17 matches found
EUVD-2020-25822
Malware in sbrugna...
Security Bulletin: Potential Security Vulnerability fixed in WebSphere Virtual Enterprise (CVE-2013-5425)
Abstract Potential Security vulnerability fixed in WebSphere Virtual Enterprise Content VULNERABILITY DETAILS: CVE ID:CVE-2013-5425PM93828 DESCRIPTION: IBM WebSphere Virtual Enterprise may be vulnerable to cross-site scripting in the Administration Console caused by improper validation of...
Elevation of privilege vulnerabilities in multiple Huawei products
Huawei eCNS280TD is a core network device for the wireless broadband trunking system from Huawei China. Huawei ESE620X vESS is a virtual enterprise service controller from Huawei China. An elevation of privilege vulnerability exists in several Huawei products. The vulnerability stems from the fac...
Huawei eCNS280_TD and ESE620X vESS out-of-bounds read vulnerability
Huawei eCNS280TD is a core network device for Huawei's wireless broadband trunking system. Huawei ESE620X vESS is a virtual enterprise service controller from Huawei, China. Huawei eCNS280TD and ESE620X vESS are vulnerable to an out-of-bounds read vulnerability. An attacker can exploit this...
Huawei eCNS280_TD and ESE620X vESS licensing issue vulnerability
Huawei eCNS280TD is a core network device for the wireless broadband trunking system of Huawei China. Huawei ESE620X vESS is a virtual enterprise service controller of Huawei China. Huawei eCNS280TD and ESE620X vESS are vulnerable to an authorization issue that vulnerability stems from file acces...
CVE-2020-4575
IBM WebSphere Application Server ND 8.5 and 9.0, and IBM WebSphere Virtual Enterprise 7.0 and 8.0 are vulnerable to cross-site scripting when High Availability Deployment Manager is configured...
Security Bulletin: WebSphere Application Server ND is vulnerable to cross-site scripting (CVE-2020-4575)
Summary WebSphere Application Server ND is vulnerable to cross-site scripting. This has been addressed. Vulnerability Details CVEID: CVE-2020-4575 DESCRIPTION: IBM WebSphere Application Server ND is vulnerable to cross-site scripting when High Availability Deployment Manager is configured. CVSS...
Security Bulletin: Remote code execution vulnerability in WebSphere Application Server ND (CVE-2020-4448)
Summary There is a remote code execution vulnerability in WebSphere Application Server Network Deployment. This has been addressed. Vulnerability Details CVEID: CVE-2020-4448 DESCRIPTION: IBM WebSphere Application Server Network Deployment could allow a remote attacker to execute arbitrary code o...
Security Bulletin: Remote code execution in WebSphere Application Server ND (CVE-2019-4279)
Summary There is a remote code execution vulnerability in WebSphere Application Server Network Deployment. Vulnerability Details CVEID: CVE-2019-4279 DESCRIPTION: IBM WebSphere Application Server ND could allow a remote attacker to execute arbitrary code on the system with a specially-crafted...
Security Bulletin: Cross-site scripting vulnerability in WebSphere Application Server Admin Console (CVE-2019-4030)
Summary There is a potential cross-site scripting vulnerability in the Admin Console for WebSphere Application Server. Vulnerability Details CVEID: CVE-2019-4030 DESCRIPTION: IBM WebSphere Application Server is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary...
IBM WebSphere Application Server and WebSphere Virtual Enterprise Information Disclosure Vulnerability
IBM WebSphere Application Server WAS and WebSphere Virtual Enterprise WVE are both products of IBM Corporation, U.S.A. WAS is an application server product; WVE is a set of application server virtualization solutions. There are security vulnerabilities in IBM WAS and WVE. A remote attacker could...
IBM WebSphere Application Server and WebSphere Virtual Enterprise Local Privilege Vulnerability
IBM WebSphere Application Server WAS and WebSphere Virtual Enterprise WVE are both products of IBM Corporation, U.S.A. WAS is an application server product; WVE is a set of application server virtualization solutions. The IBM WebSphere Application Server and WebSphere Virtual Enterprise local...
Cross site scripting
Cross-site scripting XSS vulnerability in the Administration Console in IBM WebSphere Virtual Enterprise 6.1 before 6.1.1.6 and 7.0 before 7.0.0.4 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL...
CVE-2013-5425
IBM WebSphere Virtual Enterprise CVE-2013-5425 is an XSS vulnerability in the Administration Console exploitable by remote authenticated users via a crafted URL. Affected versions: VE 6.1 prior to 6.1.1.6 and VE 7.0 prior to 7.0.0.4. Mitigation: apply theFix Pack/Interim Fix PM93828. For VE 7.0, ...
CVE-2012-3330
The proxy server in IBM WebSphere Application Server 7.0 before 7.0.0.27, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1, and WebSphere Virtual Enterprise, allows remote attackers to cause a denial of service daemon outage via a crafted request...
IBM WebSphere Application Server vulnerable to denial-of-service (DoS)
Overview IBM WebSphere Application Server WAS contains a denial-of-service DoS vulnerability. IBM WebSphere Application Server contains a denial-of-service DoS vulnerability due to an issue in Java Runtime Environment JRE. According to the developer: " For other IBM software products that contain...
JVN#26301278: IBM WebSphere Application Server vulnerable to denial-of-service (DoS)
IBM WebSphere Application Server contains a denial-of-service DoS vulnerability due to an issue in Java Runtime Environment JRE. Impact A remote attacker may cause a denial-of-service DoS. Solution Apply a patch Apply the appropriate patch according to the information provided by the developer...