Lucene search

K

BD Pyxis™ MedBank Security Vulnerabilities

cve
cve

CVE-2024-3486

XML External Entity injection vulnerability found in OpenText™ iManager 3.2.6.0200. This could lead to information disclosure and remote code...

7.8CVSS

7.4AI Score

0.0004EPSS

2024-05-15 05:15 PM
3
nvd
nvd

CVE-2024-3485

Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to senstive information...

5.3CVSS

5AI Score

0.0004EPSS

2024-05-15 05:15 PM
nvd
nvd

CVE-2024-3486

XML External Entity injection vulnerability found in OpenText™ iManager 3.2.6.0200. This could lead to information disclosure and remote code...

7.8CVSS

7.7AI Score

0.0004EPSS

2024-05-15 05:15 PM
nvd
nvd

CVE-2024-3483

Remote Code Execution has been discovered in OpenText™ iManager 3.2.6.0200. The vulnerability can trigger command injection and insecure deserialization...

7.8CVSS

8.1AI Score

0.0004EPSS

2024-05-15 05:15 PM
cve
cve

CVE-2024-3483

Remote Code Execution has been discovered in OpenText™ iManager 3.2.6.0200. The vulnerability can trigger command injection and insecure deserialization...

7.8CVSS

7.6AI Score

0.0004EPSS

2024-05-15 05:15 PM
5
vulnrichment
vulnrichment

CVE-2024-3488 File Upload vulnerability in unauthenticated session found in iManager.

File Upload vulnerability in unauthenticated session found in OpenText™ iManager 3.2.6.0200. The vulnerability could allow ant attacker to upload a file without...

5.6CVSS

6.9AI Score

0.0004EPSS

2024-05-15 04:47 PM
cvelist
cvelist

CVE-2024-3488 File Upload vulnerability in unauthenticated session found in iManager.

File Upload vulnerability in unauthenticated session found in OpenText™ iManager 3.2.6.0200. The vulnerability could allow ant attacker to upload a file without...

5.6CVSS

5.8AI Score

0.0004EPSS

2024-05-15 04:47 PM
cvelist
cvelist

CVE-2024-3487 Broken Authentication vulnerability in iManager

Broken Authentication vulnerability discovered in OpenText™ iManager 3.2.6.0200. This vulnerability allows an attacker to manipulate certain parameters to bypass...

3.5CVSS

4.4AI Score

0.0004EPSS

2024-05-15 04:47 PM
vulnrichment
vulnrichment

CVE-2024-3487 Broken Authentication vulnerability in iManager

Broken Authentication vulnerability discovered in OpenText™ iManager 3.2.6.0200. This vulnerability allows an attacker to manipulate certain parameters to bypass...

3.5CVSS

6.9AI Score

0.0004EPSS

2024-05-15 04:47 PM
1
cvelist
cvelist

CVE-2024-3486 XML External Entity injection vulnerability in iManager

XML External Entity injection vulnerability found in OpenText™ iManager 3.2.6.0200. This could lead to information disclosure and remote code...

7.8CVSS

7.8AI Score

0.0004EPSS

2024-05-15 04:46 PM
1
vulnrichment
vulnrichment

CVE-2024-3486 XML External Entity injection vulnerability in iManager

XML External Entity injection vulnerability found in OpenText™ iManager 3.2.6.0200. This could lead to information disclosure and remote code...

7.8CVSS

7.5AI Score

0.0004EPSS

2024-05-15 04:46 PM
vulnrichment
vulnrichment

CVE-2024-3485 Server-Side Request Forgery vulnerability in iManager

Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to senstive information...

5.3CVSS

6.5AI Score

0.0004EPSS

2024-05-15 04:45 PM
cvelist
cvelist

CVE-2024-3485 Server-Side Request Forgery vulnerability in iManager

Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to senstive information...

