CVE-2016-9981
IBM AppScan Enterprise Edition 9.0 contains an unspecified vulnerability that could allow an attacker to hijack a valid user’s session. IBM X-Force ID: 120257
Read MoreAuthor: Cyberthreat Blog
CVE-2017-1468
IBM InfoSphere Information Server 9.1, 11.3, and 11.5 could allow a local user to gain elevated privileges by placing arbitrary files in installation directories. IBM X-force ID: 128467.
Read MoreCVE-2017-1383
IBM InfoSphere Information Server 9.1, 11.3, and 11.5 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or...
Read MoreCloud Service Agreements (Part 16 of 20: CERT Best Practices to Mitigate Insider Threats Series)
The 16th practice described in the newly released edition of the Common Sense Guide to Mitigating Insider Threats is Practice 16: Define explicit security agreements for any cloud services, especially access restrictions and...
Read MoreCVE-2017-11364
The CMS installer in Joomla! before 3.7.4 does not verify a user’s ownership of a webspace, which allows remote authenticated users to gain control of the target application by leveraging Certificate Transparency...
Read More