Lucene search
K

222 matches found

NVD
NVD
added 2025/09/11 9:15 p.m.4 views

CVE-2025-36222

IBM Fusion 2.2.0 through 2.10.1, IBM Fusion HCI 2.2.0 through 2.10.0, and IBM Fusion HCI for watsonx 2.8.2 through 2.10.0 uses insecure default configurations that could expose AMQStreams without client authentication that could allow an attacker to perform unauthorized actions...

9.8CVSS0.00351EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/11 8:44 p.m.3 views

CVE-2025-36222 IBM Fusion insecure default configuration

IBM Fusion 2.2.0 through 2.10.1, IBM Fusion HCI 2.2.0 through 2.10.0, and IBM Fusion HCI for watsonx 2.8.2 through 2.10.0 uses insecure default configurations that could expose AMQStreams without client authentication that could allow an attacker to perform unauthorized actions...

8.7CVSS6.5AI score0.00351EPSS
Exploits0References1
CVE
CVE
added 2025/09/11 8:44 p.m.28 views

CVE-2025-36222

IBM Fusion and IBM Fusion HCI products are affected by CVE-2025-36222 due to insecure default configurations that could expose AMQStreams without client authentication, enabling unauthorized actions. Affected versions: IBM Fusion 2.2.0–2.10.1, IBM Fusion HCI 2.2.0–2.10.0, and IBM Fusion HCI for w...

9.8CVSS6.5AI score0.00351EPSS
Exploits0References1Affected Software3
Cvelist
Cvelist
added 2025/09/11 8:44 p.m.8 views

CVE-2025-36222 IBM Fusion insecure default configuration

IBM Fusion 2.2.0 through 2.10.1, IBM Fusion HCI 2.2.0 through 2.10.0, and IBM Fusion HCI for watsonx 2.8.2 through 2.10.0 uses insecure default configurations that could expose AMQStreams without client authentication that could allow an attacker to perform unauthorized actions...

8.7CVSS0.00351EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/11 6:18 p.m.27 views

Security Bulletin: There are multiple vulnerabilities that can affect IBM Fusion

Summary Multiple vulnerabilities affecting IBM Fusion and IBM Fusion HCI could have resulted in reduced security. These issues have since been resolved. CVE-2025-36222, CVE-2025-47273, CVE-2025-26791, CVE-2025-22870, CVE-2025-27817, CVE-2024-31141, CVE-2025-27818, CVE-2024-47081, CVE-2025-48379,...

9.8CVSS8.3AI score0.62368EPSS
Exploits12Affected Software3
Positive Technologies
Positive Technologies
added 2025/09/11 12:0 a.m.6 views

PT-2025-37265

Name of the Vulnerable Software and Affected Versions: IBM Fusion versions 2.2.0 through 2.10.1 IBM Fusion HCI versions 2.2.0 through 2.10.0 IBM Fusion HCI for watsonx versions 2.8.2 through 2.10.0 Description: IBM Fusion, IBM Fusion HCI, and IBM Fusion HCI for watsonx utilize insecure default...

8.7CVSS6.3AI score0.00351EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/09/11 12:0 a.m.3 views

IBM多款产品 安全漏洞

IBM Fusion and others are a hybrid cloud application data platform from International Business Machines IBM. A security vulnerability exists in various IBM products that stems from the use of insecure default configurations that could lead to an attacker performing unauthorized operations. The...

9.8CVSS6.3AI score0.00351EPSS
Exploits0References2
Snyk
Snyk
added 2025/09/09 8:59 p.m.4 views

Improper Check or Handling of Exceptional Conditions

Overview datahihi1/tiny-env is a simple environment variable loader for PHP applications Affected versions of this package are vulnerable to Improper Check or Handling of Exceptional Conditions due to the loading of environment variables without requiring the .env file to exist. An attacker can...

7.3CVSS6.6AI score0.00173EPSS
Exploits0References2
OSV
OSV
added 2025/09/09 8:59 p.m.4 views

GHSA-3J7M-5G4Q-GFPC TinyEnv: Missing .env file not required — may cause unexpected behavior

Impact TinyEnv did not require the .env file to exist when loading environment variables. This could lead to unexpected behavior where the application silently ignores missing configuration, potentially causing insecure defaults or deployment misconfigurations. Affected versions: - 1.0.1 → 1.0.2 ...