5.3CVSS

5.4AI Score

0.0004EPSS

2024-05-15 04:45 PM
cvelist
cvelist

CVE-2024-3484 Path Traversal vulnerability found in iManager

Path Traversal found in OpenText™ iManager 3.2.6.0200. This can lead to privilege escalation or file...

5.7CVSS

5.9AI Score

0.0004EPSS

2024-05-15 04:44 PM
vulnrichment
vulnrichment

CVE-2024-3484 Path Traversal vulnerability found in iManager

Path Traversal found in OpenText™ iManager 3.2.6.0200. This can lead to privilege escalation or file...

5.7CVSS

7AI Score

0.0004EPSS

2024-05-15 04:44 PM
cvelist
cvelist

CVE-2024-3483 Remote Code Execution vulnerability in the iManager

Remote Code Execution has been discovered in OpenText™ iManager 3.2.6.0200. The vulnerability can trigger command injection and insecure deserialization...

7.8CVSS

8.3AI Score

0.0004EPSS

2024-05-15 04:44 PM
cvelist
cvelist

CVE-2024-3967 Remote Code Execution vulnerability in the iManager

Remote Code Execution has been discovered in OpenText™ iManager 3.2.6.0200. The vulnerability can trigger remote code execution unisng unsafe java object...

7.6CVSS

8.2AI Score

0.0004EPSS

2024-05-15 04:40 PM
vulnrichment
vulnrichment

CVE-2024-3967 Remote Code Execution vulnerability in the iManager

Remote Code Execution has been discovered in OpenText™ iManager 3.2.6.0200. The vulnerability can trigger remote code execution unisng unsafe java object...

7.6CVSS

8AI Score

0.0004EPSS

2024-05-15 04:40 PM
cvelist
cvelist

CVE-2024-3968 Remote Code Execution vulnerability in the iManager

Remote Code Execution has been discovered in OpenText™ iManager 3.2.6.0200. The vulnerability can trigger remote code execution using custom file upload...

7.8CVSS

8.4AI Score

0.0004EPSS

2024-05-15 04:39 PM
vulnrichment
vulnrichment

CVE-2024-3968 Remote Code Execution vulnerability in the iManager

Remote Code Execution has been discovered in OpenText™ iManager 3.2.6.0200. The vulnerability can trigger remote code execution using custom file upload...

7.8CVSS

8.1AI Score

0.0004EPSS

2024-05-15 04:39 PM
cvelist
cvelist

CVE-2024-3970 Server-Side Request Forgery vulnerability in iManager

Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to senstive information disclosure by directory...

5.3CVSS

5.5AI Score

0.0004EPSS

2024-05-15 04:39 PM
vulnrichment
vulnrichment

CVE-2024-3970 Server-Side Request Forgery vulnerability in iManager

Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to senstive information disclosure by directory...

5.3CVSS

6.6AI Score

0.0004EPSS

2024-05-15 04:39 PM
cve
cve

CVE-2024-1598

Potential buffer overflow in unsafe UEFI variable handling in Phoenix SecureCore™ for Intel Gemini Lake.This issue affects: SecureCore™ for Intel Gemini Lake: from 4.1.0.1 before...

7.5CVSS

7.4AI Score

0.0004EPSS

2024-05-14 04:15 PM
27
nvd
nvd

CVE-2024-1598

Potential buffer overflow in unsafe UEFI variable handling in Phoenix SecureCore™ for Intel Gemini Lake.This issue affects: SecureCore™ for Intel Gemini Lake: from 4.1.0.1 before...

7.5CVSS

7.8AI Score

0.0004EPSS

2024-05-14 04:15 PM
cve
cve

CVE-2024-0762

Potential buffer overflow in unsafe UEFI variable handling in Phoenix SecureCore™ for select Intel platforms This issue affects: Phoenix SecureCore™ for Intel Kaby Lake: from 4.0.1.1 before 4.0.1.998; Phoenix SecureCore™ for Intel Coffee Lake: from 4.1.0.1 before 4.1.0.562; Phoenix ...

