Security Bulletin: IBM Master Data Management vulnerable to denial of service due to IBM WebSphere Application Server under certain configurations (CVE-2024-45085)

Summary IBM Master Data Management 11.6 is vulnerable to a denial of service from a specailly crafted request through IBM WebSphere Application Server. IBM WebSphere Application Server is vulnerable to a denial of service, under certain configurations, caused by an unexpected specially crafted...

CVE-2024-48120

X2CRM v8.5 is vulnerable to a stored Cross-Site Scripting XSS in the "Opportunities" module. An attacker can inject malicious JavaScript code into the "Name" field when creating a list...

CVE-2024-48120

X2CRM v8.5 is vulnerable to a stored Cross-Site Scripting XSS in the "Opportunities" module. An attacker can inject malicious JavaScript code into the "Name" field when creating a list...

CVE-2024-48120

X2CRM v8.5 is affected by a stored XSS in the Opportunities module. The vulnerability allows an authenticated attacker to inject JavaScript via the Name field when creating a list, with the payload stored and later triggered. Evidence consistently references a stored XSS path in the Opportunities...

CVE-2024-48120

X2CRM v8.5 is vulnerable to a stored Cross-Site Scripting XSS in the "Opportunities" module. An attacker can inject malicious JavaScript code into the "Name" field when creating a list...

Security Bulletin: Vulnerability identified in IBM WebSphere Application Server shipped with IBM WebSphere Service Registry and Repository (CVE-2023-23477)

Summary IBM WebSphere Application Server is shipped as a component of IBM WebSphere Service Registry and Repository. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulleti...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Tivoli Netcool/OMNIbus WebGUI (CVE-2022-38712)

Summary Websphere Application Server WAS is shipped as a component of Tivoli Netcool/OMNIbus WebGUI. Information about a security vulnerability affecting WAS has been published in a security bulletin. Vulnerability Details CVEID:CVE-2022-38712 DESCRIPTION: IBM WebSphere Application Server 7.0, 8....

Security Bulletin: Information disclosure vulnerability affect IBM Business Automation Workflow and IBM Business Process Manager (BPM) - CVE-2021-38900

Summary IBM Business Process Manager and IBM Business Automation Workflow are vulnerable to a information disclosure attack, potentially revealing sensitive information to an administrator. Vulnerability Details CVEID: CVE-2021-38900 DESCRIPTION: IBM Business Process Manager 8.5 and 8.6 and IBM...

Security Bulletin: Multiple security vulnerabilities has been identified in IBM WebSphere Application Server shipped with Tivoli Netcool/OMNIbus WebGUI - July 2021 CPU

Summary Websphere Application Server WAS is shipped as a component of Tivoli Netcool/OMNIbus WebGUI. Information about security vulnerabilities affecting WAS has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Tivoli Netcool/OMNIbus WebGUI (CVE-2020-5016)

Summary Websphere Application Server WAS is shipped as a component of Tivoli Netcool/OMNIbus WebGUI. Information about a security vulnerability affecting WAS has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

Security Bulletin: Multiple security vulnerabilities has been identified in IBM WebSphere Application Server shipped with Tivoli Netcool/OMNIbus WebGUI - October 2020 CPU

Summary Websphere Application Server WAS is shipped as a component of Tivoli Netcool/OMNIbus WebGUI. Information about security vulnerabilities affecting WAS has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

Security Bulletin: IBM i Integrated Web Application Server version 8.5 is affected by vulnerabilities CVE-2016-0359 and CVE-2016-2923.

Summary IBM i Integrated Web Application Server version 8.5 is affected by the following vulnerabilities CVE-2016-0359 and CVE-2016-2923. Vulnerability Details CVEID: CVE-2016-0359 DESCRIPTION: IBM WebSphere Application Server is vulnerable to HTTP response splitting attacks. A remote attacker...

Security Bulletin: Security vulnerabilities have been identified in WebSphere Application Server shipped with WebSphere Service Registry and Repository (CVE-2019-4441 and CVE-2019-4505)

Summary WebSphere Application Server is shipped as a component of WebSphere Service Registry and Repository. Information about security vulnerabilities affecting WebSphere Application Server have been published in security bulletins. Vulnerability Details Refer to the following security bulletins...

Security Bulletin: Security vulnerabilities have been identified in WebSphere Application Server shipped with WebSphere Service Registry and Repository (CVE-2019-4442, CVE-2019-4271, CVE-2019-4268, CVE-2019-4270 and CVE-2019-4477)

Summary WebSphere Application Server is shipped as a component of WebSphere Service Registry and Repository. Information about security vulnerabilities affecting WebSphere Application Server have been published in security bulletins. Vulnerability Details Refer to the following security bulletins...

Security Bulletin: Multiple vulnerabilities in WebSphere Application Server affect IBM Business Process Manager (BPM), WebSphere Process Server (WPS) and WebSphere Lombardi Edition (WLE) (Java CPU April 2017)

Summary WebSphere Application Server is shipped as a component of IBM Business Process Manager, WebSphere Process Server, and WebSphere Lombardi Edition. WebSphere Application Server Liberty is shipped as a component of the optional BPM component Process Federation Server. Information about...

Security Bulletin: Security vulnerabilities have been identified in WebSphere Application Server shipped with WebSphere Service Registry and Repository (CVE-2019-4046 and CVE-2019-4080)

Summary WebSphere Application Server is shipped as a component of WebSphere Service Registry and Repository. Information about security vulnerabilities affecting WebSphere Application Server have been published in security bulletins. Vulnerability Details Please consult Security Bulletin: Potenti...

Security Bulletin: Security vulnerabilities have been identified in IBM Java shipped with IBM Security Identity Manager

Summary IBM Security Identity Manager ISIM is affected through IBM WebSphere Application Server. Information about a security vulnerability affecting WebSphere Application Server has been published in a bulletin. Vulnerability Details Please consult the security bulletin Security Bulletin: Multip...

Security Bulletin: Potential denial of service in WebSphere Application Server (CVE-2018-10237)

Summary There is a potential denial of service with the Google Guava library that is used in WebSphere Application Server. Vulnerability Details CVEID: CVE-2018-10237 DESCRIPTION: Google Guava is vulnerable to a denial of service, caused by improper eager allocation checks in the AtomicDoubleArra...

Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Intelligent Operations Center (CVE-2018-1926)

Summary IBM WebSphere Application Server is shipped with IBM Intelligent Operations Center. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Consult the security bulletin, Security Bulletin:...

NovaRad NovaPACS Diagnostics Viewer v8.5 OOB XXE File Disclosure

Summary NovaPACS revolutionary workflow infrastructure has been designed and developed using the expertise of radiology directors, technicians, PACS administrators for over 20 years. This wealth of imaging experience has lead to over 850 installations in more than 15 countries as well as key...