645 matches found
ionCube Tester Plus <= 1.3 - Local File Inclusion
The ionCube Tester Plus plugin for WordPress versions = 1.3 is vulnerable to unauthenticated arbitrary file read via path traversal. The 'ininame' parameter in loader-wizard.php is not properly sanitized, allowing attackers to read sensitive files such as wp-config.php and /etc/passwd without...
Security Bulletin: A runtime-7.23.5.tgz vulnerability found by Scanner affects IBM Rational Functional Tester / DevOps Test UI
Summary There is a vulnerability in runtime-7.23.5.tgz used by Rational Functional Tester RFT / DevOps Test UI Test UI. RFT/Test UI has addressed the applicable CVE Vulnerability Details CVEID:CVE-2025-27789 DESCRIPTION: Babel is a compiler for writing next generation JavaScript. When using...
Security Bulletin: A nimbus-jose-jwt-9.37.3.jar vulnerability found by Scanner affects IBM Rational Functional Tester / DevOps Test UI
Summary There is a vulnerability in nimbus-jose-jwt-9.37.3.jar used by Rational Functional Tester RFT / DevOps Test UI Test UI. RFT/Test UI has addressed the applicable CVE Vulnerability Details CVEID:CVE-2025-53864 DESCRIPTION: Connect2id Nimbus JOSE + JWT 10.0.x before 10.0.2 and 9.37.x before...
Security Bulletin: A json-path-2.6.0.jar vulnerability found by Scanner affects IBM Rational Functional Tester / DevOps Test UI
Summary There is a vulnerability in json-path-2.6.0.jar used by Rational Functional Tester RFT / DevOps Test UI Test UI. RFT/Test UI has addressed the applicable CVE Vulnerability Details CVEID:CVE-2023-51074 DESCRIPTION: json-path v2.8.0 was discovered to contain a stack overflow via the...
Security Bulletin: A commons-lang3-3.12.0.jar vulnerability found by Scanner affects IBM Rational Functional Tester / DevOps Test UI
Summary There is a vulnerability in commons-lang3-3.12.0.jar used by Rational Functional Tester RFT / DevOps Test UI Test UI. RFT/Test UI has addressed the applicable CVE Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issu...
Security Bulletin: Multiple vulnerabilities in Eclipse Jetty affects IBM Rational Functional Tester / DevOps Test UI
Summary There are vulnerabilities in Eclipse Jetty used by Rational Functional Tester RFT / DevOps Test UI Test UI. RFT/Test UI has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2024-8184 DESCRIPTION: There exists a security vulnerability in Jetty's ThreadLimitHandler.getRemote...
Security Bulletin: A logback-core-1.5.18.jar vulnerability found by Scanner affects IBM Rational Functional Tester / DevOps Test UI
Summary There is a vulnerability in logback-core-1.5.18.jar used by Rational Functional Tester RFT / DevOps Test UI Test UI. RFT/Test UI has addressed the applicable CVE Vulnerability Details CVEID:CVE-2025-11226 DESCRIPTION: ACE vulnerability in conditional configuration file processing by QOS.C...
Security Bulletin: A logback-core-1.5.18.jar vulnerability found by Scanner affects IBM Rational Functional Tester / DevOps Test UI
Summary There is a vulnerability in logback-core-1.5.18.jar used by Rational Functional Tester RFT / DevOps Test UI Test UI. RFT/Test UI has addressed the applicable CVE Vulnerability Details CVEID:CVE-2026-1225 DESCRIPTION: ACE vulnerability in configuration file processing by QOS.CH logback-cor...
Security Bulletin: A react-router-6.25.1.tgz vulnerability found by Scanner affects IBM Rational Functional Tester / DevOps Test UI
Summary There is a vulnerability in react-router-6.25.1.tgz used by Rational Functional Tester RFT / DevOps Test UI Test UI. RFT/Test UI has addressed the applicable CVE Vulnerability Details CVEID:CVE-2025-68470 DESCRIPTION: React Router is a router for React. In versions 6.0.0 through 6.30.1 an...
