Lucene search
K

53 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.23 views

Security Bulletin: IBM Asset Data Dictionary Component uses zipp-3.15.0-py3-none-any.whl and urllib3-2.0.7-py3-none-any.whl which is vulnerable to CVE-2024-5569 and CVE-2024-37891

Summary IBM Asset Data Dictionary Component uses zipp-3.15.0-py3-none-any.whl and urllib3-2.0.7-py3-none-any.whl which is vulnerable to CVE-2024-5569 and CVE-2024-37891. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-5569...

6.5CVSS7AI score0.01141EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.28 views

Security Bulletin: IBM Asset Data Dictionary uses jline-3.9.0.jar and zookeeper-3.9.2.jar which is vulnerable to CVE-2023-50572 and CVE-2024-51504

Summary IBM Asset Data Dictionary uses jline-3.9.0.jar and zookeeper-3.9.2.jar which is vulnerable to CVE-2023-50572 and CVE-2024-51504. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2023-50572 DESCRIPTION: JLine is vulnerable to a...

9.1CVSS7.2AI score0.00924EPSS
Exploits1Affected Software1
OSV
OSV
added 2024/11/13 4:15 p.m.2 views

CVE-2024-7295

In Progress® Telerik® Report Server versions prior to 2024 Q4 10.3.24.1112, the encryption of local asset data used an older algorithm which may allow a sophisticated actor to decrypt this information...

6.2CVSS5.8AI score0.00106EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/13 3:22 p.m.13 views

CVE-2024-7295 Hard-coded credentials used for temporary and cache data encryption

In Progress® Telerik® Report Server versions prior to 2024 Q4 10.3.24.1112, the encryption of local asset data used an older algorithm which may allow a sophisticated actor to decrypt this information...

7.1CVSS6.6AI score0.00106EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/11/13 12:0 a.m.5 views

PT-2024-38244 · Telerik · Telerik Report Server

Name of the Vulnerable Software and Affected Versions: In Progress Telerik Report Server versions prior to 2024 Q4 10.3.24.1112 Description: The encryption of local asset data used an older algorithm which may allow a sophisticated actor to decrypt this information. Recommendations: For versions...

7.1CVSS7.1AI score0.00106EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/11/13 12:0 a.m.4 views

Progress Telerik Report Server 信任管理问题漏洞

Progress Telerik Report Server is an enterprise-class report management and distribution solution from Progress, Inc. A trust management issue vulnerability exists in versions of Progress Telerik Report Server prior to 2024 Q4, which stems from an older algorithm used to encrypt local asset data,...

7.1CVSS6.4AI score0.00106EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2024/11/12 10:9 a.m.38 views

Security Bulletin: IBM Maximo Application Suite, IBM Truststore Manager and IBM Asset Data Dictionary Component uses third party libraries which is vulnerable to multiple CVEs

Summary IBM Maximo Application Suite, IBM Truststore Manager and IBM Asset Data Dictionary Component uses FlaskCors-4.0.1-py2.py3-none-any.whl, requests-2.31.0-py3-none-any.whl, express-4.19.2.tgz, commons-compress-1.22.jar, commons-io-2.11.0.jar, urllib3-1.26.18-py2.py3-none-any.whl,...

8.1CVSS7.9AI score0.01241EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/10/21 2:34 p.m.17 views

Security Bulletin: IBM Asset Data Dictionary Component uses grpc-protobuf-1.50.2.jar and jettison-1.5.2.jar which is vulnerable to CVE-2023-32731 and CVE-2023-1436

Summary IBM Asset Data Dictionary Component uses grpc-protobuf-1.50.2.jar and jettison-1.5.2.jar which is vulnerable to CVE-2023-32731 and CVE-2023-1436. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2023-32731 DESCRIPTION: gRPC...

7.5CVSS7AI score0.01009EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/19 3:48 p.m.20 views

Security Bulletin:IBM Asset Data Dictionary Component uses aircompressor-0.21.jar which is vulnerable to CVE-2024-36114

Summary IBM Asset Data Dictionary Component uses aircompressor-0.21.jar which is vulnerable to CVE-2024-36114. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-36114 DESCRIPTION: airlift aircompressor could allow a local attacker...

8.6CVSS8.1AI score0.00504EPSS
Exploits0Affected Software1
Qualys Blog
Qualys Blog
added 2024/08/09 7:44 p.m.17 views

Subscription Health Dashboard Update: Optimize Deployments and Identify Issues

For VM teams navigating the complex realm of cybersecurity tools, ensuring deployment health is paramount. Swift methods are required to pinpoint issues amidst complexity. Challenges such as duplicate entries, ghost hosts, and decommissioned devices can obstruct these views, hindering data...

7.4AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2024/07/15 7:28 a.m.26 views

Security Bulletin: IBM Asset Data Dictionary Component uses netty-codec-http-4.1.100.Final.jar which is vulnerable to CVE-2024-29025

Summary IBM Asset Data Dictionary Component uses netty-codec-http-4.1.100.Final.jar which is vulnerable to CVE-2024-29025. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-29025 DESCRIPTION: Netty is vulnerable to a denial of...

5.3CVSS5.6AI score0.0138EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/07 6:47 a.m.35 views

Security Bulletin: IBM Asset Data Dictionary Component uses jose4j-0.9.3.jar which is vulnerable to CVE-2023-51775.

Summary IBM Asset Data Dictionary Component uses jose4j-0.9.3.jar which is vulnerable to CVE-2023-51775. This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2023-51775 DESCRIPTION: jose4j is vulnerable to a denial of service, caused ...

6.5CVSS6.6AI score0.00879EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/07 6:44 a.m.33 views

Security Bulletin: IBM Asset Data Dictionary Component uses zookeeper-3.5.9.jar and snappy-java-1.1.8.3.jar which are vulnerable to CVE-2023-44981,CVE-2023-34453, CVE-2023-34455 , CVE-2023-34454 and CVE-2023-43642

Summary IBM Asset Data Dictionary Component uses zookeeper-3.5.9.jar and snappy-java-1.1.8.3.jar which are vulnerable to CVE-2023-44981,CVE-2023-34453, CVE-2023-34455, CVE-2023-34454 and CVE-2023-43642. This bulletin contains information regarding the vulnerability and its remediation...

9.1CVSS7.6AI score0.01762EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/07 6:44 a.m.30 views

Security Bulletin: IBM Asset Data Dictionary Component uses zookeeper-3.5.9.jar and snappy-java-1.1.8.3.jar which are vulnerable to CVE-2023-44981,CVE-2023-34453, CVE-2023-34455 , CVE-2023-34454 and CVE-2023-43642

Summary IBM Asset Data Dictionary Component uses zookeeper-3.5.9.jar and snappy-java-1.1.8.3.jar which are vulnerable to CVE-2023-44981,CVE-2023-34453, CVE-2023-34455, CVE-2023-34454 and CVE-2023-43642. This bulletin contains information regarding the vulnerability and its remediation...

9.1CVSS7.6AI score0.01762EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/05/15 11:57 a.m.27 views

Security Bulletin: IBM Asset Data Dictionary Component uses urllib3 which is vulnerable to CVE-2023-43804

Summary IBM Asset Data Dictionary Component uses urllib3 which is vulnerable to CVE-2023-43804. This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2023-43804 DESCRIPTION: urllib3 could allow a remote authenticated attacker to obtain...

8.1CVSS6.8AI score0.01207EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/05/02 11:0 a.m.30 views

Security Bulletin:IBM Asset Data Dictionary Component uses vertx-core-4.5.0.jar which is vulnerable to CVE-2024-1023 and CVE-2024-1300.

Summary IBM Asset Data Dictionary Component uses vertx-core-4.5.0.jar which is vulnerable to CVE-2024-1023 and CVE-2024-1300. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-1023 DESCRIPTION: Eclipse Vert.x is vulnerable to a...

6.5CVSS6AI score0.01639EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/04/02 5:16 p.m.36 views

Security Bulletin: IBM Maximo Application Suite uses ion-java-1.2.0.jar which is vulnerable to CVE-2024-21634.

Summary IBM Maximo Application Suite uses ion-java-1.2.0.jar which is vulnerable to CVE-2024-21634. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-21634 DESCRIPTION: Amazon Ion is vulnerable to a denial of service, caused by a...

7.5CVSS7.5AI score0.0082EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/03/20 11:24 a.m.37 views

Security Bulletin: IBM Maximo Application Suite uses urllib3-2.0.3-py3-none-any.whl which is vulnerable to CVE-2023-45803

Summary BM Maximo Application Suite uses urllib3-2.0.3-py3-none-any.whl which is vulnerable to CVE-2023-45803. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2023-45803 DESCRIPTION: urllib3 could allow a remote authenticated attacke...

4.2CVSS6.1AI score0.00544EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/03/12 9:30 a.m.18 views

Security Bulletin: IBM Maximo Application Suite uses certifi-2023.5.7-py3-none-any.whl which is vulnerable to CVE-2023-37920

Summary IBM Maximo Application Suite uses certifi-2023.5.7-py3-none-any.whl which is vulnerable to CVE-2023-37920. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2023-37920 DESCRIPTION: An unspecified error with the removal of e-Tug...

9.8CVSS8.4AI score0.00468EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/29 1:40 p.m.43 views

Security Bulletin: There is a vulnerability in Asset Data Dictionary used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2023-34462 and CVE-2023-44487)

Summary There is a vulnerability in Asset Data Dictionary used by IBM Maximo Manage application in IBM Maximo Application Suite Vulnerability Details CVEID:CVE-2023-34462 DESCRIPTION: Netty is vulnerable to a denial of service, caused by a flaw with allocating up to 16MB of heap for each channel...

7.5CVSS7.9AI score0.99999EPSS
Exploits20Affected Software1
Rows per page
Query Builder