Security Bulletin: IBM Financial Transaction Manager is impacted by multiple vulnerabilities in RedHat Proxy for Kubernetes RBAC authorization

Summary IBM Financial Transaction Manager for RedHat OpenShift has addressed the following vulnerabilities. Vulnerability Details CVEID:CVE-2025-53905 DESCRIPTION: Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vim’s tar.vim plugin can allow...

EUVD-2013-0407

Malware in sbrugna...

EUVD-2021-22997

Malware in sbrugna...

CVE-2022-44820

Automotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/admin/?page=transactions/managetransaction=...

CVE-2021-36381

In Edifecs Transaction Management through 2021-07-12, an unauthenticated user can inject arbitrary text into a user's browser via logon.jsp?logonerror= on the login screen of the Web application...

CVE-2019-0384

Transaction Management in SAP Treasury and Risk Management corrected in S4CORE versions 1.01, 1.02, 1.03, 1.04 and EA-FINSERV versions 6.0, 6.03, 6.04, 6.05, 6.06, 6.16, 6.17, 6.18, 8.0 does not perform necessary authorization checks for functionalities that require user identity...

IBM TXSeries for Multiplatforms Cross-Site Request Forgery Vulnerability

IBM TXSeries for Multiplatforms is a transaction monitoring and management software product from International Business Machines IBM designed to support distributed transaction processing on multiple platforms. A cross-site request forgery vulnerability exists in IBM TXSeries for Multiplatforms,...

CVE-2023-49957

An issue was discovered in Dalmann OCPP.Core before 1.3.0 for OCPP Open Charge Point Protocol for electric vehicles. It permits multiple transactions with the same connectorId and idTag, contrary to the expected ConcurrentTx status. This could result in critical transaction management and billing...

CVE-2023-49957

An issue was discovered in Dalmann OCPP.Core before 1.3.0 for OCPP Open Charge Point Protocol for electric vehicles. It permits multiple transactions with the same connectorId and idTag, contrary to the expected ConcurrentTx status. This could result in critical transaction management and billing...

Open redirect

An issue was discovered in Dalmann OCPP.Core before 1.3.0 for OCPP Open Charge Point Protocol for electric vehicles. It permits multiple transactions with the same connectorId and idTag, contrary to the expected ConcurrentTx status. This could result in critical transaction management and billing...

CVE-2023-49957

An issue was discovered in Dalmann OCPP.Core before 1.3.0 for OCPP Open Charge Point Protocol for electric vehicles. It permits multiple transactions with the same connectorId and idTag, contrary to the expected ConcurrentTx status. This could result in critical transaction management and billing...

CVE-2023-49957

CVE-2023-49957 affects Dalmann OCPP.Core prior to 1.3.0. The issue allows multiple transactions using the same connectorId and idTag, violating ConcurrentTx expectations and potentially causing billing/transaction management errors. Affected software: Dalmann OCPP.Core (

Badminton Center Management System SQL注入漏洞（CNVD-2022-44731）

Badminton Center Management System is a badminton center management system from Carlo Montero's personal developer. It provides an online and automated platform for badminton centers to manage their daily transactions and records. Badminton Center Management System version v1.0 is vulnerable to S...

CVE-2021-36381

In Edifecs Transaction Management through 2021-07-12, an unauthenticated user can inject arbitrary text into a user's browser via logon.jsp?logonerror= on the login screen of the Web application...

CVE-2021-36381

In Edifecs Transaction Management through 2021-07-12, an unauthenticated user can inject arbitrary text into a user's browser via logon.jsp?logonerror= on the login screen of the Web application...

Code injection

In Edifecs Transaction Management through 2021-07-12, an unauthenticated user can inject arbitrary text into a user's browser via logon.jsp?logonerror= on the login screen of the Web application...

CVE-2021-36381

Edifecs Transaction Management is affected by CVE-2021-36381: an unauthenticated attacker can inject arbitrary text into a user’s browser via logon.jsp?logon_error= on the login screen. The vulnerability stems from insufficient input validation on that parameter (per CNNVD-202107-646), enabling i...

CVE-2021-36381

In Edifecs Transaction Management through 2021-07-12, an unauthenticated user can inject arbitrary text into a user's browser via logon.jsp?logonerror= on the login screen of the Web application...

Edifecs Transaction Management 注入漏洞

Edifecs Transaction Management is a solution from Edifecs, Inc. that correlates clinical and administrative data, provides real-time visibility into transactions, and enables self-service capabilities for business and technical teams. An injection vulnerability exists in Edifecs Transaction...

CVE-2020-6204

CVE-2020-6204 affects SAP Treasury and Risk Management (Transaction Management) in EA-FINSERV?versions 600, 603, 604, 605, 606, 616, 617, 618, 800 and S4CORE versions 101, 102, 103, 104. The root cause is a selection/query that returns more records than expected when displaying the contract numbe...