BD Pyxis™ SupplyStation™ RF Auxiliary Security Vulnerabilities
7.1AI Score
7.1AI Score
7.1AI Score
Security Bulletin: Vulnerability in IBM Java SDK and IBM Java Runtime affects TPF Toolkit
Summary A vulnerability in IBM® SDK Java™ Technology Edition and IBM® Runtime Environment Java™ that is used by TPF Toolkit has been addressed. Vulnerability Details ** CVEID: CVE-2023-21967 DESCRIPTION: **An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related...
5.9CVSS
6.1AI Score
0.001EPSS
Security Bulletin: NVIDIA DGX A100 and DGX A800 - June 2023
NVIDIA has released a firmware security update for the NVIDIA DGX™ A100 system and the NVIDIA DGX A800 system. This update addresses issues that may lead to code execution, denial of service, data tampering, escalation of privileges, and information disclosure. To protect your system, download and....
9.8CVSS
8.3AI Score
0.003EPSS
How Talos IR’s Purple Team can help you prepare for the worst-case scenario
Purple Team exercises are included within the Cisco Talos Incident Response Retainer service and our experts can help your organization find security holes before the bad guys can. As your trusted advisor, our purple team, which is a combination of both red and blue teams, emulates one joint...
7.1AI Score
Summary IBM® Runtime Environment Java™ is used by CICS Transaction Gateway for Multiplatforms and CICS Transaction Gateway Desktop Edition. The fix updates the Java Runtime Environment to resolve the following vulnerabilities. Vulnerability Details ** CVEID: CVE-2022-21426 DESCRIPTION: **An...
9.1CVSS
8AI Score
0.002EPSS
Summary IBM OpenPages with Watson has addressed sensitive information exposure vulnerability caused by CVE-2023-30441. There is a vulnerability in the IBM® SDK, Java™ Technology Edition that is shipped with IBM OpenPages with Watson. The CVE(s) listed in this document might affect some...
7.5CVSS
6.2AI Score
0.002EPSS
Security Bulletin: NVIDIA CUDA Toolkit - June 2023
NVIDIA has released a software update for NVIDIA® CUDA® Toolkit software. This update addresses security issues that may lead to partial denial of service. To protect your system, download and install this software update from the CUDA Toolkit Downloads page. Go to NVIDIA Product Security. Details....
3.3CVSS
6.3AI Score
0.0004EPSS
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 6, 8 and IBM® Runtime Environment Java™ Technology Edition, Versions 6, 8 used by IBM Tivoli Netcool Configuration Manager. These issues were disclosed as part of the IBM Java SDK updates in October 2018. ...
5.6CVSS
0.8AI Score
0.003EPSS
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 6, 8 and IBM® Runtime Environment Java™ Technology Edition, Versions 6, 8 used by IBM Tivoli Netcool Configuration Manager. These issues were disclosed as part of the IBM Java SDK updates in July 2018. ...
4.3CVSS
0.7AI Score
0.003EPSS
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 6, 8 and IBM® Runtime Environment Java™ Technology Edition, Versions 6, 8 used by IBM Tivoli Netcool Configuration Manager. These issues were disclosed as part of the IBM Java SDK updates in April 2018. ...
7.4CVSS
1.3AI Score
0.003EPSS
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 6, 7, 8 and IBM® Runtime Environment Java™ Technology Edition, Versions 6, 7, 8 used by IBM Tivoli Netcool Configuration Manager. These issues were disclosed as part of the IBM Java SDK updates in January...
8.3CVSS
1.3AI Score
0.004EPSS
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 6, 7, 8 and IBM® Runtime Environment Java™ Technology Edition, Versions 6, 7, 8 used by IBM Tivoli Netcool Configuration Manager. These issues were disclosed as part of the IBM Java SDK updates in October...
6.2CVSS
0.7AI Score
0.001EPSS
Alert: New Electromagnetic Attacks on Drones Could Let Attackers Take Control
Drones that don't have any known security weaknesses could be the target of electromagnetic fault injection (EMFI) attacks, potentially enabling a threat actor to achieve arbitrary code execution and compromise their functionality and safety. The research comes from IOActive, which found that it...
7.8AI Score
CryptosLabs Scam Ring Targets French-Speaking Investors, Rakes in €480 Million
Cybersecurity researchers have exposed the workings of a scam ring called CryptosLabs that's estimated to have made €480 million in illegal profits by targeting users in French-speaking individuals in France, Belgium, and Luxembourg since April 2018. The syndicate's massive fake investment schemes....
6.6AI Score
Summary CVE-2022-21426 may affect IBM® SDK, Java™ Technology Edition shipped with IBM CICS TX Standard. IBM CICS TX Standard has addressed the applicable CVE. Vulnerability Details ** CVEID: CVE-2022-21426 DESCRIPTION: **An unspecified vulnerability in Java SE related to the JAXP component could...
