Lucene search

K

BD Pyxis™ MedBank Security Vulnerabilities

nvidia
nvidia

Security Bulletin - Omniverse Launcher - August 2023

NVIDIA has released a software update for the Omniverse Workstation Launcher to address a security issue that may lead to information disclosure. To protect your system, download and apply the update for the Omniverse platform that you are using. If you are using the licensed NVIDIA Omniverse...

5.3CVSS

6.4AI Score

0.0005EPSS

2023-08-03 12:00 AM
7
wallarmlab
wallarmlab

Beware of BOLA (IDOR) Vulnerabilities in Web Apps and APIs

Introduction In a recent advisory, the Cybersecurity and Infrastructure Security Agency (CISA) warned vendors, designers, developers, and end-user organizations of web applications about the dangers posed by Insecure Direct Object Reference (IDOR) vulnerabilities, now commonly referred to as BOLA.....

7.1AI Score

2023-08-02 01:38 PM
17
ibm
ibm

Security Bulletin: CVE-2022-40609 affects IBM® SDK, Java™ Technology Edition

Summary CVE-2022-40609 affects the Object Request Broker (ORB) in IBM SDK, Java Technology Edition. An update has been released to address the vulnerability. Vulnerability Details ** CVEID: CVE-2022-40609 DESCRIPTION: **IBM SDK, Java Technology Edition could allow a remote attacker to execute...

9.8CVSS

7.1AI Score

0.003EPSS

2023-08-01 10:21 AM
34
amd
amd

Software based Power Side Channel on AMD CPUs

Bulletin ID:AMD-SB-7006 Potential Impact: Information disclosure Severity:Low Summary A potential leakage of data using software-based power side channels on AMD CPUs was reported to AMD. This issue has also been referred to as ‘Collide + Power’. CVE Details Refer to Glossary for explanation of...

4.7CVSS

6.9AI Score

0.0004EPSS

2023-08-01 12:00 AM
12
ibm
ibm

Security Bulletin: IBM Virtualization Engine TS7700 is susceptible to multiple vulnerabilities due to use of IBM® SDK Java™ Technology Edition, Version 8 (CVE-2023-21967, CVE-2023-21939, CVE-2023-21968, CVE-2023-21937)

Summary IBM Virtualization Engine TS7700 is susceptible to multiple vulnerabilities due to use of IBM® SDK Java™ Technology Edition, Version 8 (CVE-2023-21967, CVE-2023-21939, CVE-2023-21968, CVE-2023-21937). The Java SDK is used by the TS7700 to provide the Management Interface, to perform cache.....

5.9CVSS

6.2AI Score

0.001EPSS

2023-07-31 10:49 PM
18
wallarmlab
wallarmlab

2023 OWASP Top-10 Series: API1:2023 Broken Object Level Authorization

Welcome to the 2nd post in our weekly series on the new 2023 OWASP API Security Top-10 list, with a particular focus on security practitioners. This post will focus on API1:2023 Broken Object Level Authorization. In this series we are taking an in-depth look at each category – the details, the...

7.7AI Score

2023-07-29 01:45 PM
17
ibm
ibm

Security Bulletin: A vulnerability in IBM Java Runtime used by the IBM Installation Manager and IBM Packaging Utility

Summary There is a vulnerability in IBM® Runtime Environment Java™ Versions 8 used by IBM Installation Manager and IBM Packaging Utility. The IBM Installation Manager and IBM Packaging Utility have addressed the applicable CVE and we recommend updating to the latest version to remediate....

7.4CVSS

6.1AI Score

0.001EPSS

2023-07-27 11:00 PM
20
packetstorm

7.1AI Score

2023-07-27 12:00 AM
109
packetstorm

7.1AI Score

2023-07-26 12:00 AM
123
vulnerlab

7.1AI Score

2023-07-26 12:00 AM
148
ibm
ibm

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Decision Optimization for IBM Cloud Private for Data (ICP4Data)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 used by IBM Decision Optimization for ICP4Data. IBM Decision Optimization for ICP4Data has addressed the applicable CVEs. Vulnerability Details If you run your own Java code using the IBM Java Runtime...