7.5CVSS

7.4AI Score

0.0004EPSS

2024-05-14 04:15 PM
28
nvd
nvd

CVE-2024-0762

Potential buffer overflow in unsafe UEFI variable handling in Phoenix SecureCore™ for select Intel platforms This issue affects: Phoenix SecureCore™ for Intel Kaby Lake: from 4.0.1.1 before 4.0.1.998; Phoenix SecureCore™ for Intel Coffee Lake: from 4.1.0.1 before 4.1.0.562; Phoenix ...

7.5CVSS

7.8AI Score

0.0004EPSS

2024-05-14 04:15 PM
1
vulnrichment
vulnrichment

CVE-2024-1598 Potential buffer overflow when handling UEFI variables

Potential buffer overflow in unsafe UEFI variable handling in Phoenix SecureCore™ for Intel Gemini Lake.This issue affects: SecureCore™ for Intel Gemini Lake: from 4.1.0.1 before...

7.5CVSS

7.5AI Score

0.0004EPSS

2024-05-14 02:56 PM
cvelist
cvelist

CVE-2024-1598 Potential buffer overflow when handling UEFI variables

Potential buffer overflow in unsafe UEFI variable handling in Phoenix SecureCore™ for Intel Gemini Lake.This issue affects: SecureCore™ for Intel Gemini Lake: from 4.1.0.1 before...

7.5CVSS

8AI Score

0.0004EPSS

2024-05-14 02:56 PM
vulnrichment
vulnrichment

CVE-2024-0762 Potential buffer overflow when handling UEFI variables

Potential buffer overflow in unsafe UEFI variable handling in Phoenix SecureCore™ for select Intel platforms This issue affects: Phoenix SecureCore™ for Intel Kaby Lake: from 4.0.1.1 before 4.0.1.998; Phoenix SecureCore™ for Intel Coffee Lake: from 4.1.0.1 before 4.1.0.562; Phoenix ...

7.5CVSS

7.5AI Score

0.0004EPSS

2024-05-14 02:56 PM
cvelist
cvelist

CVE-2024-0762 Potential buffer overflow when handling UEFI variables

Potential buffer overflow in unsafe UEFI variable handling in Phoenix SecureCore™ for select Intel platforms This issue affects: Phoenix SecureCore™ for Intel Kaby Lake: from 4.0.1.1 before 4.0.1.998; Phoenix SecureCore™ for Intel Coffee Lake: from 4.1.0.1 before 4.1.0.562; Phoenix ...

7.5CVSS

8AI Score

0.0004EPSS

2024-05-14 02:56 PM
hp
hp

Intel Arc™ & Iris® Xe Graphics Software May 2024 Security Update

Intel has informed HP of a potential security vulnerability in some Intel® Arc™ & Iris® Xe Graphics software which may allow escalation of privilege. Intel is releasing updates to mitigate the potential vulnerability. Intel has released updates to mitigate the potential vulnerability. HP has...

7.8CVSS

7.4AI Score

0.0004EPSS

2024-05-14 12:00 AM
7
mssecure
mssecure

Microsoft is again named a Leader in the 2024 Gartner® Magic Quadrant™ for Security Information and Event Management​​

We are pleased to announce that Microsoft has been recognized as a Leader in the Gartner® Magic Quadrant™ for Security Information and Event Management (SIEM).1 We believe our position in the Leaders quadrant validates our vision and continued investments in Microsoft Sentinel making it a...

7AI Score

2024-05-13 04:00 PM
5
ibm
ibm

Security Bulletin: A vulnerability exists in IBM® SDK, Java™ Technology Edition affect IBM Tivoli Network Configuration Manager.

Summary Java on z/OS properties files not read correctly under certain locales / codepages vulnerability exists in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Network Configuration Manager IP Edition v6.4.2 Vulnerability Details ** IBM X-Force ID: PSIRT-ADV0103951 ...

