Latest Softwareag Vulnerabilities

CVE-2023-6578
Software AG WebMethods access control
>=10.11<=10.11.4
>=10.15<=10.15.4
CVE-2023-0925
Version 10.11 of webMethods OneData runs an embedded instance of Azul Zulu Java 11.0.15 which hosts a Java RMI registry (listening on TCP port 2099 by default) and two RMI interfaces (listening on a s...
Softwareag Webmethods=10.11
Microsoft Windows
CVE-2023-39017
** DISPUTED ** quartz-jobs 2.3.2 and below was discovered to contain a code injection vulnerability in the component org.quartz.jobs.ee.jms.SendQueueMessageJob.execute. This vulnerability is exploited...
Softwareag Quartz<=2.3.2
CVE-2021-40650
In Connx Version 6.2.0.1269 (20210623), a cookie can be issued by the application and not have the secure flag set.
Softwareag Connx=6.2.0.1269
CVE-2021-40649
In Connx Version 6.2.0.1269 (20210623), a cookie can be issued by the application and not have the HttpOnly flag set.
Softwareag Connx=6.2.0.1269
CVE-2021-33207
The HTTP client in MashZone NextGen through 10.7 GA deserializes untrusted data when it gets an HTTP response with a 570 status code.
Softwareag Mashzone Nextgen<=10.7
CVE-2021-33523
MashZone NextGen through 10.7 GA allows a remote authenticated user, with access to the admin console, to upload a new JDBC driver that can execute arbitrary commands on the underlying host. This occu...
Softwareag Mashzone Nextgen<=10.7
CVE-2021-33208
The "Register an Ehcache Configuration File" admin feature in MashZone NextGen through 10.7 GA allows XXE attacks via a malicious XML configuration file.
Softwareag Mashzone Nextgen<=10.7
CVE-2021-33581
MashZone NextGen through 10.7 GA has an SSRF vulnerability that allows an attacker to interact with arbitrary TCP services, by abusing the feature to check the availability of a PPM connection. This o...
Softwareag Mashzone Nextgen<=10.7
CVE-2020-35469
The Software AG Terracotta Server OSS Docker image 5.4.1 contains a blank password for the root user. Systems deployed using affected versions of the Terracotta Server OSS container may allow a remote...
Softwareag Terracotta Server Oss=5.4.1
CVE-2019-13990
initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description.
redhat/rhvm-dependencies<0:4.4.0-1.el8e
IBM Data Risk Manager<=2.0.6
maven/org.quartz-scheduler:quartz<2.3.2
redhat/quartz<2.3.2
Softwareag Quartz<2.3.2
Oracle Apache Batik Mapviewer=12.2.0.1
and 178 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203