205 matches found
mrpeanutir.com Cross Site Scripting vulnerability OBB-2422573
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
blog.stellantisnorthamerica.com Cross Site Scripting vulnerability OBB-2336959
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Security Bulletin: WebSphere Application Server is vulnerable to a denial of service which can impact IBM Engineering Lifecycle Management (ELM) products based on IBM Jazz technology
Summary WebSphere Application Server is vulnerable to a denial of service CVE-2021-38951. This may affect IBM Engineering Products based on IBM Jazz technology. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected...
Security Bulletin: IBM Application Navigator is vulnerable to an remote attacker exploitation of Apache Log4j (CVE-2021-44228)
Summary The IBM Application Navigator contains a copy of Apache Log4j which is not used by the IBM Application Navigator function. Out of an abundance of caution this update removes the unused copy of Apache Log4j. Vulnerability Details CVEID: CVE-2021-44228 DESCRIPTION: Apache Log4j could allow ...
Python < 2.7.14, 3.4.x < 3.4.8, 3.5.x < 3.5.5 PyString_DecodeEscape integer overflow (bpo-30657) - Linux
CPython aka Python is prone to an integer overflow vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python";...
Security Bulletin: Security Vulnerabilities in IBM® Java SDK July 2021 CPU affect multiple IBM Continuous Engineering products based on IBM Jazz Technology
Summary There are multiple vulnerabilities in IBM® SDK Java Technology Edition from July 2021 CPU that are used by IBM Jazz Team Server affecting the following IBM Jazz Team Server based Applications: Engineering Lifecycle Management ELM, IBM Engineering Requirements Management DOORS Next DOORS...
Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Security Directory Server
Summary IBM WebSphere Application Server WAS is shipped with IBM Security Directory Server ISDS. Information about security vulnerabilities affecting IBM WebSphere Application Server has been published in security bulletin. Vulnerability Details Refer to the security bulletins listed in the...
travelmanagers.com.au Cross Site Scripting vulnerability OBB-2125991
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
Advisory ROSA-SA-2021-1867
Software: libebml 1.3.9 OS: Cobalt 7.9 CVE-ID: CVE-2021-3405 CVE-Crit: MEDIUM CVE-DESC: A bug was found in libebml before version 1.4.2. A heap overflow bug exists in the EbmlString :: ReadData and EbmlUnicodeString :: ReadData implementations of libebml. CVE-STATUS: default CVE-REV: default...
Security Bulletin: Vulnerability in WebSphere Application Server affects multiple IBM Rational products based on IBM Jazz technology (CVE-2016-3092)
Summary Apache Commons Fileupload vulnerability in WebSphere Application Server bundled with IBM Jazz Team Server based Applications affects multiple products: Collaborative Lifecycle Management CLM, Rational DOORS Next Generation RDNG, Rational Engineering Lifecycle Manager RELM, Rational Team...
Security Bulletin: Security Vulnerability in IBM® Java SDK affect IBM Rational Team Concert Apr 2019 CPU
Summary There is a security vulnerability in IBM® SDK Java Technology Edition, Version 1.7 and 1.8 that is used by Rational Team Concert RTC. This issue was disclosed as part of the IBM Java SDK updates in April 2019. Vulnerability Details CVEID: CVE-2019-2602 DESCRIPTION: An unspecified...
Security Bulletin: Security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Security Identity Manager(CVE-2020-4949)
Summary IBM WebSphere Application Server WAS is shipped with IBM Security Identity Manager ISIM. Information about security vulnerabilitiy affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the...
Security Bulletin: Multiple vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Security Identity Manager
Summary IBM WebSphere Application Server WAS is shipped with IBM Security Identity Manager ISIM. Information about security vulnerabilities affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the...
SUSE SLES15 Security Update : kernel (SUSE-SU-2020:3764-1)
The SUSE Linux Enterprise 15 SP2 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2020-15436: Fixed a use after free vulnerability in fs/blockdev.c which could have allowed local users to gain privileges or cause a denial of service...
Security Bulletin: A Security vulnerabilty has been identified in IBM WebSphere Application Server shipped with IBM Security Identity Manager(CVE-2020-4629)
Summary IBM WebSphere Application Server WAS is shipped with IBM Security Identity Manager ISIM. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the...
LY Corporation: Path traversal in a Tomcat server
A path traversal vulnerability was discovered in a Tomcat server, which allowed an attacker to access internal resources such as the administrator page. The vulnerability was caused by a misconfiguration between the reverse proxy and the WAS, and occurred when the attacker entered the string "..;...
Security Bulletin: Security vulnerabilty have been identified in IBM WebSphere Application Server shipped with IBM Security Identity Manager(CVE-2019-17566)
Summary IBM WebSphere Application Server WAS is shipped with IBM Security Identity Manager ISIM. Information about security vulnerabilities affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the...
kolczykowo.pl Cross Site Scripting vulnerability OBB-1244779
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
jackson-databind: Serialization gadgets in org.apache.openjpa.ee.WASRegistryManagedRuntime
A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. The interaction between serialization gadgets and typing is mishandled. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...
Security Bulletin: Security vulnerabilty have been identified in IBM WebSphere Application Server shipped with IBM Security Identity Manager( CVE-2020-4464 )
Summary IBM WebSphere Application Server WAS is shipped with IBM Security Identity Manager ISIM. Information about security vulnerabilities affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the...