Lucene search
K

15 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 2:22 a.m.49 views

Security Bulletin: IBM QRadar Wincollect is vulnerable to using components with known vulnerabilities

Summary IBM QRadar Wincollect is vulnerable to using components with known vulnerabilities. IBM has addressed the relevant vulnerabilities with updates. Vulnerability Details CVEID:CVE-2020-19909 DESCRIPTION: cURL libcurl is vulnerable to a denial of service, caused by an integer overflow in...

9.8CVSS9.6AI score0.78483EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/11/14 2:21 p.m.19 views

Security Bulletin: IBM QRadar Wincollect is vulnerable to using components with known vulnerabilities

Summary IBM QRadar Wincollect is vulnerable to using components with known vulnerabilities. IBM has addressed the relevant vulnerabilities Vulnerability Details CVEID:CVE-2024-8096 DESCRIPTION: cURL libcurl could allow a remote attacker to bypass security restrictions, caused by a flaw when using...

7.5CVSS6.8AI score0.0197EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/11 8:43 a.m.57 views

Security Bulletin: IBM QRadar Wincollect is vulnerable to using components with known vulnerabilities

Summary IBM QRadar Wincollect is vulnerable to using components with known vulnerabilities. IBM has addressed the relevant vulnerabilities in an update. Vulnerability Details CVEID:CVE-2024-6874 DESCRIPTION: cURL libcurl could allow a remote attacker to obtain sensitive information, caused by a...

9.1CVSS7.5AI score0.66594EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/07/09 5:3 p.m.67 views

Security Bulletin: IBM QRadar Wincollect is using components with known vulnerabilities

Summary IBM QRadar Wincollect is vulnerable to using components with known vulnerabilities. IBM has addressed the relevant vulnerabilities with updates. Vulnerability Details CVEID:CVE-2024-4067 DESCRIPTION: Node.js micromatch module is vulnerable to a denial of service, caused by a regular...

8.6CVSS8.8AI score0.54026EPSS
Exploits6Affected Software1
CNVD
CNVD
added 2024/03/05 12:0 a.m.21 views

IBM QRadar WinCollect Agent Resource Management Error Vulnerability

IBM QRadar WinCollect Agent is an agent program from International Business Machines IBM for collecting and sending Windows event logs. A resource management error vulnerability exists in IBM QRadar WinCollect Agent that stems from vulnerability to server-side request forgery attacks. No detailed...

4.4CVSS4.6AI score0.00169EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2023/11/29 12:0 a.m.4 views

The vulnerability of the IBM QRadar WinCollect Agent’s event forwarding mechanism, related to insufficient protection of operational data, allows attackers to gain unauthorized access to protected information.

The vulnerability of the event forwarding mechanism in IBM QRadar WinCollect Agent is related to insufficient protection for operational data. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

3.3CVSS5.6AI score0.00595EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2023/11/23 12:0 a.m.5 views

PT-2023-7274 · Ibm · Ibm Qradar Wincollect Agent

Name of the Vulnerable Software and Affected Versions: IBM QRadar WinCollect Agent versions 10.0 through 10.1.7 Description: The issue is related to a lack of proper output encoding or escaping in the IBM QRadar WinCollect Agent, which could allow an attacker to gain unauthorized access to...

7.8CVSS7.3AI score0.00217EPSS
Exploits0References6
IBM Security Bulletins
IBM Security Bulletins
added 2023/11/22 3:32 p.m.51 views

Security Bulletin: IBM QRadar Wincollect is vulnerable to using components with known vulnerabilities

Summary IBM QRadar Wincollect is vulnerable to using components with known vulnerabilities. IBM has addressed the relevant vulnerabilities Vulnerability Details CVEID:CVE-2022-25883 DESCRIPTION: Node.js semver package is vulnerable to a denial of service, caused by a regular expression denial of...

7.8CVSS7.5AI score0.62246EPSS
Exploits2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/09/12 12:0 a.m.5 views

The vulnerability of the event forwarding mechanism in IBM QRadar WinCollect Agent, related to access control deficiencies, allows attackers to increase their privileges.

The vulnerability of the event forwarding mechanism in IBM QRadar WinCollect Agent is related to deficiencies in access control. Exploiting this vulnerability can allow attackers operating remotely to enhance their privileges...

7.6CVSS7.2AI score0.00391EPSS
Exploits0References4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/24 5:54 p.m.89 views

Security Bulletin: IBM QRadar Wincollect is vulnerable to using components with known vulnerabilities

Summary IBM QRadar Wincollect is vulnerable to using components with known vulnerabilities. IBM has addressed the relevant vulnerabilities Vulnerability Details CVEID:CVE-2023-28319 DESCRIPTION: cURL libcurl could allow a remote attacker to obtain sensitive information, caused by a use-after-free...

7.5CVSS7.4AI score0.03658EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/08 9:14 p.m.70 views

Security Bulletin: cURL as used by IBM QRadar WinCollect Agent contains multiple vulnerabilities

Summary cURL as used by IBM QRadar WinCollect Agent contains multiple vulnerabilities. IBM has addressed the relevant vulnerabilities. Vulnerability Details CVEID:CVE-2023-27533 DESCRIPTION: cURL libcurl could allow a remote attacker to bypass security restrictions, caused by a TELNET option IAC...

8.8CVSS8.2AI score0.02195EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/10 2:27 p.m.194 views

Security Bulletin: IBM QRadar WinCollect agent has multiple vulnerabilities

Summary The product includes vulnerable components e.g., third party libraries that may be identified and exploited with automated tools. IBM QRadar WinCollect for IBM QRadar SIEM has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2022-25881 DESCRIPTION: Node.js http-cache-semanti...

9.1CVSS7.8AI score0.59501EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/05 7:19 p.m.56 views

Security Bulletin: IBM QRadar Wincollect agent is vulnerable to using components with know vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM has addressed the relevant vulnerabilities. Vulnerability Details CVEID:CVE-2022-42916 DESCRIPTION: cURL libcurl could allow a remote attacker to obtain...

9.8CVSS9.9AI score0.51733EPSS
Exploits9Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/06/17 6:45 p.m.107 views

Security Bulletin: IBM QRadar WinCollect is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., third party libraries that may be identified and exploited with automated tools. IBM QRadar WinCollect for IBM QRadar SIEM has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2022-1434 DESCRIPTION: OpenSSL is vulnerable to a...

10CVSS8.8AI score0.83223EPSS
Exploits14Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/02/18 9:6 p.m.61 views

Security Bulletin: IBM QRadar Wincollect is vulnerable to improper access control (CVE-2020-4485, CVE-2020-4486)

Summary IBM QRadar Wincollect agents could allow authenticated users to bypass restrictions to delete arbitrary files or disable the Wincollect service. Vulnerability Details CVEID: CVE-2020-4485 DESCRIPTION: IBM QRadar could allow an authenticated user to disable the Wincollect service which cou...

8.1CVSS1.2AI score0.01506EPSS
Exploits0Affected Software1
Rows per page
Query Builder