Lucene search
+L

104 matches found

ibm
ibm
added 2026/05/04 4:7 p.m.12 views

Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in jetty-http (CVE-2026-2332)

Summary IBM Sterling Control Center is affected by a vulnerability CVE-2026-2332 reported for jetty-http-12.0.25.jar. Vulnerability Details CVEID:CVE-2026-2332 DESCRIPTION: In Eclipse Jetty, the HTTP/1.1 parser is vulnerable to request smuggling when chunk extensions are used, similar to the "fun...

9.1CVSS5.8AI score0.01127EPSS
Exploits1Affected Software1
ibm
ibm
added 2026/04/28 2:14 p.m.5 views

Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in jetty-http (CVE-2025-11143)

Summary IBM Sterling Control Center is affected by a vulnerability CVE-2025-11143 reported for jetty-http-12.0.25.jar. Vulnerability Details CVEID:CVE-2025-11143 DESCRIPTION: The Jetty URI parser has some key differences to other common parsers when evaluating invalid or unusual URIs. Differentia...

6.5CVSS7.7AI score0.00159EPSS
Exploits0Affected Software1
redhatcve
redhatcve
added 2026/01/09 9:30 a.m.30 views

CVE-2023-43035

IBM Sterling Control Center 6.2.1, 6.3.1, and 6.4.0 allows web pages to be stored locally which can be read by another user on the system...

4CVSS6.3AI score0.00149EPSS
Exploits0References1
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-0955

Malware in sbrugna...

3.5CVSS6.4AI score0.01085EPSS
Exploits0References3
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2013-2908

Malware in sbrugna...

3.5CVSS6.4AI score0.00759EPSS
Exploits0References3
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2013-2907

Malware in sbrugna...

6.3CVSS6.4AI score0.00937EPSS
Exploits0References3
euvd
euvd
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-39057

Malicious code in bioql PyPI...

5.4CVSS5.5AI score0.00537EPSS
Exploits0References2
euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-47456

Malicious code in bioql PyPI...

4CVSS6.5AI score0.00149EPSS
Exploits0References2
euvd
euvd
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-46466

Malicious code in bioql PyPI...

5.4CVSS6.4AI score0.00217EPSS
Exploits0References2
redhatcve
redhatcve
added 2025/05/23 4:37 a.m.10 views

CVE-2023-35020

IBM Sterling Control Center 6.3.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system. IBM X-Force ID: 257874...

5.4CVSS6.5AI score0.00537EPSS
Exploits0References1
cnvd
cnvd
added 2025/04/25 12:0 a.m.8 views

IBM Sterling Control Center Cross-Site Scripting Vulnerability (CNVD-2025-09285)

IBM Sterling Control Center is an application system from International Business Machines IBM. A centralized monitoring and management system. IBM Sterling Control Center suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping o...

5.4CVSS6.1AI score0.00217EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/04/12 2:3 p.m.29 views

CVE-2023-42007

IBM Sterling Control Center 6.2.1, 6.3.1, and 6.4.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

5.4CVSS6.3AI score0.00217EPSS
Exploits0References3
ibm
ibm
added 2025/04/10 2:32 p.m.14 views

Security Bulletin: IBM Sterling Control Center is affected by sensitive information within URLs may be logged (CVE-2023-43035)

Summary Sensitive information may be logged Session token is passing in the URL within URLs is affecting IBM Sterling Control Center v6.2.1.0, v6.3.1.0 and v6.4.0.0. Customers must upgrade to latest patch below to address this vulnerability. Vulnerability Details CVEID:CVE-2023-43035 DESCRIPTION:...

4CVSS4AI score0.00149EPSS
Exploits0Affected Software1
ibm
ibm
added 2025/04/10 2:25 p.m.11 views

Security Bulletin: IBM Sterling Control Center is affected by improper input validation (CVE-2023-42007)

Summary Improper input validation is impacting IBM Sterling Control Center v6.4.0.0, v6.3.1.0 and v6.2.1.0. User supplied input is getting reflected as it is in the response without being validated at sever end. Customers must upgrade to latest patch below to address this vulnerability...

5.4CVSS5.4AI score0.00217EPSS
Exploits0Affected Software1
nvd
nvd
added 2025/04/10 2:15 p.m.13 views

CVE-2023-43035

IBM Sterling Control Center 6.2.1, 6.3.1, and 6.4.0 allows web pages to be stored locally which can be read by another user on the system...

4CVSS0.00149EPSS
Exploits0References1
nvd
nvd
added 2025/04/10 2:15 p.m.15 views

CVE-2023-42007

IBM Sterling Control Center 6.2.1, 6.3.1, and 6.4.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

5.4CVSS0.00217EPSS
Exploits0References1
ibm
ibm
added 2025/04/10 2:14 p.m.23 views

Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities reported in Jetty server (CVE-2024-8184, CVE-2024-6763)

Summary Multiple vulnerabilities over Eclipse Jetty is affecting IBM Sterling Control Center v6.3.1.0 and v6.4.0.0. Customers must upgrade to latest patch below to address this vulnerability. Vulnerability Details CVEID:CVE-2024-8184 DESCRIPTION: Eclipse Jetty is vulnerable to a denial of service...

6.5CVSS5.8AI score0.01037EPSS
Exploits1Affected Software1
cvelist
cvelist
added 2025/04/10 1:26 p.m.17 views

CVE-2023-43035 IBM Sterling Control Center information disclosure

IBM Sterling Control Center 6.2.1, 6.3.1, and 6.4.0 allows web pages to be stored locally which can be read by another user on the system...

4CVSS0.00149EPSS
Exploits0References1
cve
cve
added 2025/04/10 1:26 p.m.52 views

CVE-2023-43035

CVE-2023-43035 affects IBM Sterling Control Center 6.2.1.0, 6.3.1.0, and 6.4.0.0. The issue allows web pages to be stored locally and read by another user on the same system (information disclosure; CWE-525). IBM’s bulletin lists the vulnerable versions and fixes: upgrade to 6.2.1.0 iFix15, 6.3.1...

4CVSS4AI score0.00149EPSS
Exploits0References1Affected Software1
vulnrichment
vulnrichment
added 2025/04/10 1:26 p.m.12 views

CVE-2023-43035 IBM Sterling Control Center information disclosure

IBM Sterling Control Center 6.2.1, 6.3.1, and 6.4.0 allows web pages to be stored locally which can be read by another user on the system...

4CVSS6.3AI score0.00149EPSS
Exploits0References1
Rows per page
Query Builder