6.2AI Score

2024-05-13 03:07 PM
8
rapid7blog
rapid7blog

Rapid7 Recognized in the 2024 Gartner® Magic Quadrant™ for SIEM

Command Your Attack Surface with a next-gen SIEM built for the Cloud First Era Rapid7 is excited to share that we are named a Challenger for InsightIDR in the 2024 Gartner Magic Quadrant for SIEM. In a crowded and constantly changing space, this is our sixth time to be recognized in the report....

7.3AI Score

2024-05-13 03:06 PM
3
ibm
ibm

Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect IBM WebSphere Application Server and IBM WebSphere Application Server Liberty due to April 2024 CPU

Summary There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVE(s) listed in this document might affect some configurations of IBM WebSphere Application Server...

5.9CVSS

7.4AI Score

0.001EPSS

2024-05-13 02:27 PM
12
ibm
ibm

Security Bulletin: Multiple vulnerabilities exists in IBM® SDK, Java™ Technology Edition affect IBM Tivoli Network Configuration Manager.

Summary Multiple vulnerabilities exists in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Network Configuration Manager IP Edition v6.4.2. CVE-2024-20952, CVE-2024-20918, CVE-2024-20921, CVE-2024-20919, CVE-2024-20926, CVE-2024-20945, CVE-2023-33850 Vulnerability Details....

7.5CVSS

6.9AI Score

0.001EPSS

2024-05-13 11:52 AM
8
ibm
ibm

Security Bulletin: Multiple Vulnerabilities in IBM® Runtime Environment Java™ Technology Edition affects WebSphere eXtreme Scale

Summary There are multiple vulnerabilities in IBM Runtime Environment Java Version 8 used by WebSphere eXtreme Scale. Vulnerability Details ** CVEID: CVE-2024-20952 DESCRIPTION: **An unspecified vulnerability in Java SE related to the Security component could allow a remote attacker to cause...

7.5CVSS

7.3AI Score

0.001EPSS

2024-05-10 06:32 PM
5
ibm
ibm

Security Bulletin: Multiple vulnerabilities affect IBM® SDK, Java™ Technology Edition

Summary This bulletin for IBM SDK, Java Technology Edition covers all applicable Java SE CVEs published by Oracle as part of their April 2024 Critical Patch Update, plus CVE-2023-38264. For more information please refer to Oracle's April 2024 CPU Advisory and the X-Force database entries...

5.9CVSS

6.4AI Score

0.001EPSS

2024-05-09 07:33 PM
21
ibm
ibm

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Rational Business Developer

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology used by Rational Business Developer. Rational Business Developer has provided fixes for the applicable CVEs. These issues were disclosed as part of the IBM SDK, Java Technology Edition Quarterly CPU - Jan 2024 - Includes...

7.5CVSS

7.4AI Score

0.001EPSS

2024-05-08 07:24 PM
5
ibm
ibm

Security Bulletin: Vulnerability in IBM Java SDK and IBM Java Runtime affects Host On-Demand

Summary There is a vulnerability in IBM® SDK Java™ Technology Edition and IBM® Runtime Environment Java™ used by Host On-Demand. Host On-Demand has addressed the applicable CVE. This issue was disclosed as part of the IBM Semeru Runtime Quarterly CPU - Oct 2023 - Includes OpenJDK October 2023 CPU.....

7.8CVSS

6.2AI Score

0.0004EPSS

2024-05-08 04:16 AM
6
gentoo
gentoo

Apache Commons BCEL: Remote Code Execution

Background The Byte Code Engineering Library (Apache Commons BCEL™) is intended to give users a convenient way to analyze, create, and manipulate (binary) Java class files (those ending with .class). Description A vulnerability has been discovered in U-Boot tools. Please review the CVE identifier.....

9.8CVSS

7.4AI Score

0.023EPSS

2024-05-05 12:00 AM
6
mssecure
mssecure

Security above all else—expanding Microsoft’s Secure Future Initiative

Last November, we launched the Secure Future Initiative (SFI) to prepare for the increasing scale and high stakes of cyberattacks. SFI brings together every part of Microsoft to advance cybersecurity protection across our company and products. Since then, the threat landscape has continued to...