Security Bulletin: A netty-codec-http-4.1.118.Final.jar vulnerability found by Scanner affects IBM Rational Functional Tester / DevOps Test UI
Summary There is a vulnerability in netty-codec-http-4.1.118.Final.jar used by Rational Functional Tester RFT / DevOps Test UI Test UI. RFT/Test UI has addressed the applicable CVE Vulnerability Details CVEID:CVE-2025-67735 DESCRIPTION: Netty is an asynchronous, event-driven network application...
Security Bulletin: A js-yaml-4.1.0.tgz vulnerability found by Scanner affects IBM Rational Functional Tester / DevOps Test UI
Summary There is a vulnerability in js-yaml-4.1.0.tgz used by Rational Functional Tester RFT / DevOps Test UI Test UI. RFT/Test UI has addressed the applicable CVE Vulnerability Details CVEID:CVE-2025-64718 DESCRIPTION: js-yaml is a JavaScript YAML parser and dumper. In js-yaml before 4.1.1 and...
Security Bulletin: A vite-7.1.5.tgz vulnerability found by Scanner affects IBM Rational Functional Tester / DevOps Test UI
Summary There is a vulnerability in vite-7.1.5.tgz used by Rational Functional Tester RFT / DevOps Test UI Test UI. RFT/Test UI has addressed the applicable CVE Vulnerability Details CVEID:CVE-2025-62522 DESCRIPTION: Vite is a frontend tooling framework for JavaScript. In versions from 2.9.18 to...
Malicious code in gt-tester-exp-profiler-exp-00000017 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f1490f970bd52c80c89f33029f9e875f1fb595014621d50e0ce87a167d1cd348 setup.py installs a site-wide.pth file gttesterexpprofilerexp00000017probe.pth into site-packages that imports the package's probe module and calls...
Malicious code in @aledan007/tester (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ab03e3eef2f59f358cdaacedf2d9facb12077110c5402ad36aad6e3581e66439 The bundled server file dist/server/index.js contains a hardcoded reference to the attacker-controlled domain https://evil.attacker-example.com...
Security Bulletin: DevOps Test Performance contains vulnerabilities related to use of netty-codec-http
Summary Due to use of netty-codec-http, DevOps Test Performance and Rational Performance Tester contain potential HTTP Request Smuggling and Uncontrolled Resource Consumption vulnerabilities. Vulnerability Details CVEID:CVE-2026-42580 DESCRIPTION: Netty is an asynchronous, event-driven network...
Security Bulletin: DevOps Test Performance contains a vulnerability related to use of netty-handler-proxy
Summary Due to use of netty-handler-proxy, DevOps Test Performance and Rational Performance Tester contain a potential header injection vulnerability. Vulnerability Details CVEID:CVE-2026-42578 DESCRIPTION: Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Fina...
Security Bulletin: DevOps Test Performance contains vulnerabilities related to use of Eclipse Jetty
Summary Due to use of Eclipse Jetty, DevOps Test Performance and Rational Performance Tester contain potential input validation, information exposure, integer overflow, memory allocation, HTTP parsing, and URI authority validation vulnerabilities. Vulnerability Details CVEID:CVE-2022-2047...
Security Bulletin: DevOps Test Performance contains a vulnerability related to use of netty-codec-http
Summary Due to use of netty-codec-http, DevOps Test Performance and Rational Performance Tester contain a potential CRLF injection vulnerability. Vulnerability Details CVEID:CVE-2026-41417 DESCRIPTION: Netty allows request-line validation to be bypassed when a DefaultHttpRequest or...
OESA-2026-2099 fio security update
fio is a tool used to spawn many threads or processes that perform a specific type of io operation specified by the user.It accepts many global parameters inherited by threads.Its common method is to simulate jobs that match the specified io load. Security Fixes: A NULL pointer dereference...
Security Bulletin: DevOps Test Performance contains a vulnerability related to use of AsyncHttpClient
Summary Due to use of AsyncHttpClient, DevOps Test Performance and Rational Performance Tester contain a potential vulnerability where Authorization/Proxy-Authorization headers are improperly leaked. Vulnerability Details CVEID:CVE-2026-40490 DESCRIPTION: The AsyncHttpClient AHC library allows Ja...