3.7CVSS

1.3AI Score

0.018EPSS

2023-07-25 03:28 PM
7
thn
thn

How MDR Helps Solve the Cybersecurity Talent Gap

How do you overcome today's talent gap in cybersecurity? This is a crucial issue — particularly when you find executive leadership or the board asking pointed questions about your security team's ability to defend the organization against new and current threats. This is why many security leaders.....

6.6AI Score

2023-07-25 10:18 AM
24
cve
cve

CVE-2023-20593

An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive...

5.5CVSS

6.9AI Score

0.001EPSS

2023-07-24 08:15 PM
229
cve
cve

CVE-2023-3322

A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts......

8.1CVSS

7.9AI Score

0.001EPSS

2023-07-24 06:15 PM
30
nvd
nvd

CVE-2023-3322

A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts......

8.1CVSS

7.4AI Score

0.001EPSS

2023-07-24 06:15 PM
cve
cve

CVE-2023-3323

A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts......

5.9CVSS

5.5AI Score

0.0004EPSS

2023-07-24 06:15 PM
19
nvd
nvd

CVE-2023-3324

A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts......

7.5CVSS

6.6AI Score

0.001EPSS

2023-07-24 06:15 PM
nvd
nvd

CVE-2023-3321

A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts......

8.8CVSS

7.4AI Score

0.001EPSS

2023-07-24 06:15 PM
nvd
nvd

CVE-2023-3323

A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts......

5.4CVSS

5.8AI Score

0.0004EPSS

2023-07-24 06:15 PM
cve
cve

CVE-2023-3324

A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts......

7.5CVSS

7.4AI Score

0.001EPSS

2023-07-24 06:15 PM
32
cve
cve

CVE-2023-3321

A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts......

8.8CVSS

8.5AI Score

0.001EPSS

2023-07-24 06:15 PM
28
prion
prion

Design/Logic Flaw

A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts......

5.4CVSS

5.5AI Score

0.0004EPSS

2023-07-24 06:15 PM
2
prion
prion

Design/Logic Flaw

A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts......

8.1CVSS

7.9AI Score

0.001EPSS

2023-07-24 06:15 PM
8
prion
prion

Design/Logic Flaw

A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts......

7.5CVSS

7.4AI Score

0.001EPSS

2023-07-24 06:15 PM
9
prion
prion

Design/Logic Flaw

A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts......

8.8CVSS

8.5AI Score

0.001EPSS

2023-07-24 06:15 PM
6
cvelist
cvelist

CVE-2023-3324 Insecure deserialization in zenon internal DLLs

A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts......

6.3CVSS

7.7AI Score

0.001EPSS

2023-07-24 05:20 PM
cvelist
cvelist

CVE-2023-3323 Code Execution through overwriting project file on zenon engineering studio system

A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts......

5.9CVSS

5.9AI Score

0.0004EPSS

2023-07-24 05:17 PM
cvelist
cvelist

CVE-2023-3322 Code Execution through overwriting service executable in utilities directory

A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts......

7CVSS

8.2AI Score

0.001EPSS

2023-07-24 05:12 PM
cvelist
cvelist

CVE-2023-3321 Code Execution through Writable Mosquitto Configuration File

A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts......

7CVSS

8.8AI Score

0.001EPSS

2023-07-24 05:06 PM
mssecure
mssecure

Microsoft Defender Experts for XDR helps triage, investigate, and respond to cyberthreats

It has been an eventful time since the introduction of Microsoft Security Experts.1 We launched Defender Experts for Hunting, our first-party managed threat hunting service for customers who want Microsoft to help them proactively hunt threats across endpoints, Microsoft Office 365, cloud...

6.7AI Score

2023-07-24 04:00 PM
6
trendmicroblog
trendmicroblog

Trend Vision One™ - A Cybersecurity Consolidation Path

A single-platform approach delivers value greater than the sum of its...

7.1AI Score

2023-07-24 12:00 AM
9
vulnerlab

7.1AI Score

2023-07-24 12:00 AM
151
amd
amd

Cross-Process Information Leak

Bulletin ID:AMD-SB-7008 Potential Impact:Information disclosure Severity:Medium Summary Under specific microarchitectural circumstances, a register in “Zen 2” CPUs may not be written to 0 correctly. This may cause data from another process and/or thread to be stored in the YMM register, which may.....