7.8AI Score

2024-05-03 02:55 PM
4
ibm
ibm

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affecting Tivoli Netcool/OMNIbus.

Summary Multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 8 that is used by Tivoli Netcool/OMNIbus running on Solaris. Vulnerability Details ** CVEID: CVE-2022-40609 DESCRIPTION: **IBM SDK, Java Technology Edition 7.1.5.18 and 8.0.8.0 could allow a remote...

9.8CVSS

8.8AI Score

0.003EPSS

2024-05-02 02:18 PM
8
ibm
ibm

Security Bulletin: Vulnerability in IBM Java SDK and IBM Java Runtime affects Host On-Demand

Summary There is a vulnerability in IBM® SDK Java™ Technology Edition and IBM® Runtime Environment Java™ used by Host On-Demand. Host On-Demand has addressed the applicable CVE. This issue was disclosed as part of the IBM Java SDK and Runtime Environment updates in the Oracle October 2023 Critical....

5.9CVSS

5.6AI Score

0.0004EPSS

2024-05-02 02:13 PM
10
ibm
ibm

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Business Developer

Summary There are multiple vulnerabilities in IBM® SDK Java™ used by Rational Business Developer. Rational Business Developer has provided fixes for the applicable CVEs. These issues were disclosed as part of the IBM Java SDK and Runtime Environment updates in the Oracle April 2023 Critical Patch.....

9.1CVSS

6.7AI Score

0.001EPSS

2024-05-02 06:54 AM
6
ibm
ibm

Security Bulletin: Multiple Vulnerabilities in IBM Java Runtime affecting Tivoli Netcool/OMNIbus

Summary Vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 8 that is used by Tivoli Netcool/OMNIbus have been addressed. Vulnerability Details ** CVEID: CVE-2023-22049 DESCRIPTION: **An unspecified vulnerability in Java SE related to the Libraries component could allow...

7.5CVSS

7.4AI Score

0.001EPSS

2024-05-01 06:20 PM
6
nvidia
nvidia

Security Bulletin: NVIDIA ChatRTX - May 2024

NVIDIA has released a software update for NVIDIA® ChatRTX. To protect your system, download and install this software update from the ChatRTX Download page. Go to NVIDIA Product Security. Details This section provides a summary of potential vulnerabilities that this security update addresses and...

7.5CVSS

7AI Score

0.0004EPSS

2024-05-01 12:00 AM
10
nvidia
nvidia

Security Bulletin: Triton Inference Server - April 2024

NVIDIA has released a software update for NVIDIA Triton Inference Server to address the issue disclosed in this bulletin. To protect your system, install the latest release from the Triton Inference Server Releases page on GitHub, and view the Secure Deployment Considerations Guide. Go to NVIDIA...

9CVSS

7.8AI Score

0.0004EPSS

2024-05-01 12:00 AM
14
ibm
ibm

Security Bulletin: A vulnerability in IBM Java affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

Summary A vulnerability in IBM® Runtime Environment Java™ Technology Edition affects the product's management GUI. The Command Line Interface is unaffected. Vulnerability Details ** CVEID: CVE-2023-30441 DESCRIPTION: **IBM Runtime Environment, Java Technology Edition IBMJCEPlus and JSSE 8.0.7.0...

7.5CVSS

5.8AI Score

0.002EPSS

2024-04-30 04:44 PM
27
wallarmlab
wallarmlab

Introducing the Wallarm Q1 2024 API ThreatStats™ Report

As we have in previous editions of the ThreatStats report, we highlight the industry’s top API-related attacks and trends. New to this version, however, is a detailed analysis of API attacks targeting AI-based applications, representing a new and rapidly expanding threat vector. And while we...

7.5AI Score

2024-04-30 03:02 PM
9
Total number of security vulnerabilities7896