Endpoint Manager for Software Use Analysis v2.2 and v9 are vulnerable to Padding Oracle On Downgraded Legacy Encryption (POODLE) attack on SSLv3 connections (CVE-2014-3566)

Summary SSLv3 protocol used to secure a number of connection paths in IBM License Metric Tool and IBM Endpoint Manager for Software Use Analysis is vulnerable to POODLE attack. This attack enables a man-in-the-middle attacker to decrypt and intercept communications, including user-server and...

Security Bulletin: Vulnerability in RubyGems rest-client affects IBM License Metric Tool and IBM Endpoint Manager for Software Use Analysis (CVE-2015-1820)

Summary RubyGems rest-client component vulnerability allows for hijacking user session. Vulnerability Details CVE-ID: CVE-2015-1820 Description: RubyGems rest-client could allow a remote attacker to hijack a valid user''s session, caused by Set-Cookie headers being present in an HTTP 30x...

Security Bulletin: A security vulnerability has been identified in BigFix Platform shipped with IBM Endpoint Manager for Software Use Analysis v2.2 (CVE-2016-6084)

Summary BigFix Platform BES Root Server and BES Relay is shipped as a component of IBM Endpoint Manager for Software Use Analysis v2.2. Information about a security vulnerability affecting BigFix Platform has been published in a security bulletin. Vulnerability Details CVEID: CVE-2016-6084...

CVE-2021-30611

Chromium: CVE-2021-30611 Use after free in WebRTC...

Security Bulletin: Vulnerability in InstallAnywhere affects IBM License Metric Tool, IBM Endpoint Manager for Software Use Analysis and IBM Tivoli Asset Discovery for Distributed (CVE-2016-2542)

Summary A vulnerability in InstallAnywhere on Windows systems affects IBM License Metric Tool v7.5 & v7.2.2, IBM Endpoint Manager for Software Use Analysis v2.2 and IBM Tivoli Asset Discovery for Distributed v7.5 & v7.2.2. Vulnerability Details CVEID: CVE-2016-2542 DESCRIPTION: Flexera...

CVE-2020-1752

A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially...

CVE-2019-9796

A use-after-free vulnerability can occur when the SMIL animation controller incorrectly registers with the refresh driver twice when only a single registration is expected. When a registration is later freed with the removal of the animation controller element, the refresh driver incorrectly leav...

Vulnerabilities in IBM License Metric Tool and Endpoint Manager for Software Use Analysis

IBM License Metric Tool and Endpoint Manager for Software Use Analysis are both products of IBM Corporation. The former is a set of free tools to help IBM Passport Advantage software upgrades and support services customers to determine their processor value unit PVU licensing requirements; the...

CVE-2015-4929

IBM License Metric Tool 9 before 9.2.1.0 and Endpoint Manager for Software Use Analysis 9 before 9.2.1.0 allow remote authenticated users to bypass intended access restrictions and obtain sensitive information via a REST API request...

CVE-2015-4929

IBM License Metric Tool 9 before 9.2.1.0 and Endpoint Manager for Software Use Analysis 9 before 9.2.1.0 allow remote authenticated users to bypass intended access restrictions and obtain sensitive information via a REST API request...

CVE-2015-4929

CVE-2015-4929 affects IBM License Metric Tool v9 (and IBM Endpoint Manager for Software Use Analysis v9) where the REST API mishandles requests, allowing a remote authenticated attacker to bypass access restrictions and extract sensitive information. IBM’s security bulletin identifies the root ca...

Multiple IBM Product Denial of Service Vulnerabilities (CNVD-2015-03496)

IBM manufactures and sells computer hardware and software, and provides consulting services for systems architecture and web hosting. Common Inventory Technology CIT versions prior to 2.7.0.2050 are used in IBM License Metric Tool versions 7.2.2, 7.5 and 9, Endpoint Manger for Software Use Analys...

Multiple IBM Product Denial of Service Vulnerabilities (CNVD-2015-03487)

IBM manufactures and sells computer hardware and software, and provides consulting services for systems architecture and web hosting. Common Inventory Technology CIT versions prior to 2.7.0.2050 are used in IBM License Metric Tool versions 7.2.2, 7.5 and 9, Endpoint Manger for Software Use Analys...