5.5CVSS

7AI Score

0.001EPSS

2023-07-24 12:00 AM
16
ibm
ibm

Security Bulletin: Vulnerability in IBM Java Runtime affects Host On-Demand

Summary There is a vulnerability in IBM® Runtime Environment Java™ Version 8 used by Host On-Demand. Host On-Demand has provided a fix for the applicable CVE. The issue was disclosed as part of the IBM Java SDK and Runtime Environment update from part of Oracle's April 2023 Critical Patch Update......

7.4CVSS

6AI Score

0.001EPSS

2023-07-22 12:08 AM
7
ibm
ibm

Security Bulletin: Vulnerability in IBM Java Runtime affects Host On-Demand

Summary There is a vulnerability in IBM® Runtime Environment Java™ Version 8 used by Host On-Demand. Host On-Demand has provided a fix for the applicable CVEs. This issue was disclosed as part of the IBM Java SDK and Runtime Environment updates in CVE-2023-30441. Vulnerability Details ** CVEID:...

7.5CVSS

5.9AI Score

0.002EPSS

2023-07-21 08:53 PM
6
vulnerlab

7.1AI Score

2023-07-21 12:00 AM
158
ibm
ibm

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Business Developer

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 and IBM® Runtime Environment Java™ Version 8 used by Rational Business Developer. Rational Business Developer has provided fixes for the applicable CVEs. These issues were disclosed as part of the IBM Java...

9.1CVSS

7.2AI Score

0.001EPSS

2023-07-20 08:31 PM
11
cve
cve

CVE-2023-32265

A potential security vulnerability has been identified in the Enterprise Server Common Web Administration (ESCWA) component used in Enterprise Server, Enterprise Test Server, Enterprise Developer, Visual COBOL, and COBOL Server. An attacker would need to be authenticated into ESCWA to attempt to...

7.1CVSS

6.3AI Score

0.0005EPSS

2023-07-20 02:15 PM
18
nvd
nvd

CVE-2023-32265

A potential security vulnerability has been identified in the Enterprise Server Common Web Administration (ESCWA) component used in Enterprise Server, Enterprise Test Server, Enterprise Developer, Visual COBOL, and COBOL Server. An attacker would need to be authenticated into ESCWA to attempt to...

6.5CVSS

6.8AI Score

0.0005EPSS

2023-07-20 02:15 PM
prion
prion

Race condition

A potential security vulnerability has been identified in the Enterprise Server Common Web Administration (ESCWA) component used in Enterprise Server, Enterprise Test Server, Enterprise Developer, Visual COBOL, and COBOL Server. An attacker would need to be authenticated into ESCWA to attempt to...

6.5CVSS

6.3AI Score

0.0005EPSS

2023-07-20 02:15 PM
6
cvelist
cvelist

CVE-2023-32265 Mitigations and availability of updates relating to security vulnerability in ESCWA component CVE-2023-32265.

A potential security vulnerability has been identified in the Enterprise Server Common Web Administration (ESCWA) component used in Enterprise Server, Enterprise Test Server, Enterprise Developer, Visual COBOL, and COBOL Server. An attacker would need to be authenticated into ESCWA to attempt to...

7.1CVSS

7AI Score

0.0005EPSS

2023-07-20 01:01 PM
vulnerlab

7.1AI Score

2023-07-20 12:00 AM
140
wallarmlab
wallarmlab

Q2-2023 API ThreatStats™ Report: API Exploits Are Everywhere: from NVIDIA to Reddit and more!

Our Q2-2023 API ThreatStats™ report is out. It provides API builders, defenders, breakers, and decision-makers with a comprehensive look at the API security vulnerabilities, threats and exploits reported this past quarter. This report provides everyone involved in API development, security and...

7AI Score

2023-07-19 01:12 PM
8
packetstorm

7.1AI Score

2023-07-19 12:00 AM
108
packetstorm

7.1AI Score

2023-07-19 12:00 AM
99
packetstorm

7.1AI Score

2023-07-19 12:00 AM
109
packetstorm

7.1AI Score

2023-07-19 12:00 AM
94
packetstorm

7.1AI Score

2023-07-19 12:00 AM
103
packetstorm

7.1AI Score

2023-07-19 12:00 AM
100
vulnerlab

7.1AI Score

2023-07-19 12:00 AM
118
Total number of security vulnerabilities7896