Security Bulletin: IBM Event Streams is vulnerable to Weak Encryption (CVE-2025-45767)

Summary IBM Event Streams is vulnerable to weak encryption due to the JOSE library. JOSE is used for JSON Object Signing and Encryption in token-based authentication. Vulnerability Details CVEID:CVE-2025-45767 DESCRIPTION: jose v6.0.10 was discovered to contain weak encryption. NOTE: this is...

CVE-2019-13001

An issue was discovered in GitLab Community and Enterprise Edition 11.9 and later through 12.0.2. GitLab Snippets were vulnerable to an authorization issue that allowed unauthorized users to add comments to a private snippet. It allows authentication bypass...

PT-2022-5235 · Adobe · Bridge

Name of the Vulnerable Software and Affected Versions: Adobe Bridge versions 11.1.3 and earlier Adobe Bridge versions 12.0.2 and earlier Description: The issue is related to a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this...

Oracle FLEXCUBE Direct Banking Information Disclosure Vulnerability

Oracle FLEXCUBE Direct Banking enables banks to deliver a tailored, portal-based, rich online customer experience based on demographics and market segments. An information disclosure vulnerability exists in the Pre Login component in Oracle FLEXCUBE Direct Banking versions 12.0.1, 12.0.2, and...

Oracle FLEXCUBE Direct Banking Multiple Remote Security Vulnerabilities

Description Oracle FLEXCUBE Direct Banking is prone to multiple remote security vulnerabilities. These vulnerabilities can be exploited over the 'HTTP' protocol. The 'eMail' and 'Payments' components are affected. These vulnerabilities affect the following supported versions: 12.0.2, 12.0.3...

CVE-2017-3535

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications subcomponent: Infrastructure. Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2 and 12.0.3. Easily "exploitable" vulnerability allows unauthenticated attacker with...

CVE-2016-8301

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications subcomponent: Core. Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0 and 12.2.0. Easily exploitable vulnerability allows unauthenticated attacker with...

CVE-2016-8305

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications subcomponent: Core. Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0 and 12.2.0. Easily exploitable vulnerability allows physical access to compromise...

Unspecified Vulnerability in Oracle Financial Services Software Oracle FLEXCUBE Direct Banking Component (CNVD-2016-02477)

Oracle Financial Services Software is a set of Oracle's core banking, online banking and property management financial services software, of which Oracle FLEXCUBE Direct Banking is a set of Internet and mobile banking solution components. An unspecified vulnerability exists in the Login...