Lucene search
K

1827 matches found

ibm
ibm
added 2026/05/01 11:45 a.m.7 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses WebSphere Application Server Liberty is affected by a denial of service due to jose4j which is vulnerable to CVE-2024-29371.

Summary IBM Maximo Application Suite - Monitor Component uses WebSphere Application Server Liberty is affected by a denial of service due to jose4j which is vulnerable to CVE-2024-29371. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2024-29371...

7.5CVSS7.2AI score0.00244EPSS
Exploits1Affected Software1
ibm
ibm
added 2026/04/28 7:11 a.m.5 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses torch-2.8.0-cp310-none-macosx_11_0_arm64.whl which is vulnerable to CVE-2026-24747

Summary IBM Maximo Application Suite - Visual Inspection component uses torch-2.8.0-cp310-none-macosx110arm64.whl which is vulnerable to CVE-2026-24747, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-24747 DESCRIPTION:...

8.8CVSS5.8AI score0.00695EPSS
Exploits1Affected Software1
ibm
ibm
added 2026/04/16 1:8 p.m.9 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses c3p0-0.11.2.jar and mchange-commons-java-0.3.2.jar which are vulnerable to CVE-2026-27830 and CVE-2026-27727.

Summary IBM Maximo Application Suite - Monitor Component uses c3p0-0.11.2.jar and mchange-commons-java-0.3.2.jar which are vulnerable to CVE-2026-27830 and CVE-2026-27727. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-27727 DESCRIPTION:...

9.8CVSS6.1AI score0.00812EPSS
Exploits1Affected Software1
ibm
ibm
added 2026/04/06 10:57 a.m.11 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses python_multipart-0.0.21-py3-none-any.whl which is vulnerable to CVE-2026-24486

Summary IBM Maximo Application Suite - Visual Inspection component uses pythonmultipart-0.0.21-py3-none-any.whl which is vulnerable to CVE-2026-24486 This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-24486 DESCRIPTION:...

8.6CVSS6AI score0.02228EPSS
Exploits5Affected Software1
ibm
ibm
added 2026/04/06 10:16 a.m.6 views

Security Bulletin: There is a vulnerability in werkzeug-3.1.5-py3-none-any.whl used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2026-27199)

Summary There is a vulnerability in werkzeug-3.1.5-py3-none-any.whl used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2026-27199 DESCRIPTION: Werkzeug is a comprehensive WSGI web application library. Versions 3.1.5 and below, the safejoin...

6.3CVSS5.8AI score0.00556EPSS
Exploits1Affected Software1
ibm
ibm
added 2026/04/06 10:16 a.m.11 views

Security Bulletin: There is a vulnerability in pyasn1-0.6.2-py3-none-any.whl used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2026-30922)

Summary There is a vulnerability in pyasn1-0.6.2-py3-none-any.whl used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2026-30922 DESCRIPTION: pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.3, the pyasn1 library is vulnerable to a Deni...

7.5CVSS5.9AI score0.0058EPSS
Exploits1Affected Software1
ibm
ibm
added 2026/04/06 10:16 a.m.4 views

Security Bulletin: There is a vulnerability in log4j-core-2.17.1.jar used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2025-68161)

Summary There is a vulnerability in log4j-core-2.17.1.jar used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2025-68161 DESCRIPTION: The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname...

6.3CVSS5.9AI score0.00743EPSS
Exploits1Affected Software1
cve
cve
added 2026/04/01 8:54 p.m.16 views

CVE-2026-4820

CVE-2026-4820 affects IBM Maximo Application Suite 9.1, 9.0, 8.11, and 8.10, where authorization tokens or session cookies are not marked with the Secure attribute. This can allow an unauthenticated attacker to steal cookie values by directing users to an http link and monitoring traffic, enablin...

4.3CVSS5.8AI score0.00118EPSS
Exploits0References1Affected Software1
ibm
ibm
added 2026/04/01 7:22 a.m.10 views

Security Bulletin: IBM Maximo Application Suite - IoT Component uses multiple third party dependencies which is vulnerable to multiple CVEs.

Summary IBM Maximo Application Suite - IoT Component uses assertj-core-3.27.6.jar, minimatch-3.1.2.tgz, flask-3.1.2-py3-none-any.whl and werkzeug-3.1.5-py3-none-any.whl third party dependencies which is vulnerable to CVE-2026-24400, CVE-2026-26996, CVE-2026-27205 and CVE-2026-27199. This bulletin...

9.1CVSS5.8AI score0.00556EPSS
Exploits2Affected Software1
ibm
ibm
added 2026/03/30 3:17 p.m.8 views

Security Bulletin: IBM Maximo Application Suite - Manage Component uses ajv-6.12.6 in multiple applications which is vulnerable CVE-2025-69873

Summary IBM Maximo Application Suite - Manage Component uses ajv-6.12.6 in multiple applications which is vulnerable CVE-2025-69873 Vulnerability Details CVEID:CVE-2025-69873 DESCRIPTION: ajv Another JSON Schema Validator before 8.18.0 is vulnerable to Regular Expression Denial of Service ReDoS...

7.5CVSS6.1AI score0.00492EPSS
Exploits1Affected Software1
ibm
ibm
added 2026/03/30 1:2 p.m.6 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses npm-11.7.0.tgz which is vulnerable to CVE-2026-0775.

