Lucene search
K

488 matches found

Cvelist
Cvelist
added 2026/02/03 10:12 p.m.26 views

CVE-2025-36033 IBM Engineering Lifecycle Management - Global Configuration Management is vulnerable to cross-site scripting

IBM Engineering Lifecycle Management - Global Configuration Management 7.0.3 through 7.0.3 Interim Fix 017, and 7.1.0 through 7.1.0 Interim Fix 004 IBM Global Configuration Management is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary...

5.4CVSS0.00136EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/03 12:0 a.m.6 views

IBM Engineering Lifecycle Management - Global Configuration Management 跨站脚本漏洞

IBM Engineering Lifecycle Management - Global Configuration Management is a configuration management software provided by IBM Corporation. Versions 7.0.3 to 7.0.3 Interim Fix 017 and 7.1.0 to 7.1.0 Interim Fix 004 of IBM Engineering Lifecycle Management - Global Configuration Management contain...

5.4CVSS5.8AI score0.00136EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/27 6:59 a.m.7 views

Security Bulletin: IBM Engineering Lifecycle Management - Global Configuration Management is vulnerable to cross-site scripting

Summary Cross-site scripting vulnerability has been identified in IBM Engineering Lifecycle Management - Global Configuration Management. Vulnerability Details CVEID:CVE-2025-36033 DESCRIPTION: IBM Global Configuration Management is vulnerable to cross-site scripting. This vulnerability allows an...

5.4CVSS5.5AI score0.00136EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/27 6:51 a.m.9 views

Security Bulletin: IBM Engineering Lifecycle Management - Jazz Foundation is impacted by vulnerabilities in FasterXML jackson-databind

Summary Vulnerabilities have been identified in FasterXML jackson-databind, which is used in IBM Engineering Lifecycle Management - Jazz Foundation. Vulnerability Details CVEID:CVE-2022-42003 DESCRIPTION: In FasterXML jackson-databind before versions 2.13.4.1 and 2.12.17.1, resource exhaustion ca...

7.5CVSS7.3AI score0.17611EPSS
Exploits5Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/09 9:27 a.m.9 views

CVE-2023-45190

IBM Engineering Lifecycle Optimization 7.0.2 and 7.0.3 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or...

6.1CVSS6.3AI score0.00255EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:5 a.m.7 views

CVE-2024-41763

IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

7.5CVSS6.5AI score0.00195EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:4 a.m.8 views

CVE-2024-41768

IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 could allow a remote attacker to cause an unhandled SSL exception which could leave the connection in an unexpected or insecure state...

6.5CVSS6.7AI score0.00394EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:3 a.m.11 views

CVE-2024-39725

IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2 and 7.0.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system...

5.3CVSS6.1AI score0.00366EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:34 a.m.9 views

CVE-2024-41767

IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database...

7.3CVSS7.4AI score0.00303EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/29 10:23 p.m.8 views

Security Bulletin: IBM Engineering Lifecycle Management - Jazz Foundation is impacted by stored Cross-Site Scripting

Summary A vulnerability has been addressed by IBM Engineering Lifecycle Management - Jazz Foundation, related to stored Cross-Site Scripting. This bulletin contains information regarding vulnerabilities and remediation actions. Vulnerability Details CVEID:CVE-2025-1826 DESCRIPTION: IBM Engineerin...

5.4CVSS6AI score0.00166EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/15 7:23 a.m.7 views

Security Bulletin: The IBM® Engineering Lifecycle Management products using WebSphere Application Server could provide weaker than expected security due to crypto.js (CVE-2020-36732)

Summary A vulnerability in crypto.js library affects IBM WebSphere Application Server Liberty with the openidConnectServer-1.0 feature enabled. Following IBM® Engineering Lifecycle Management products are vulnerable to this attack, and addressed in this bulletin: Global Configuration Management,...

5.3CVSS6.8AI score0.01075EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/09 2:41 p.m.6 views

Security Bulletin: IBM Engineering Lifecycle Optimization - Publishing - Improper Access Control vulnerability in Apache Commons

Summary Apache Commons BeanUtils: PropertyUtilsBean Does Not Suppresses An Enum's DeclaredClass Property By Default. Following IBM® Engineering Lifecycle Management product is vulnerable to this attack, it has been addressed in this bulletin: IBM Engineering Lifecycle Optimization - Publishing...

8.8CVSS9.1AI score0.01495EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/08 11:16 a.m.4 views

Security Bulletin: IBM Engineering Lifecycle Optimization - Publishing - Uncontrolled Recursion vulnerability in Apache Commons Lang

Summary Apache Commons Lang, Apache Commons Lang: ClassUtils.getClass... Can Throw A StackOverflowError On Very Long Inputs. Following IBM® Engineering Lifecycle Management product is vulnerable to this attack, it has been addressed in this bulletin: IBM Engineering Lifecycle Optimization -...

5.3CVSS6.7AI score0.02164EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/07 7:57 a.m.10 views

Security Bulletin: IBM Engineering Lifecycle Management - Jazz Foundation is impacted by vulnerabilities in Apache Commons Compress

Summary Vulnerabilities have been identified in Apache Commons Compress, which is used in IBM Engineering Lifecycle Management - Jazz Foundation. Vulnerability Details CVEID:CVE-2024-25710 DESCRIPTION: Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in Apache Commons...

8.1CVSS9.2AI score0.00898EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-12186

Malware in sbrugna...

7.1CVSS7AI score0.01853EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-12489

Malware in sbrugna...

5.4CVSS5.5AI score0.00987EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-7410

Malware in sbrugna...

5.4CVSS5.6AI score0.00674EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2015-7398

Malware in sbrugna...

5.4CVSS5.6AI score0.00644EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-12508

Malware in sbrugna...

4.3CVSS4.8AI score0.0134EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-12425

Malware in sbrugna...

7.1CVSS7AI score0.01853EPSS
Exploits0References3
Rows per page
Query Builder