Lucene search
+L

45 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-31748

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00143EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-31744

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00386EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-27444

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.0042EPSS
Exploits0References1
NVD
NVD
added 2023/07/18 7:15 p.m.27 views

CVE-2023-28021

The BigFix WebUI uses weak cipher suites...

7.5CVSS0.00252EPSS
Exploits0References1
Prion
Prion
added 2023/07/18 7:15 p.m.23 views

Code injection

The BigFix WebUI uses weak cipher suites...

5CVSS7.6AI score0.00252EPSS
Exploits0References1
CVE
CVE
added 2023/07/18 7:7 p.m.41 views

CVE-2023-28023

The CVE-2023-28023 issue affects the BigFix WebUI Software Distribution interface (versions prior to 44). A cross-site request forgery allows an attacker to access files on server-side systems (server machine and networked hosts). The PT Security advisory for BigFix WebUI recommends upgrading to ...

6.5CVSS5.4AI score0.00143EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/07/18 6:55 p.m.11 views

CVE-2023-28021 BigFix WebUI is vulnerable to use of a risky cryptographic algorithm

The BigFix WebUI uses weak cipher suites...

5.9CVSS7AI score0.00252EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/07/18 6:9 p.m.12 views

CVE-2023-28020 URL redirection affects BigFix WebUI

URL redirection in Login page in HCL BigFix WebUI allows malicious user to redirect the client browser to an external site via redirect URL response header...

4.7CVSS6.7AI score0.00318EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/07/18 5:57 p.m.12 views

CVE-2023-28019 An SQL injection affects BigFix WebUI API

Insufficient validation in Bigfix WebUI API App site version 14 allows an authenticated WebUI user to issue SQL queries via an unparameterized SQL query...

5.5CVSS7.1AI score0.00386EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/07/18 5:57 p.m.22 views

CVE-2023-28019 An SQL injection affects BigFix WebUI API

Insufficient validation in Bigfix WebUI API App site version 14 allows an authenticated WebUI user to issue SQL queries via an unparameterized SQL query...

5.5CVSS8.9AI score0.00386EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/07/18 12:0 a.m.12 views

PT-2023-21486 · Hcl · Hcl Bigfix Webui

Name of the Vulnerable Software and Affected Versions: HCL BigFix WebUI affected versions not specified Description: The issue allows a malicious user to redirect the client browser to an external site via a redirect URL response header in the login page. Recommendations: At the moment, there is ...

6.1CVSS6AI score0.00318EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/07/18 12:0 a.m.6 views

PT-2023-21487 · Ibm · Bigfix Webui

Name of the Vulnerable Software and Affected Versions: BigFix WebUI affected versions not specified Description: The issue concerns the use of weak cipher suites by the BigFix WebUI. Recommendations: At the moment, there is no information about a newer version that contains a fix for this...

7.5CVSS7.5AI score0.00252EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/07/18 12:0 a.m.7 views

PT-2023-21489 · Ibm · Bigfix Webui

Name of the Vulnerable Software and Affected Versions: BigFix WebUI Software Distribution interface site versions prior to 44 Description: A cross-site request forgery issue in the BigFix WebUI Software Distribution interface site allows an NMO attacker to access files on server-side systems,...

6.5CVSS6.4AI score0.00143EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/07/18 12:0 a.m.15 views

PT-2023-21484 · Ibm · Bigfix Webui Api App

Name of the Vulnerable Software and Affected Versions: Bigfix WebUI API App versions prior to 14 Description: The issue is related to insufficient validation, allowing an authenticated WebUI user to issue SQL queries via an unparameterized SQL query. Recommendations: For versions prior to 14,...

8.8CVSS8.6AI score0.00386EPSS
Exploits0References3
NVD
NVD
added 2023/06/23 6:15 a.m.20 views

CVE-2023-23344

A permission issue in BigFix WebUI Insights site version 14 allows an authenticated, unprivileged operator to access an administrator page...

6.5CVSS4.5AI score0.0042EPSS
Exploits0References1
Prion
Prion
added 2023/06/23 6:15 a.m.18 views

Code injection

A permission issue in BigFix WebUI Insights site version 14 allows an authenticated, unprivileged operator to access an administrator page...

4CVSS6.3AI score0.0042EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/06/23 5:2 a.m.13 views

CVE-2023-23344 HCL BigFix WebUI Insights is susceptible to a lack of sufficient authorization

A permission issue in BigFix WebUI Insights site version 14 allows an authenticated, unprivileged operator to access an administrator page...

3CVSS6.7AI score0.0042EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/06/23 12:0 a.m.7 views

PT-2023-18917 · Ibm · Bigfix Webui Insights

Name of the Vulnerable Software and Affected Versions: BigFix WebUI Insights site version 14 Description: A permission issue allows an authenticated, unprivileged operator to access an administrator page. Recommendations: For BigFix WebUI Insights site version 14, update to a version that fixes t...

6.5CVSS7.1AI score0.0042EPSS
Exploits0References6
OSV
OSV
added 2022/12/21 5:15 p.m.9 views

CVE-2022-38655

BigFix WebUI non-master operators are missing controls that prevent them from being able to modify the relevance of fixlets or to deploy fixlets from the BES Support external site...

5.8CVSS5.8AI score0.00384EPSS
Exploits0References1
Prion
Prion
added 2022/12/21 5:15 p.m.23 views

Xxe

BigFix WebUI non-master operators are missing controls that prevent them from being able to modify the relevance of fixlets or to deploy fixlets from the BES Support external site...

5CVSS5.7AI score0.00384EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder