Security Bulletin: IBM WebSphere Process Server Java API Documentation Frame Injection Vulnerability (CVE-2013-1571)
## Abstract Java API Documentation contains a frame injection vulnerability. ## Content **VULNERABILITY DETAILS: ** **CVEID: **CVE-2013-1571 **DESCRIPTION:** HTML documentation generated by the ...
Continue Reading
September 15, 2022
Gitea 1.16.6 – Remote Code Execution Exploit
Post ContentRead More ...
Continue Reading
September 15, 2022
(RHSA-2022:6541) Moderate: php:7.4 security update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix(es): * Archive_Tar: allows an unserialization attack because phar: is blocked but PHAR: is not blocke ...
Continue Reading
September 15, 2022
(RHSA-2022:6542) Moderate: php:7.4 security update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix(es): * Archive_Tar: allows an unserialization attack because phar: is blocked but PHAR: is not blocke ...
Continue Reading
September 15, 2022
(RHSA-2022:6541) Moderate: php:7.4 security update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix(es): * Archive_Tar: allows an unserialization attack because phar: is blocked but PHAR: is not blocke ...
Continue Reading
September 15, 2022
(RHSA-2022:6542) Moderate: php:7.4 security update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix(es): * Archive_Tar: allows an unserialization attack because phar: is blocked but PHAR: is not blocke ...
Continue Reading
September 15, 2022
Security Bulletin: IBM Sterling Control Center is vulnerable to denial of service by authenticated user due to Spring Framework (CVE-2022-22971)
## Summary Spring Framework is vulnerable to a denial of service, caused by a flaw with a STOMP over WebSocket endpoint. By sending a specially-crafted request, a remote authenticated attacker could e ...
Continue Reading
September 14, 2022
ruby:2.7 security, bug fix, and enhancement update
ruby [2.7.6-138] - Upgrade to Ruby 2.7.6. Resolves: rhbz#2109424 - Fix FTBFS due to an incompatible load directive. Related: rhbz#2109424 - Fix a fiddle import test on an optimized glibc on Power ...
Continue Reading
September 14, 2022
Security Bulletin: Spoofing vulnerability in IBM Business Automation Workflow (CVE-2019-4045)
## Summary A Spoofing vulnerability has been found in IBM Business Automation Workflow. ## Vulnerability Details **CVEID:** [CVE-2019-4045]() **DESCRIPTION:** IBM Business Automation Workflow and IBM ...
Continue Reading
September 14, 2022