5.3CVSS
7.9AI Score
0.001EPSS
Summary CVE-2022-21426 may affect IBM® SDK, Java™ Technology Edition shipped with IBM CICS TX Advanced. IBM CICS TX Advanced has addressed the applicable CVE. Vulnerability Details ** CVEID: CVE-2022-21426 DESCRIPTION: **An unspecified vulnerability in Java SE related to the JAXP component could...
5.3CVSS
6AI Score
0.001EPSS
Summary CVE-2023-21830 and CVE-2023-21843 may affect IBM® SDK, Java™ Technology Edition shipped with IBM CICS TX Standard. IBM CICS TX Standard has addressed the applicable CVEs. Vulnerability Details ** CVEID: CVE-2023-21830 DESCRIPTION: **An unspecified vulnerability in Java SE related to the...
5.3CVSS
4.8AI Score
0.001EPSS
Summary CVE-2023-21830 and CVE-2023-21843 may affect IBM® SDK, Java™ Technology Edition shipped with IBM CICS TX Advanced. IBM CICS TX Advanced has addressed the applicable CVEs. Vulnerability Details ** CVEID: CVE-2023-21830 DESCRIPTION: **An unspecified vulnerability in Java SE related to the...
5.3CVSS
4.8AI Score
0.001EPSS
Summary IBM® SDK Java™ Technology Edition is shipped as a component of IBM Tivoli Business Service Manager. IBM Tivoli Business Service Manager has addressed the applicable issues: CVE-2023-21830, CVE-2023-21843. Vulnerability Details ** CVEID: CVE-2023-21830 DESCRIPTION: **An unspecified...
5.3CVSS
4.9AI Score
0.001EPSS
Summary IBM® SDK Java™ Technology Edition is shipped as a component of IBM Tivoli Netcool Impact. IBM Tivoli Netcool Impact has addressed the applicable issues: CVE-2023-21830, CVE-2023-21843. Vulnerability Details ** CVEID: CVE-2023-21830 DESCRIPTION: **An unspecified vulnerability in Java SE...
5.3CVSS
4.9AI Score
0.001EPSS
Summary IBM® SDK Java™ Technology Edition is shipped as a component of IBM Tivoli Business Service Manager. IBM Tivoli Business Service Manager has addressed the applicable issue, CVE-2022-21426. Vulnerability Details ** CVEID: CVE-2022-21426 DESCRIPTION: **An unspecified vulnerability in Java SE.....
5.3CVSS
6AI Score
0.001EPSS
Summary IBM® SDK Java™ Technology Edition is shipped as a component of IBM Tivoli Netcool Impact. IBM Tivoli Netcool Impact has addressed the applicable issue, CVE-2022-21426. Vulnerability Details ** CVEID: CVE-2022-21426 DESCRIPTION: **An unspecified vulnerability in Java SE related to the JAXP.....
5.3CVSS
4.9AI Score
0.001EPSS
Summary There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVE(s) listed in this document might affect some configurations of IBM WebSphere Application Server...
6.8AI Score
Summary Vulnerabilities (CVE-2023-21830, CVE-2023-21843) exists in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Network Configuration Manager IP Edition v6.4.2. Vulnerability Details Refer to the security bulletin(s) listed in the Remediation/Fixes section Affected...
5.3CVSS
6.3AI Score
0.001EPSS
Summary A vulnerability exists in IBM® SDK Java™ Technology Edition, Version 8.0.7.20 and earlier, which is used by IBM Tivoli Network Configuration Manager IP Edition v6.4.2. Vulnerability Details Refer to the security bulletin(s) listed in the Remediation/Fixes section Affected Products and...
5.3CVSS
6.3AI Score
0.001EPSS
Security Bulletin: NVIDIA GPU Display Driver - June 2023
NVIDIA has released a software security update for NVIDIA GPU Display Driver. This update addresses issues that may lead to code execution, denial of service, escalation of privileges, data tampering, or information disclosure. To protect your system, download and install this software update...
8.8CVSS
8.5AI Score
0.001EPSS
Shandong Zhongchuang Software Commercial Middleware Co., Ltd. is a company whose business scope includes sales and maintenance services of computers, software and auxiliary equipment, electronic equipment, computer network equipment, etc. A file upload vulnerability exists in the inforsuiteAS...
7.2AI Score
I like to MOVEit, MOVEit, We like to MOVEit! Party hard just like it's Mardi Gras! bwatters-r7 delivered the dance moves this week with a masterful performance. The windows/http/moveit_cve_2023_34362 module is available for all your party needs, taking advantage of CVE-2023-34362, this module...
9.8CVSS
8.2AI Score
0.969EPSS
NVIDIA has released a software update for NVIDIA® Jetson AGX Xavier™ series, Jetson Xavier™ NX, Jetson TX1, Jetson TX2 series (including Jetson TX2 NX), and Jetson Nano™ devices (including Jetson Nano 2GB) in the NVIDIA JetPack™ software development kit (SDK). The update addresses security issues.....