5.1CVSS6.7AI score0.00173EPSS
Exploits0References5
NVD
NVD
added 2025/09/09 8:15 p.m.10 views

CVE-2025-58758

TinyEnv is an environment variable loader for PHP applications. In versions 1.0.1, 1.0.2, 1.0.9, and 1.0.10, TinyEnv did not require the .env file to exist when loading environment variables. This could lead to unexpected behavior where the application silently ignores missing configuration,...

7.3CVSS0.00173EPSS
Exploits0References2
CVE
CVE
added 2025/09/09 7:50 p.m.16 views

CVE-2025-58758

CVE-2025-58758 affects TinyEnv, a PHP environment-variable loader. Versions 1.0.1, 1.0.2, 1.0.9, and 1.0.10 do not require the .env file to exist when loading variables, enabling the application to run with missing or insecure defaults. The issue has been fixed in version 1.0.11. Mitigation provi...

7.3CVSS6.3AI score0.00173EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/09/09 12:0 a.m.9 views

PT-2025-36952

Name of the Vulnerable Software and Affected Versions: TinyEnv versions 1.0.1 through 1.0.2 TinyEnv versions 1.0.9 through 1.0.10 Description: TinyEnv did not require the .env file to exist when loading environment variables. This could lead to unexpected behavior where the application silently...

5.1CVSS6.3AI score0.00173EPSS
Exploits0References9
CNNVD
CNNVD
added 2025/09/08 12:0 a.m.2 views

Bender多款产品 安全漏洞

Bender CC612 and others are products of Bender, Germany.Bender CC612 is a charge controller.Bender CC613 is a charge controller.Bender ICC15xx is an insulation monitoring device. A security vulnerability exists in several Bender products, which stems from an insecure default configuration that...

7.4CVSS6.4AI score0.00212EPSS
Exploits0References2
Intel
Intel
added 2025/08/12 12:0 a.m.8 views

Intel® Distribution for Python Software Installer Advisory

Summary: A potential security vulnerability for some Intel® Distribution for Python software installers may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2025-26470 Description: Incorrect default...

6.7CVSS7.4AI score0.00105EPSS
Exploits0
OSV
OSV
added 2025/07/08 7:15 a.m.3 views

CVE-2025-25271

An unauthenticated adjacent attacker is able to configure a new OCPP backend, due to insecure defaults for the configuration interface...

8.8CVSS5.8AI score0.00288EPSS
Exploits0References1
CVE
CVE
added 2025/07/08 7:1 a.m.23 views

CVE-2025-25271

CVE-2025-25271 describes an authentication-related misconfiguration in Phoenix Contact CHARX SEC OCPP implementations where an unauthenticated, network-adjacent attacker can configure a new OCPP backend due to insecure default settings in the configuration interface. Multiple sources (including N...

8.8CVSS6.6AI score0.00288EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/07/08 7:1 a.m.7 views

CVE-2025-25271 OCPP Backend Configuration via Insecure Defaults

An unauthenticated adjacent attacker is able to configure a new OCPP backend, due to insecure defaults for the configuration interface...

8.8CVSS0.00288EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/08 7:1 a.m.2 views

CVE-2025-25271 OCPP Backend Configuration via Insecure Defaults

An unauthenticated adjacent attacker is able to configure a new OCPP backend, due to insecure defaults for the configuration interface...

8.8CVSS7.2AI score0.00288EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/07/08 12:0 a.m.2 views

PT-2025-28348 · Phoenix Contact · Charx Sec-3000 +7

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: An unauthenticated adjacent attacker can configure a new OCPP backend due to insecure defaults for the configuration interface. Recommendations: At the moment, there is no information about ...

8.8CVSS6.1AI score0.00288EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2025/05/23 3:53 a.m.10 views

CVE-2023-33806

Insecure default configurations in Hikvision Interactive Tablet DS-D5B86RB/B V2.3.0 build220119, allows attackers to execute arbitrary commands...

7.8CVSS7.6AI score0.00235EPSS
Exploits0References1
Rows per page
Query Builder