CVE-2022-22486 : IBM TIVOLI WORKLOAD SCHEDULER 9.4/9.5/10.1 XML EXTERNAL ENTITY REFERENCE

Description

IBM Tivoli Workload Scheduler 9.4, 9.5, and 10.1 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 226328.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/226328

https://www.ibm.com/support/pages/node/6890697

For More Information

MITRE

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2023-28102 : DISCORDRB ENCODER.RB FILE OS COMMAND INJECTION

CVE-2023-28102 : DISCORDRB ENCODER.RB FILE OS COMMAND INJECTION

Description discordrb is an implementation of the Discord API using Ruby. In discordrb before commit `91e13043ffa` the `encoder.rb` file unsafely

CVE-2022-4126 : ABB RCCMD PRIOR 4.40 230207 HARD-CODED PASSWORD

CVE-2022-4126 : ABB RCCMD PRIOR 4.40 230207 HARD-CODED PASSWORD

Description Use of Default Password vulnerability in ABB RCCMD on Windows, Linux, MacOS allows Try Common or Default Usernames and

CVE-2023-25655 : BASERCMS UP TO 4.7.4 UNRESTRICTED UPLOAD

CVE-2023-25655 : BASERCMS UP TO 4.7.4 UNRESTRICTED UPLOAD

Description baserCMS is a Content Management system. Prior to version 4.7.5, any file may be uploaded on the management system