Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities

## Summary IBM Cloud Transformation Advisor has addressed multiple security vulnerabilities including those in Node.js, Java SE and various other libraries. ## Vulnerability Details ** CVEID: **[CVE-2 ...

Continue Reading
Security Bulletin: IBM Security Guardium Insights is affected by multiple vulnerabilities

## Summary IBM Security Guardium Insights has addressed the following vulnerabilities. ## Vulnerability Details ** CVEID: **[CVE-2019-12399]() ** DESCRIPTION: **Apache Kafka could allow a remote attac ...

Continue Reading
Join Qualys at Black Hat USA 2022!

![](https://blog.qualys.com/wp-content/uploads/2022/07/blackhat2022_Tradeshow_Email_Banner_Desktop_1216x530.jpg) Need to get more security? As a Titanium Sponsor of [**Black Hat USA 2022**]() Qualys w ...

Continue Reading
CVE-2022-24406

OX App Suite through 7.10.6 allows SSRF because multipart/form-data boundaries are predictable, and this can lead to injection into internal Documentconverter API calls.Read More ...

Continue Reading
CVE-2022-24405

OX App Suite through 7.10.6 allows OS Command Injection via a serialized Java class to the Documentconverter API.Read More ...

Continue Reading
CVE-2022-36900

Jenkins Compuware zAdviser API Plugin 1.0.3 and earlier does not restrict execution of a controller/agent message to agents, allowing attackers able to control agent processes to retrieve Java system ...

Continue Reading
Security update for python-M2Crypto (important)

An update that fixes one vulnerability is now available. Description: This update for python-M2Crypto fixes the following issues: - CVE-2020-25657: Fixed Bleichenbacher timing attacks in the RSA ...

Continue Reading
JVN#40907489: “Hulu / ????” App for Android uses a hard-coded API key for an external service

"Hulu / ????" App for Android provided by HJ Holdings, Inc. uses a hard-coded API key for an external service ([CWE-798]()). ## Impact The hard-coded API key may be retrieved via reverse-engineering ...

Continue Reading

Back to Main

Subscribe for the latest news: