Security Bulletin: Apache Log4j vulnerabilities impact z/Transaction Processing Facility (z/TPF) and TPF Operations Server (CVE-2021-45105, CVE-2021-45046)

Summary The Apache Log4j vulnerabilities affect the z/Transaction Processing Facility z/TPF system and TPF Operations Server. Several Java applications on the z/TPF system depend on Apache Log4j capabilities. Additionally, the 64-bit Java support in TPF Operations Server uses Apache Log4j...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect z/Transaction Processing Facility

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8 that is used by the z/TPF system. z/TPF has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2021-2341 DESCRIPTION: An unspecified vulnerability in Java SE related to the Networking component cou...

Euronet Worldwide: Speedy, Global Response to Threats Reduces Risk

After years of using manual processes and systems to manage its IT inventory and track vulnerabilities, racking up costs, and increasing the complexity of asset and vulnerability management, Euronet Worldwide needed a way to get a single, accurate and timely view of risk exposure at the group...

Other vulnerabilities exist in Ethermint

Due to the inconsistency between the storage cache cycle and the transaction processing cycle, storage changes caused by failed transactions are improperly retained in memory. Although dirty storage data is discarded at the EndBlock stage, it is still valid in the current block, which can lead to...

The vulnerability of the Transaction Processing sub-component of the Oracle FLEXCUBE Core Banking banking analytics system’s simulation model, Oracle Financial Services Applications. This vulnerability allows attackers to create, delete, or modify access rights to protected information, or gain read-only access to data. It can also cause partial service interruption.

The vulnerability of the Transaction Processing sub-component of the Oracle FLEXCUBE Core Banking banking analytics system, an imitation model of Oracle Financial Services Applications, is related to the lack of protection for operational data. Exploiting this vulnerability allows a malicious act...

DEBIAN-CVE-2017-5435

A use-after-free vulnerability occurs during transaction processing in the editor during design mode interactions. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...

CVE-2017-5435

CVE-2017-5435 is a use-after-free in Firefox/Thunderbird during editor design-mode transaction processing, causing a potentially exploitable crash. Public details place affected products as Firefox/Firefox ESR and Thunderbird prior to certain fixed versions (e.g., Thunderbird < 52.1, Firefox E...

Mozilla: Use-after-free during transaction processing in the editor (MFSA 2017-11, MFSA 2017-12)

A use-after-free vulnerability occurs during transaction processing in the editor during design mode interactions. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...

Mozilla: Use-after-free during transaction processing in the editor (MFSA 2017-11, MFSA 2017-12)

A use-after-free vulnerability occurs during transaction processing in the editor during design mode interactions. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...

UBUNTU-CVE-2017-5435

A use-after-free vulnerability occurs during transaction processing in the editor during design mode interactions. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...

DDoS Attacks on Major US Banks Resurface

UPDATE — The group that claimed responsibility for large-scale distributed denial-of-service attacks against major U.S. banks in September and October has carried out another flurry of attacks that are still ongoing today. Izz ad-Din al-Qassam Cyber Fighters posted its latest threat on Pastebin,...

IBM Informix Dynamic Server oninit.exe EXPLAIN Stack Buffer Overflow (CVE-2010-4053)

Informix is a family of relational database management system RDBMS products by IBM. IBM Informix Dynamic Server is an online transaction processing data server. A stack buffer overflow exists in IBM Informix Dynamic Server Database. The vulnerability is caused by insufficient checks within a...

Informix Detection

The remote host is running Informix, an online transaction processing OLTP data server from IBM. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include"compat.inc"; if description scriptid22228; scriptversion"1.18";...