Lucene search
K

15 matches found

CNNVD
CNNVD
added 2025/06/21 12:0 a.m.3 views

IBM Process Mining 输入验证错误漏洞

IBM Process Mining is a process mining solution from International Business Machines IBM. An input validation error vulnerability exists in IBM Process Mining versions 2.0.1 IF001 and 2.0.1, which stems from an open redirect and could lead to a phishing attack...

8.2CVSS6.3AI score0.00205EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2024/11/06 7:21 a.m.7 views

Security Bulletin: IBM Operations Analytics - Log Analysis is vulnerable to an XML External Entity Injection (XXE) vulnerability

Summary There is a potential XML External Entity Injection XXE vulnerability with reload4j library that is used in IBM Operations Analytics - Log Analysis. This has been addressed. Vulnerability Details IBM X-Force ID: 294027 DESCRIPTION: QOS.CH reload4j allow a remote attacker to obtain sensitiv...

6.8AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/07/31 9:7 a.m.71 views

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Process Mining 1.15.0 IF001

Summary The following security vulnerabilities are addressed with IBM Process Mining 1.15.0 IF001 Vulnerability Details CVEID:CVE-2024-37891 DESCRIPTION: urllib3 could allow a remote authenticated attacker to obtain sensitive information, caused by the failure to strip the Proxy-Authorization...

8.8CVSS9AI score0.04602EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/05/14 8:42 p.m.42 views

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Process Mining 1.14.4 IF001

Summary The following security vulnerabilities are addressed with IBM Process Mining 1.14.4 IF001 Vulnerability Details CVEID:CVE-2024-22259 DESCRIPTION: VMware Tanzu Spring Framework could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability in...

9.8CVSS9.5AI score0.23072EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/03/29 10:41 a.m.27 views

Security Bulletin: Vulnerability in openjdk affects IBM Process Mining CVE-2023-21930

Summary There is a vulnerability in openjdk that could allow an authenticated attacker with network access via TLS to compromise Java on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details...

7.4CVSS7.7AI score0.01295EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/07 5:25 p.m.35 views

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Process Mining 1.14.3 IF001

Summary The following security vulnerabilities are addressed with IBM Process Mining 1.14.3 IF001 Vulnerability Details CVEID:CVE-2023-46589 DESCRIPTION: Apache Tomcat is vulnerable to HTTP request smuggling, caused by improper parsing of the HTTP trailer headers. By sending a specially crafted...

7.5CVSS8.2AI score0.02651EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/29 1:3 p.m.31 views

Security Bulletin: CVE-2021-35561 may affect IBM® SDK, Java™ Technology Edition for Content Collector for Email, Content Collector for File Systems, Content Collector for Microsoft SharePoint and Content Collector for IBM Connections

Summary CVE-2021-35561 was disclosed as part of the Oracle October 2021 Critical Patch Update. Vulnerability Details CVEID:CVE-2021-35561 DESCRIPTION: An unspecified vulnerability in Java SE related to the Utility component could allow an unauthenticated attacker to cause a denial of service...

5.3CVSS5.6AI score0.06468EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/01/15 11:12 a.m.34 views

Security Bulletin: Apache Log4j vulnerability affects IBM Cloud Pak for Automation (CVE-2021-44228)

Summary A remote code execution vulnerability has been reported for log4j-core-2.x libraries, which are used in various components of IBM Cloud Pak for Business Automation. Vulnerability Details CVEID:CVE-2021-44228 DESCRIPTION: Apache Log4j could allow a remote attacker to execute arbitrary code...

10CVSS7.8AI score0.99999EPSS
Exploits347Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/01/14 1:12 p.m.21 views

Security Bulletin: Vulnerabilities in Oracle Outside In Technology component affect Content Collector for Email (CVE-2021-35572)

Summary There are vulnerabilities in in Oracle Outside In Technology related to Outside In Filters used by Content Collector for Email. Vulnerability Details CVEID: CVE-2021-35572 DESCRIPTION: An unspecified vulnerability in Oracle Outside In Technology related to the Outisde in Filters component...

7.5CVSS7.2AI score0.01456EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/01/14 1:11 p.m.26 views

Security Bulletin: Vulnerabilities in Oracle Outside In Technology component affect Content Collector for Email (CVE-2021-35657)

Summary There are vulnerabilities in in Oracle Outside In Technology related to Outside In Filters used by Content Collector for Email. Vulnerability Details CVEID:CVE-2021-35657 DESCRIPTION: An unspecified vulnerability in Oracle Outside In Technology related to the Outside In Filters component...

7.5CVSS7.1AI score0.01418EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/01/14 1:8 p.m.25 views

Security Bulletin: Vulnerabilities in Oracle Outside In Technology component affect Content Collector for Email (CVE-2021-35573)

Summary There are vulnerabilities in in Oracle Outside In Technology related to Outside In Filters used by Content Collector for Email. Vulnerability Details CVEID: CVE-2021-35573 DESCRIPTION: An unspecified vulnerability in Oracle Outside In Technology related to the Outside In Filters component...

7.5CVSS7.2AI score0.01435EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/01/14 1:6 p.m.19 views

Security Bulletin: Vulnerabilities in Oracle Outside In Technology component affect Content Collector for Email (CVE-2021-35574)

Summary There are vulnerabilities in in Oracle Outside In Technology related to Outside In Filters used by Content Collector for Email. Vulnerability Details CVEID: CVE-2021-35574 DESCRIPTION: An unspecified vulnerability in Oracle Outside In Technology related to the Outside In Filters component...

7.5CVSS7.6AI score0.0198EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/06/01 4:14 p.m.21 views

Security Bulletin: Embedded WebSphere Application Server is vulnerable to Apache MyFaces, which affects Content Collector for Email

Summary Vulnerability in Apache MyFaces affects embedded WebSphere Application Server which affects Content Collector for Email. Vulnerability Details CVEID: CVE-2021-26296 DESCRIPTION: Apache MyFaces is vulnerable to cross-site request forgery, caused by improper validation of user-supplied inpu...

7.5CVSS1.1AI score0.03026EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/01/12 8:25 p.m.43 views

Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to a security vulnerability (CVE-2019-11745)

Summary IBM has announced a release for IBM Security Identity Governance and Intelligence IGI in response to security vulnerability. The vulnerability concerns Network Security Services Softoken Cryptographic Module that could allow an attacker to execute arbitrary code on the system or cause a...

8.8CVSS2.4AI score0.02994EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 12:16 p.m.38 views

Security Bulletin: Vulnerability in Apache Struts affects FileNet Content Manager and IBM Content Foundation (CVE-2016-1181, CVE-2016-1182)

Summary Security vulnerabilitiy exists in IBM FileNet Content Manager and IBM Content Foundation in Apache Struts. Vulnerability Details CVEID: CVE-2016-1181 DESCRIPTION: Apache Struts could allow a remote attacker to execute arbitrary code on the system, caused by the failure to protect against...

8.2CVSS1.3AI score0.2593EPSS
Exploits0Affected Software1
Rows per page
Query Builder