Security Bulletin: Multiple Vulnerabilities in IBM Tivoli Netcool/OMNIbus_GUI

Summary Multiple vulnerabilities were addressed in IBM Tivoli Netcool/OMNIbusGUI 8.1.0 Fix Pack 41. Vulnerability Details CVEID:CVE-2026-29063 DESCRIPTION: Immutable.js provides many Persistent Immutable data structures. Prior to versions 3.8.3, 4.3.7, and 5.1.5, Prototype Pollution is possible i...

EUVD-2022-5067

Malicious code in bioql PyPI...

GHSA-R2PG-W96P-PCPJ ws-xmlrpc DoS Vulnerability

The Content-Encoding HTTP header feature in ws-xmlrpc 3.1.3 as used in Apache Archiva allows remote attackers to cause a denial of service resource consumption by decompressing a large file containing zeroes...

CVE-2019-17570

The CVE-2019-17570 issue affects Apache XML-RPC (ws-xmlrpc) Java library. Root cause: untrusted deserialization in XmlRpcResponseParser:addResult that could allow a malicious XML-RPC server to cause arbitrary code execution on a vulnerable client. Impact: high (remote code execution) with network...

NewStart CGSL MAIN 4.05 : xmlrpc3 Vulnerability (NS-SA-2019-0136)

The remote NewStart CGSL host, running version MAIN 4.05, has xmlrpc3 packages installed that are affected by a vulnerability: - A flaw was discovered in the Apache XML-RPC ws-xmlrpc library that deserializes untrusted data when enabledForExtensions setting is enabled. A remote attacker could use...

CVE-2016-5004

The Content-Encoding HTTP header feature in ws-xmlrpc 3.1.3 as used in Apache Archiva allows remote attackers to cause a denial of service resource consumption by decompressing a large file containing zeroes...

CVE-2016-5003

The CVE-2016-5003 issue affects Apache XML-RPC (ws-xmlrpc) v3.1.3 as used in Apache Archiva. It enables remote code execution via deserialization of untrusted Java objects in an ex:serializable element. Public docs (NVD) cite a high/critical impact with network access and no authentication, and m...

CVE-2016-5004

The Content-Encoding HTTP header feature in ws-xmlrpc 3.1.3 as used in Apache Archiva allows remote attackers to cause a denial of service resource consumption by decompressing a large file containing zeroes...

CVE-2016-5004

CVE-2016-5004 : The vulnerability is in the Content-Encoding header handling in ws-xmlrpc 3.1.3 as used in Apache Archiva, allowing remote attackers to cause a denial of service via decompressing a large file containing zeroes. Documented details confirm the affected component and the impact on a...

CVE-2016-5004

The Content-Encoding HTTP header feature in ws-xmlrpc 3.1.3 as used in Apache Archiva allows remote attackers to cause a denial of service resource consumption by decompressing a large file containing zeroes...