7.1CVSS
6.9AI Score
0.001EPSS
Summary There was a vulnerability in IBM® SDK Java™ Technology Edition, Version 8 and IBM® Runtime Environment Java™ Version 8 used by Rational Business Developer. Rational Business Developer has addressed the applicable CVE. This issue was disclosed as part of the IBM Java XML vulnerability...
5.3CVSS
5.9AI Score
0.001EPSS
Summary There was a vulnerability in IBM® SDK Java™ Technology Edition, Version 8 and IBM® Runtime Environment Java™ Version 8 used by Rational Business Developer. Rational Business Developer has addressed the applicable CVE. This issue was disclosed as part of the Java Technology Edition...
5.3CVSS
6AI Score
0.001EPSS
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 that are used by Maximo Asset Management, Maximo Industry Solutions (including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas and Maximo for Utilities).....
6.6AI Score
Summary IBM WebSphere Application Server is shipped as a component of IBM WebSphere Application Server Patterns. There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server. These issues were disclosed in the IBM® Java SDK...
10AI Score
Security Bulletin: Multiple vulnerabilities may affect IBM® SDK, Java™ Technology Edition
Summary This bulletin covers all applicable Java SE CVEs published by Oracle as part of their April 2023 Critical Patch Update, plus CVE-2023-2597. For more information please refer to Oracle's April 2023 CPU Advisory and the X-Force database entries referenced below. Vulnerability Details **...
9.1CVSS
7.7AI Score
0.002EPSS
Introducing AI-guided Remediation for IaC Security / KICS
While the use of Infrastructure as Code (IaC) has gained significant popularity as organizations embrace cloud computing and DevOps practices, the speed and flexibility that IaC provides can also introduce the potential for misconfigurations and security vulnerabilities. IaC allows organizations...
7AI Score
7.1AI Score
This module mocks an LDAP service to capture authentication information of a client trying to authenticate against an LDAP...
7.2AI Score
Metasploit T-Shirt Design Contest In honor of Metasploit's 20th anniversary, Rapid7 is launching special edition t-shirts - and we're inviting members of our community to have a hand in its creation. The contest winner will have their design featured on the shirts, which will then be available to.....
9.8CVSS
9.6AI Score
0.973EPSS
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 1.8 and IBM® Runtime Environment Java™ Version 1.8 used by Rational Service Tester. Rational Service Tester has addressed the applicable CVEs. Vulnerability Details ** CVEID: CVE-2022-21628 DESCRIPTION:...
5.3CVSS
6.6AI Score
0.002EPSS
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 1.8 and IBM® Runtime Environment Java™ Version 1.8 used by Rational Performance Tester. Rational Performance Tester has addressed the applicable CVEs. Vulnerability Details ** CVEID: CVE-2022-21628 ...
5.3CVSS
6.6AI Score
0.002EPSS
Your New AI Assistant: Trend Vision One™ – Companion
Discover how Companion can help upgrade SOC efficiency and elevate your team to reach their full...
7AI Score
Meet Your New AI Assistant: Introducing Trend Vision One™ – Companion
Discover how Companion can help upgrade SOC efficiency and elevate your team to reach their full...
7AI Score
A CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exists that could cause execution of malicious code when an unsuspicious user loads a project file from the local filesystem into the...
7.8CVSS
7.7AI Score
0.0004EPSS
Unbreakable Enterprise kernel security update
[5.15.0-102.110.5] - RISC-V: Fix up a cherry-pick warning in setup_vm_final() (Alexandre Ghiti) - Revert 'Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work' (Liu Jian) - riscv: mm: remove redundant parameter of create_fdt_early_page_table (Song Shuai) - kernfs:...
7.8CVSS
8.5AI Score
0.0004EPSS
Forrester names Microsoft a Leader in the 2023 Enterprise Email Security Wave
In today’s rapidly evolving connected workplace, where hybrid and remote work are increasingly the norm, workplace productivity and communications tools like email and chat applications are more important than ever. However, cyberthreats continue to evolve with increasing capabilities and...
6.6AI Score
Forrester names Microsoft a Leader in the 2023 Enterprise Email Security Wave
In today’s rapidly evolving connected workplace, where hybrid and remote work are increasingly the norm, workplace productivity and communications tools like email and chat applications are more important than ever. However, cyberthreats continue to evolve with increasing capabilities and...
6.6AI Score
Cisco IOS HTTP Configuration - Authentication Bypass
HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute arbitrary commands, when local authorization is being used, by specifying a high access level in the...
6.8AI Score
0.877EPSS
MOVEit It has been a busy few weeks in the security space; the MOVEit vulnerability filling our news feeds with dancing lemurs and a Barracuda vulnerability that has us all wondering how many shredders out there can handle a 1U appliance. Despite those very worthwhile distractions, Metasploit has.....
9.8CVSS
8.1AI Score
0.97EPSS