590 matches found
Security Bulletin: CVE-2021-28165 In Eclipse Jetty CPU usage can reach 100% upon receiving a large invalid TLS frame.
Summary CVE-2021-28165 In Eclipse Jetty CPU usage can reach 100% upon receiving a large invalid TLS frame. Vulnerability Details CVEID: CVE-2021-28165 DESCRIPTION: Eclipse Jetty is vulnerable to a denial of service, caused by improper input valistion. By sending a specially-crafted TLS frame, a...
Security Bulletin: CVE-2021-27568 An issue was discovered in netplex json-smart-v1, an exception is thrown from a function
Summary CVE-2021-27568 An issue was discovered in netplex json-smart-v1, an exception is thrown from a function, may cause programs to crash or expose sensitive info Vulnerability Details CVEID: CVE-2021-27568 DESCRIPTION: Netplex json-smart-v1 and json-smart-v2 are vulnerable to a denial of...
IBM UrbanCode Deploy has an unspecified vulnerability
IBM UrbanCode Deploy UCD is a set of application automation deployment tools from IBM Corporation in the United States. The tool is based on an application deployment automation management information model and uses remote agent technology to automate the deployment of complex applications in...
CVE-2021-29711
IBM UrbanCode Deploy UCD 6.2.7.3, 6.2.7.4, 6.2.7.8 , 6.2.7.9, 7.0.3.0, 7.0.4.0, 7.0.5.4, 7.1.0.0, 7.1.1.0, 7.1.1.1, and 7.1.1.2 could allow an authenticated user with certain permissions to initiate an agent upgrade through the CLI interface. IBM X-Force ID: 200965...
Code injection
IBM UrbanCode Deploy UCD 6.2.7.3, 6.2.7.4, 6.2.7.8 , 6.2.7.9, 7.0.3.0, 7.0.4.0, 7.0.5.4, 7.1.0.0, 7.1.1.0, 7.1.1.1, and 7.1.1.2 could allow an authenticated user with certain permissions to initiate an agent upgrade through the CLI interface. IBM X-Force ID: 200965...
CVE-2021-29711
CVE-2021-29711 affects IBM UrbanCode Deploy (UCD) versions including 6.2.7.3/4/8/9, 7.0.3.0/4.0/5.4, 7.1.0.0/1.0/1.1/1.2, and 7.1.1.x. The IBM security bulletin notes that an authenticated user with certain permissions could initiate an agent upgrade through the CLI interface, due to inconsistent...
CVE-2021-29711
IBM UrbanCode Deploy UCD 6.2.7.3, 6.2.7.4, 6.2.7.8 , 6.2.7.9, 7.0.3.0, 7.0.4.0, 7.0.5.4, 7.1.0.0, 7.1.1.0, 7.1.1.1, and 7.1.1.2 could allow an authenticated user with certain permissions to initiate an agent upgrade through the CLI interface. IBM X-Force ID: 200965...
IBM UrbanCode Deploy 安全漏洞
IBM UrbanCode Deploy UCD is a set of application automation deployment tools from IBM Corporation in the United States. The tool is based on an application deployment automation management information model and uses remote agent technology to automate the deployment of complex applications in...
Security Bulletin: IBM UrbanCode Deploy (UCD) stores keystore passwords in plain after a manuel edit, which can be read by a local user.
Summary IBM UrbanCode Deploy UCD leaves a keystore passwords in plain text after a manual edit, which may be read by a local user. Vulnerability Details CVEID: CVE-2020-4944 DESCRIPTION: IBM UrbanCode Deploy UCD stores keystore passwords in plain in plain text after a manuel edit, which can be re...
Security Bulletin: XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating
Summary XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. Vulnerability Details Refer t...
IBM UrbanCode Deploy elevation of privilege vulnerability (CNVD-2021-26382)
IBM UrbanCode Deploy UCD is a set of application automation deployment tools from IBM in the United States. The tool is based on an application deployment automation management information model, and through remote agent technology, to realize the complex application in different environments, su...
IBM UrbanCode Deploy Information Disclosure Vulnerability (CNVD-2021-24460)
IBM UrbanCode Deploy UCD is a set of application automation deployment tools from IBM in the United States. The tool is based on an application deployment automation management information model, and through remote agent technology, to realize the complex application in different environments, su...
IBM UrbanCode Deploy Information Disclosure Vulnerability (CNVD-2021-24459)
IBM UrbanCode Deploy UCD is a set of application automation deployment tools from IBM in the United States. The tool is based on an application deployment automation management information model, and through remote agent technology, to realize the complex application in different environments, su...
CVE-2020-4944
IBM UrbanCode Deploy UCD 7.0.3.0, 7.0.4.0, 7.0.5.3, 7.0.5.4, 7.1.0.0, 7.1.1.0, 7.1.1.1, and 7.1.1.2, stores keystore passwords in plain text after a manual edit, which can be read by a local user. IBM X-Force ID: 191944...
CVE-2020-4848
IBM UrbanCode Deploy UCD 6.2.7.9, 7.0.5.4, and 7.1.1.1 could allow an authenticated user to initiate a plugin or compare process resources that they should not have access to. IBM X-Force ID: 190293...
CVE-2020-4944
IBM UrbanCode Deploy UCD 7.0.3.0, 7.0.4.0, 7.0.5.3, 7.0.5.4, 7.1.0.0, 7.1.1.0, 7.1.1.1, and 7.1.1.2, stores keystore passwords in plain text after a manual edit, which can be read by a local user. IBM X-Force ID: 191944...
CVE-2020-4884
IBM UrbanCode Deploy UCD 6.2.7.9, 7.0.5.4, and 7.1.1.1 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 190908...
CVE-2020-4848
IBM UrbanCode Deploy UCD 6.2.7.9, 7.0.5.4, and 7.1.1.1 could allow an authenticated user to initiate a plugin or compare process resources that they should not have access to. IBM X-Force ID: 190293...
CVE-2020-4884
IBM UrbanCode Deploy UCD 6.2.7.9, 7.0.5.4, and 7.1.1.1 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 190908...
Code injection
IBM UrbanCode Deploy UCD 6.2.7.9, 7.0.5.4, and 7.1.1.1 could allow an authenticated user to initiate a plugin or compare process resources that they should not have access to. IBM X-Force ID: 190293...