CVE-2023-36643

Incorrect Access Control in ITB-GmbH TradePro v9.5, allows remote attackers to receive all orders from the online shop via oordershow component in customer function...

CVE-2023-36645

The CVE-2023-36645 entry concerns ITB-GmbH TradePro v9.5 with a SQL injection via the oordershow component in the customer function. Connected PT-2024-12574 details show the root cause as an access-control weakness allowing remote exploitation to execute SQL queries. Affects ITB-GmbH TradePro 9.5...

CVE-2023-36645

SQL injection vulnerability in ITB-GmbH TradePro v9.5, allows remote attackers to run SQL queries via oordershow component in customer function...

CVE-2023-36644

Incorrect Access Control in ITB-GmbH TradePro v9.5, allows remote attackers to receive all order confirmations from the online shop via the printmail plugin...

CVE-2023-36644

Incorrect Access Control in ITB-GmbH TradePro v9.5, allows remote attackers to receive all order confirmations from the online shop via the printmail plugin...

CVE-2023-36643

Incorrect Access Control in ITB-GmbH TradePro v9.5, allows remote attackers to receive all orders from the online shop via oordershow component in customer function...

CVE-2023-34798

An arbitrary file upload vulnerability in eoffice before v9.5 allows attackers to execute arbitrary code via uploading a crafted file...

Security Bulletin: DB2 Escalation of Privilege Vulnerability (CVE-2011-4061)

Abstract The IBM Tivoli Monitoring Agent shipped with IBM DB2 V9.5 and V9.7 products contains an escalation of privilege vulnerability. Content VULNERABILITY DETAILS CVE ID: CVE-2011-4061 DESCRIPTION: The IBM DB2 products listed below bundle IBM Tivoli Monitoring Agent ITMA, provided for users of...

CVE-2021-21513

Dell EMC OpenManage Server Administrator (OMSA) 9.5 on Windows with Distributed Web Server (DWS) enabled contains an authentication bypass vulnerability that could allow a remote unauthenticated attacker to gain administrator access. Root cause details are not provided beyond the bypass descripti...

Authentication flaw

HCL OneTest UI V9.5, V10.0, and V10.1 does not perform authentication for functionality that either requires a provable user identity or consumes a significant amount of resources...

CVE-2020-14246

HCL OneTest Performance V9.5, V10.0, V10.1 uses basic authentication which is relatively weak. An attacker could potentially decode the encoded credentials...

CVE-2020-14245

CVE-2020-14245 affects HCL OneTest UI (versions 9.5, 10.0, 10.1) and is described as not performing authentication for functionality that requires a provable user identity or that can consume significant resources. The CVE is cited with a high-severity network-access risk (NVD CVSSv2: 7.5, partia...

ICONICS GENESIS64, GENESIS32

1. EXECUTIVE SUMMARY CVSS v3 9.4 ATTENTION: Exploitable remotely Vendor: ICONICS Equipment: GENESIS64, GENESIS32 Vulnerabilities: Out-of-Bounds Write, Deserialization of Untrusted Data, Code Injection 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow remote code...

Security Bulletin: IBM Security Guardium has released patch in response to the vulnerabilities known as Spectre and Meltdown

Summary IBM has released the following patch for IBM Security Guardium in response to CVE-2017-5753, CVE-2017-5715 and CVE-2017-5754 Vulnerability Details CVEID: CVE-2017-5753 CVEID: CVE-2017-5715 CVEID: CVE-2017-5754 Affected Products and Versions IBM Security Guardium V8.2 IBM Security Guardium...

Security Bulletin: OS Command Injection vulnerability affects IBM Security Guardium (CVE-2017-1253 )

Summary IBM Security Guardium could allow a remote authenticated attacker to execute arbitrary commands on the system. IBM Security Guardium has fixed this vulnerability Vulnerability Details CVEID: CVE-2017-1253 DESCRIPTION: IBM Security Guardium could allow a remote authenticated attacker to...

Security Bulletin: Privilege escalation vulnerability affects IBM Security Guardium (CVE-2017-1122)

Summary IBM Security Guardium contains a vulnerability that could allow a local attacker with CLI access to inject arbitrary commands which would be executed as root. IBM Security Guardium has addressed this issue Vulnerability Details CVEID: CVE-2017-1122 DESCRIPTION: IBM Security Guardium...

Security Bulletin: IBM Security Guardium is affected by Linux kernel privesc: Dirty COW vulnerability (CVE-2016-5195)

Summary Linux Kernel could allow a local attacker to gain elevated privileges on the system, caused by a race condition when handling the copy-on-write COW breakage of private read-only memory mappings by the memory subsystem. IBM Security Guardium has provided a fix for this vulnerability...

Security Bulletin: OpenSource Oracle MySQL Vulnerability affects IBM Security Guardium (CVE-2016-2047)

Summary Oracle MySQL, MariaDB and Percona Server could allow a remote attacker to bypass security restrictions. IBM Security Guardium has addressed the applicable CVE Vulnerability Details CVEID: CVE-2016-2047 DESCRIPTION: Oracle MySQL, MariaDB and Percona Server could allow a remote attacker to...

Security Bulletin: A security vulnerability has been identified in WebSphere v6.1 and v7.x shipped with InfoSphere Warehouse v9.5, V9.7, V10.1,and v10.5 (CVE-2014-0114)

Summary WebSphere v6.1 and WebSphere v7.x is shipped as a component of InfoSphere Warehouse v9.5, V9.7, V10.1,and v10.5 . Information about a security vulnerability affecting WebSphere v6.1 and WebSphere v7.x has been published in a security bulletin. Vulnerability Details Please consult the...

Security Bulletin: Security vulnerabilities have been identified in IBM DB2 shipped with WebSphere Dynamic Process Edition (CVE-2013-6747, CVE-2014-0963)

Summary IBM DB2 is shipped as a component of WebSphere Dynamic Process Edition. Information about security vulnerabilities affecting IBM DB2 have been published in a security bulletin. Vulnerability Details Consult the IBM DB2 is impacted by multiple TLS/SSL security vulnerabilities security...