6 matches found
CVE-2025-36335 Vulnerabilities found
IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.3.0, 5.3.1 stores user credentials in plain text which can be read by a local user...
CVE-2025-36066
IBM Sterling Connect:Express Adapter for Sterling B2B Integrator 5.2.0 5.2.0.00 through 5.2.0.12 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leadi...
Security Bulletin: Due to use of Connect2id Nimbus JOSE+JWT, IBM Watson Studio in Cloud Pak for Data is affected by denial of service
Summary Connect2id Nimbus JOSE+JWT is used by Watson Studio in Cloud Pak for Data. Vulnerability Details CVEID:CVE-2023-52428 DESCRIPTION: In Connect2id Nimbus JOSE+JWT before 9.37.2, an attacker can cause a denial of service resource consumption via a large JWE p2c header value aka iteration cou...
CVE-2025-54793
Astro is a web framework for content-driven websites. In versions 5.2.0 through 5.12.7, there is an Open Redirect vulnerability in the trailing slash redirection logic when handling paths with double slashes. This allows an attacker to redirect users to arbitrary external domains by crafting URLs...
org.apereo.cas:cas-management-webapp-configuration (>=5.3.1 <=5.3.3), org.apereo.cas:cas-management-webapp-support (>=5.2.0-RC2 <=5.3.3) +214 more potentially affected by CVE-2019-10754 via org.apereo.cas:cas-server-core-services-api (>=5.2.0-RC2 <=6.1.0-RC4)
org.apereo.cas:cas-server-core-services-api MAVEN version =5.2.0-RC2, =5.3.1, =5.2.0-RC2, =5.3.1, =6.1.0-RC2, =6.0.0-RC4, =6.0.0-RC4, =5.2.0, =6.0.0, =5.2.0, =5.2.0, =5.3.0, =5.3.0, =5.2.0, =5.2.0, =5.2.0, =6.1.0-RC4 and more Source cves: CVE-2019-10754 Source advisory: OSV:GHSA-G24W-373R-5PXG...
CVE-2016-8324
Vulnerability in the Oracle FLEXCUBE Core Banking component of Oracle Financial Services Applications subcomponent: Core. Supported versions that are affected are 5.1.0, 5.2.0 and 11.5.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...