CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Security Bulletin: Due to use of Apache Log4j, IBM StoredIQ for Legal is vulnerable to arbitrary code execution (CVE-2021-44228, CVE-2021-45046) and denial of service (CVE-2021-45105)

Summary Apache Log4j is included in WebSphere Application Server WAS, which is distributed with IBM Stored IQ for Legal. There are multiple Apache Log4j vulnerabilities CVE-2021-44228, CVE-2021-45105, CVE-2021-45046 impacting IBM StoredIQ for Legal application. IBM StoredIQ for Legal uses Apache...

10CVSS1AI score0.99999EPSS

Exploits349Affected Software1

IBM Security Bulletins•added 2021/03/04 9:24 a.m.•30 views

Security Bulletin: Multiple Vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM StoredIQ for Legal

Summary There are multiple vulnerabilities that affect IBM WebSphere Application Server shipped with IBM StoredIQ for Legal. These have been addressed in Fix Pack 2.0.3.13 of StoredIQ for Legal. Vulnerability Details CVEID: CVE-2020-4163 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8.5...

10CVSS1AI score0.33937EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2020/07/10 2:39 p.m.•38 views

Security Bulletin: IBM StoredIQ is affected by a vulnerability in NGINX (CVE-2019-20372)

Summary IBM StoredIQ has addressed NGINX vulnerability CVE-2019-20372. Vulnerability Details CVEID: CVE-2019-20372 DESCRIPTION: NGINX could allow a remote attacker to obtain sensitive information, caused by a flaw in certain errorpage configurations. By sending a specially crafted request, a remo...

5.3CVSS1.5AI score0.14961EPSS

Exploits3Affected Software1

IBM Security Bulletins•added 2020/07/10 2:32 p.m.•30 views

Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect IBM StoredIQ

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition used by IBM StoredIQ. IBM StoredIQ has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2020-2604 DESCRIPTION: An unspecified vulnerability in Java SE could allow an unauthenticated attacker to take...

9.1CVSS1.2AI score0.04903EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2020/07/10 2:26 p.m.•36 views

Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect IBM StoredIQ InstaScan

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition used by IBM StoredIQ InstaScan. IBM StoredIQ InstaScan has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2019-2989 DESCRIPTION: An unspecified vulnerability in Java SE could allow an unauthenticated...

9.1CVSS1.4AI score0.03749EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2020/07/10 12:25 p.m.•30 views

Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect IBM StoredIQ InstaScan

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition used by IBM StoredIQ InstaScan. IBM StoredIQ InstaScan has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2020-2654 DESCRIPTION: An unspecified vulnerability in Java SE related to the Java SE Librarie...

8.3CVSS1.2AI score0.0623EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2020/02/20 12:42 p.m.•94 views

Security Bulletin: Multiple Vulnerabilities identified in IBM StoredIQ

Summary Multiple vulnerabilities in bundled software packages affect IBM StoredIQ. IBM StoredIQ has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2009-0217 DESCRIPTION: The design of the W3C XML Signature Syntax and Processing XMLDsig recommendation, as implemented in products...

9.8CVSS2.4AI score0.95821EPSS

Exploits35Affected Software1

OSV•added 2020/02/03 5:15 p.m.•1 views

CVE-2020-4224

IBM StoredIQ 7.6.0.17 through 7.6.0.20 could disclose sensitive information to a local user due to data in certain directories not being encrypted when it contained symbolic links. IBM X-Force ID: 175133...

5.5CVSS5.7AI score0.00194EPSS

Exploits0References2

Prion•added 2020/02/03 5:15 p.m.•14 views

Information disclosure

2.1CVSS4.9AI score0.00194EPSS

Exploits0References2Affected Software1

Cvelist•added 2020/02/03 4:45 p.m.•13 views

CVE-2020-4224

2.9CVSS5AI score0.00194EPSS

Exploits0References2

IBM Security Bulletins•added 2020/01/31 4:44 p.m.•18 views

Security Bulletin: Information Disclosure in IBM StoredIQ (CVE-2020-4224)

Summary IBM StoredIQ has addressed the following information disclosure vulnerability. Vulnerability Details CVEID: CVE-2020-4224 DESCRIPTION: IBM StoredIQ could disclose sensitive information to a local user due to data in certain directories not being encrypted when it contained symbolic links...

5.5CVSS0.4AI score0.00194EPSS

Exploits0Affected Software1

OSV•added 2019/08/20 8:15 p.m.•3 views

CVE-2019-4167

IBM StoredIQ 7.6.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 158700...

6.5CVSS5.9AI score0.00494EPSS

Exploits0References2

Prion•added 2019/08/20 8:15 p.m.•14 views

Cross site request forgery (csrf)

4.3CVSS6.4AI score0.00494EPSS

Exploits0References2Affected Software1

IBM Security Bulletins•added 2019/08/14 5:46 p.m.•22 views

Security Bulletin: IBM StoredIQ is affected by a cross-site request forgery (CVE-2019-4167)

Summary IBM StoredIQ has addressed the following vulnerability: Cross-site request forgery. Vulnerability Details CVEID: CVE-2019-4167 DESCRIPTION: IBM StoredIQ is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from...

6.5CVSS1AI score0.00494EPSS

Exploits0Affected Software1

CNVD•added 2019/07/31 12:0 a.m.•1 views

IBM StoredIQ Input Validation Error Vulnerability

IBM StoredIQ is a suite of data visualization and processing platforms from IBM, USA. The platform provides scalable analytics and governance of unstructured data, as well as records management, storage optimization and migration of data. An input validation error vulnerability exists in IBM...

7.5CVSS6.7AI score0.02165EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by