Summary IBM Maximo Application Suite - Visual Inspection component uses npm-11.7.0.tgz which is vulnerable to CVE-2026-0775, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-0775 DESCRIPTION: npm cli Incorrect Permission...

7CVSS6.2AI score0.00286EPSS
Exploits0Affected Software1
nvd
nvd
added 2026/03/25 10:16 p.m.6 views

CVE-2025-14684

IBM Maximo Application Suite - Monitor Component 9.1, 9.0, 8.11, and 8.10 could allow an unauthorized user to inject data into log messages due to improper neutralization of special elements when written to log files...

4CVSS0.00135EPSS
Exploits0References1
cve
cve
added 2026/03/25 9:22 p.m.9 views

CVE-2025-14684

CVE-2025-14684 affects IBM Maximo Application Suite - Monitor Component. Root cause: improper neutralization of special elements when written to log files, enabling log forgery. Affected versions: Monitor Component 8.10, 8.11, 9.0, 9.1. Remediation/fixes: update to Monitor Component versions 8.10...

4CVSS5.8AI score0.00135EPSS
Exploits0References1Affected Software1
ibm
ibm
added 2026/03/24 7:29 a.m.11 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses golang.org/x/crypto which is vulnerable to CVE-2025-47914, CVE-2025-58181

Summary IBM Maximo Application Suite - Visual Inspection component uses golang.org/x/crypto which is vulnerable to CVE-2025-47914, CVE-2025-58181 , This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2025-47914 DESCRIPTION: SSH Agent...

5.3CVSS6.7AI score0.00533EPSS
Exploits0Affected Software1
ibm
ibm
added 2026/03/24 7:5 a.m.6 views

Security Bulletin: IBM Maximo Application Suite - Predict Component was using vulnerable library pyasn1-0.6.1 which is vulnerable to CVE-2026-23490

Summary IBM Maximo Application Suite - Predict Component was using vulnerable library pyasn1-0.6.1-py3-none-any.whl which is vulnerable to CVE-2026-23490. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-23490 DESCRIPTION: pyasn1 is a generic...

7.5CVSS6.7AI score0.00679EPSS
Exploits0Affected Software1
ibm
ibm
added 2026/03/18 2:3 p.m.6 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses vertx-core-5.0.4.jar which is vulnerable to CVE-2026-1002.

Summary IBM Maximo Application Suite - Monitor Component uses vertx-core-5.0.4.jar which is vulnerable to CVE-2026-1002. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-1002 DESCRIPTION: The Vert.x Web static handler component cache can be...

6.9CVSS5.8AI score0.00343EPSS
Exploits1Affected Software1
ibm
ibm
added 2026/03/13 9:35 a.m.8 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection Component uses CodeMirror dependency which is vulnerable to CVE-2025-6493.

Summary IBM Maximo Application Suite - Visual Inspection Component uses CodeMirror dependency which is vulnerable to CVE-2025-6493. This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2025-6493 DESCRIPTION: A weakness has been...

6.9CVSS5.5AI score0.00451EPSS
Exploits0Affected Software1
ibm
ibm
added 2026/03/10 8:18 a.m.8 views

Security Bulletin: IBM Maximo Application Suite uses os/exec 1.24.3; 1.24.4, ansible-9.4.0, github.com/eclipse/paho.mqtt.golang v1.3.5 and archive/tar 1.24.2; 1.24.4 which is vulnerable to CVE-2025-47906,CVE-2025-14010,CVE-2025-10543 and CVE-2025-58183

Summary IBM Maximo Application Suite uses os/exec 1.24.3; 1.24.4, ansible-9.4.0, github.com/eclipse/paho.mqtt.golang v1.3.5 and archive/tar 1.24.2; 1.24.4 which is vulnerable to CVE-2025-47906,CVE-2025-14010,CVE-2025-10543 and CVE-2025-58183. This bulletin contains information regarding the...

6.5CVSS5.8AI score0.00489EPSS
Exploits1Affected Software1
ibm
ibm
added 2026/03/06 5:27 a.m.7 views

Security Bulletin: IBM Maximo Application Suite - Manage Component uses eslint-9.17.0 in map-application which is vulnerable to CVE-2025-50537

Summary IBM Maximo Application Suite - Manage Component uses eslint-9.17.0 in map-application which is vulnerable to CVE-2025-50537. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-50537 DESCRIPTION: Stack overflow vulnerability...

5.5CVSS5.9AI score0.00163EPSS
Exploits1Affected Software1
ibm
ibm
added 2026/03/03 4:33 p.m.6 views

Security Bulletin: IBM Maximo Application suite Visual Inspection Component uses werkzeug-3.1.4-py3-none-any.whl which is vulnerable to CVE-2026-21860.

Summary IBM Maximo Application suite Visual Inspection Component uses werkzeug-3.1.4-py3-none-any.whl which is vulnerable to CVE-2026-21860. This Bulletine contains information about vulnerability and it's remediation. Vulnerability Details CVEID:CVE-2026-21860 DESCRIPTION: Werkzeug is a...

6.3CVSS5.9AI score0.00424EPSS
Exploits0Affected Software1
Rows per page
Query Builder