EUVD-2026-32274

IBM InfoSphere Optim Test Data Fabrication 1.0.0, 1.0.0.1, 1.0.0.2, 1.0.2, 1.0.2.2, 1.0.2.3, 1.0.2.4, 1.0.2.5, 1.0.2.6, 1.0.2.7 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view...

CVE-2026-3366

IBM InfoSphere Optim Test Data Fabrication 1.0.0, 1.0.0.1, 1.0.0.2, 1.0.2, 1.0.2.2, 1.0.2.3, 1.0.2.4, 1.0.2.5, 1.0.2.6, 1.0.2.7 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view...

CVE-2026-3366 InfoSphere Optim Test Data Fabrication is affected by Arbitrary File Read

IBM InfoSphere Optim Test Data Fabrication 1.0.0, 1.0.0.1, 1.0.0.2, 1.0.2, 1.0.2.2, 1.0.2.3, 1.0.2.4, 1.0.2.5, 1.0.2.6, 1.0.2.7 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view...

CVE-2026-3366 InfoSphere Optim Test Data Fabrication is affected by Arbitrary File Read

IBM InfoSphere Optim Test Data Fabrication 1.0.0, 1.0.0.1, 1.0.0.2, 1.0.2, 1.0.2.2, 1.0.2.3, 1.0.2.4, 1.0.2.5, 1.0.2.6, 1.0.2.7 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view...

CVE-2026-3366

CVE-2026-3366 affects IBM InfoSphere Optim Test Data Fabrication versions 1.0.0, 1.0.0.1, 1.0.0.2, 1.0.2, 1.0.2.2, 1.0.2.3, 1.0.2.4, 1.0.2.5, 1.0.2.6, and 1.0.2.7. The root cause is a path traversal vulnerability leading to an arbitrary file read when a remote attacker sends a crafted URL contain...

PT-2026-43698

IBM InfoSphere Optim Test Data Fabrication 1.0.0, 1.0.0.1, 1.0.0.2, 1.0.2, 1.0.2.2, 1.0.2.3, 1.0.2.4, 1.0.2.5, 1.0.2.6, 1.0.2.7 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view...

IBM InfoSphere Optim Test Data Fabrication 路径遍历漏洞

IBM InfoSphere Optim Test Data Fabrication is a test data generation and management platform developed by the American company International Business Machines IBM. Versions 1.0.0, 1.0.0.1, 1.0.0.2, 1.0.2, 1.0.2.2, 1.0.2.3, 1.0.2.4, 1.0.2.5, 1.0.2.6, and 1.0.2.7 of this platform have a path...

Security Bulletin: InfoSphere Optim Test Data Fabrication is affected by Arbitrary File Read (CVE-2026-3366)

Summary InfoSphere Optim Test Data Fabrication Resource Manager is affected by Arbitrary File Read via Path Traversal CVE-2026-3366. Vulnerability Details CVEID:CVE-2026-3366 DESCRIPTION: IBM InfoSphere Optim Test Data Fabrication could allow a remote attacker to traverse directories on the syste...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: bpf, testrun: Fix use-after-free issue in ethskbpkttype KMSAN reported a use-after-free issue in ethskbpkttype1. The cause of the issue was that ethskbpkttype accessed skb's data that didn't contain an Ethernet header. This occur...

K2view vs Broadcom For Test Data Management

Compare Broadcom TDM and K2view across architecture, integration, masking, and scalability to find the right test data management solution for your needs...

dev.dsf:dsf-fhir-server-jetty (>=1.0.0 <=1.9.0), dev.dsf:dsf-tools-test-data-generator (>=1.0.0 <=1.9.0) potentially affected by CVE-2026-40939 via dev.dsf:dsf-fhir-server (>=1.0.0-M1 <=1.9.0)

dev.dsf:dsf-fhir-server MAVEN version =1.0.0-M1, =1.0.0, =1.0.0, =1.9.0 Source cves: CVE-2026-40939 Source advisory: SNYK:JAVA-DEVDSF-16540567...

dev.dsf:dsf-fhir-server-jetty (>=1.0.0 <=1.9.0), dev.dsf:dsf-tools-test-data-generator (>=1.0.0 <=1.9.0) potentially affected by CVE-2026-40939 via dev.dsf:dsf-fhir-server (>=1.0.0-M1 <=1.9.0)

dev.dsf:dsf-fhir-server MAVEN version =1.0.0-M1, =1.0.0, =1.0.0, =1.9.0 Source cves: CVE-2026-40939 Source advisory: OSV:GHSA-GJ7P-595X-QWF5...

au.csiro.pathling:encoders (>=6.2.2 <=9.5.0), au.csiro.pathling:fhir-server (>=6.2.2 <=7.2.0) +246 more potentially affected by CVE-2026-34360 via ca.uhn.hapi.fhir:org.hl7.fhir.utilities (>=6.0.0 <=6.9.3)

ca.uhn.hapi.fhir:org.hl7.fhir.utilities MAVEN version =6.0.0, =6.2.2, =6.2.2, =6.2.2, =6.2.2, =6.2.2, =6.2.2, =6.6.0, =6.6.0, =6.6.0, =6.6.0, =6.6.0, =6.6.0, =8.8.1 and more Source cves: CVE-2026-34360 Source advisory: SNYK:JAVA-CAUHNHAPIFHIR-15855324...

au.csiro.pathling:encoders (>=5.1.0 <=9.5.0), au.csiro.pathling:fhir-server (>=5.3.1 <=7.2.0) +322 more potentially affected by CVE-2026-33180 via ca.uhn.hapi.fhir:org.hl7.fhir.r4 (>=0.0.1 <=6.8.2)

ca.uhn.hapi.fhir:org.hl7.fhir.r4 MAVEN version =0.0.1, =5.1.0, =5.3.1, =6.2.1, =5.3.1, =5.3.1, =5.3.0, =0.0.9, =5.6.5, =4.0.0, =5.6.5, =4.1.0, =4.0.3, =4.1.0, =4.0.0, =5.2.1 and more Source cves: CVE-2026-33180 Source advisory: OSV:GHSA-P7M9-V2CM-2H7M...

au.csiro.pathling:encoders (>=5.1.0 <=9.5.0), au.csiro.pathling:fhir-server (>=5.3.1 <=7.2.0) +353 more potentially affected by CVE-2026-33180 via ca.uhn.hapi.fhir:org.hl7.fhir.utilities (>=0.0.1 <=6.8.2)

ca.uhn.hapi.fhir:org.hl7.fhir.utilities MAVEN version =0.0.1, =5.1.0, =5.3.1, =6.2.1, =5.3.1, =5.3.1, =5.3.0, =0.0.9, =5.6.5, =5.6.5, =5.6.5, =3.4.0, =5.6.5, =4.1.0, =4.0.3, =8.8.1 and more Source cves: CVE-2026-33180 Source advisory: OSV:GHSA-P7M9-V2CM-2H7M...

EUVD-2026-12520

ZwickRoell Test Data Management versions prior to 3.0.8 contain a local file inclusion LFI vulnerability in the /server/nodeupgradesrv.js endpoint. An unauthenticated attacker can supply directory traversal sequences via the firmware parameter to access arbitrary files on the server, leading to...

CVE-2026-29522

CVE-2026-29522 affects ZwickRoell Test Data Management prior to version 3.0.8. A local file inclusion (LFI) vulnerability exists in /server/node_upgrade_srv.js that allows an unauthenticated attacker to supply directory traversal sequences via the firmware parameter to access arbitrary server fil...

CVE-2026-29522

ZwickRoell Test Data Management versions prior to 3.0.8 contain a local file inclusion LFI vulnerability in the /server/nodeupgradesrv.js endpoint. An unauthenticated attacker can supply directory traversal sequences via the firmware parameter to access arbitrary files on the server, leading to...

CVE-2026-29522 ZwickRoell Test Data Management < 3.0.8 Path Traversal LFI

ZwickRoell Test Data Management versions prior to 3.0.8 contain a local file inclusion LFI vulnerability in the /server/nodeupgradesrv.js endpoint. An unauthenticated attacker can supply directory traversal sequences via the firmware parameter to access arbitrary files on the server, leading to...

PT-2026-25816

Name of the Vulnerable Software and Affected Versions ZwickRoell Test Data Management versions prior to 3.0.8 Description The software contains a local file inclusion issue in the /server/node upgrade srv.js endpoint. An attacker can provide directory traversal sequences through the firmware...