16 matches found
EUVD-2015-4368
Malware in sbrugna...
EUVD-2019-0201
Malware in sbrugna...
Security Bulletin: QRadar Suite Software includes components with multiple known vulnerabilities
Summary QRadar Suite Software includes components with known vulnerabilities. These have been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest version. Vulnerability Details...
Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to denial of service vulnerability in Node.js ws module [ CVE-2024-37890]
Summary Potential denial of service vulnerability in Node.js ws module CVE-2024-37890 have been identified that could affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details...
Security Bulletin: IBM Cognos Analytics Mobile (iOS) is affected by multiple vulnerabilities
Summary There are vulnerabilities in Open Source Software OSS libraries consumed by IBM Cognos Analytics Mobile. These issues have been addressed by upgrading or removing the vulnerable libraries. Additionally, vulnerabilites related to CORS misconfiguration and Certificate Pinning have been...
Security Bulletin: IBM Decision Optimization for Cloud Pak for Data is vulnerable to a denial of service (CVE-2024-37890)
Summary There is a vulnerability in Node.js ws module used by IBM Decision Optimization for IBM Cloud Pak for Data. IBM Decision Optimization for IBM Cloud Pak for Data has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2024-37890 DESCRIPTION: Node.js ws module is vulnerable to a...
Security Bulletin: IBM Security QRadar EDR Software contains multiple vulnerabilities (CVE-2024-37890, CVE-2024-37891)
Summary IBM Security QRadar EDR Software includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. These have been addressed in an update. Vulnerability Details CVEID:CVE-2024-37890 DESCRIPTION: Node.js ws module is vulnerable to a denia...
CVE-2016-10518
A vulnerability was found in the ping functionality of the ws module before 1.0.0 which allowed clients to allocate memory by sending a ping frame. The ping functionality by default responds with a pong frame and the previously given payload of the ping frame. This is exactly what you expect, but...
DEBIAN-CVE-2016-10518
A vulnerability was found in the ping functionality of the ws module before 1.0.0 which allowed clients to allocate memory by sending a ping frame. The ping functionality by default responds with a pong frame and the previously given payload of the ping frame. This is exactly what you expect, but...
Design/Logic Flaw
A vulnerability was found in the ping functionality of the ws module before 1.0.0 which allowed clients to allocate memory by sending a ping frame. The ping functionality by default responds with a pong frame and the previously given payload of the ping frame. This is exactly what you expect, but...
CVE-2016-10518
A vulnerability was found in the ping functionality of the ws module before 1.0.0 which allowed clients to allocate memory by sending a ping frame. The ping functionality by default responds with a pong frame and the previously given payload of the ping frame. This is exactly what you expect, but...
CVE-2016-10518
A vulnerability was found in the ping functionality of the ws module before 1.0.0 which allowed clients to allocate memory by sending a ping frame. The ping functionality by default responds with a pong frame and the previously given payload of the ping frame. This is exactly what you expect, but...
CVE-2016-10518
CVE-2016-10518 affects the ws Node.js WebSocket module (pre-1.0.0). The vulnerability arises in the ping pathway: data from a ping frame is converted to a Buffer without validating the type, causing memory disclosure when non-zero-sized buffers are used. Affected versions are ws before 1.0.0; mit...
CVE-2016-10518
A vulnerability was found in the ping functionality of the ws module before 1.0.0 which allowed clients to allocate memory by sending a ping frame. The ping functionality by default responds with a pong frame and the previously given payload of the ping frame. This is exactly what you expect, but...
CVE-2016-10518
A vulnerability was found in the ping functionality of the ws module before 1.0.0 which allowed clients to allocate memory by sending a ping frame. The ping functionality by default responds with a pong frame and the previously given payload of the ping frame. This is exactly what you expect, but...
node. js remote memory disclosure vulnerability-vulnerability warning-the black bar safety net
Recently, in allows users to simply send a ping data frame to the allocated memory of the ws module found in the presence of the vulnerability. The vulnerability will reject a user request to send data, allowing users to send a ping data frame function failure, prior to that, it will also increas...