Lucene search
K

312 matches found

Positive Technologies
Positive Technologies
added 2025/06/18 12:0 a.m.6 views

PT-2025-26179 · Ibm · Webmethods Integration Server

Name of the Vulnerable Software and Affected Versions: IBM webMethods Integration Server versions 10.5, 10.7, 10.11, and 10.15 Description: The issue is related to an XML external entity injection XXE attack when processing XML data. A remote authenticated attacker could exploit this to execute...

8.8CVSS6.8AI score0.00541EPSS
Exploits0References8
Exploit DB
Exploit DB
added 2025/04/16 12:0 a.m.216 views

WebMethods Integration Server 10.15.0.0000-0092 - Improper Access on Login Page

Exploit Title: WebMethods Integration Server 10.15.0.0000-0092 - Improper Access on Login Page Date: 25-01-2024 Exploit Author: Rasime Ekici Vendor Homepage: www.softwareag.com Version: 10.15.0000-0092 Tested on: 10.15.0000-0092 CVE : 2024-23733 Description: The /WmAdmin/,/invoke/vm.server/login...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2025/04/16 12:0 a.m.119 views

📄 WebMethods Integration Server 10.15.0.0000-0092 Access Bypass

WebMethods Integration Server version 10.15.0.0000-0092 has an issue where blank credentials can allow access to the administrative panel. Exploit Title: WebMethods Integration Server 10.15.0.0000-0092 - Improper Access on Login Page Date: 25-01-2024 Exploit Author: Rasime Ekici Vendor Homepage:...

7.5CVSS7AI score0.02332EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2025/03/04 2:40 p.m.10 views

Important: Red Hat Security Advisory: Red Hat Product OCP Tools 4.12 Openshift Jenkins security update

An update for Openshift Jenkins is now available for Red Hat Product OCP Tools 4.12. Red Hat Product Security has rated this update as having a security impact of important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8CVSS6.6AI score0.15413EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2025/03/04 2:38 p.m.15 views

Important: Red Hat Security Advisory: Red Hat Product OCP Tools 4.17 Openshift Jenkins security update

An update for Openshift Jenkins is now available for Red Hat Product OCP Tools 4.17. Red Hat Product Security has rated this update as having a security impact of important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8CVSS6.7AI score0.15413EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2025/02/05 10:57 p.m.12 views

CVE-2022-1069

A crafted HTTP packet with a large content-length header can create a denial-of-service condition in Softing Secure Integration Server V1.22...

7.5CVSS6.7AI score0.01324EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 10:56 p.m.7 views

CVE-2022-1748

Softing OPC UA C++ Server SDK, Secure Integration Server, edgeConnector, edgeAggregator, OPC Suite, and uaGate are affected by a NULL pointer dereference vulnerability...

7.5CVSS6.7AI score0.00852EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 10:52 p.m.12 views

CVE-2022-1373

The “restore configuration” feature of Softing Secure Integration Server V1.22 is vulnerable to a directory traversal vulnerability when processing zip files. An attacker can craft a zip file to load an arbitrary dll and execute code. Using the "restore configuration" feature to upload a zip file...

7.2CVSS6.9AI score0.10229EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2025/02/05 9:30 p.m.8 views

CVE-2022-2335

A crafted HTTP packet with a -1 content-length header can create a denial-of-service condition in Softing Secure Integration Server V1.22...

7.5CVSS6.7AI score0.01324EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 9:27 p.m.16 views

CVE-2022-2337

A crafted HTTP packet with a missing HTTP URI can create a denial-of-service condition in Softing Secure Integration Server V1.22...

7.5CVSS6.7AI score0.01297EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 9:19 p.m.14 views

CVE-2022-2334

The application searches for a library dll that is not found. If an attacker can place a dll with this name, then the attacker can leverage it to execute arbitrary code on the targeted Softing Secure Integration Server V1.22...

7.2CVSS7.5AI score0.09501EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2025/02/05 9:15 p.m.8 views

CVE-2022-2336

Softing Secure Integration Server, edgeConnector, and edgeAggregator software ships with the default administrator credentials as admin and password as admin. This allows Softing to log in to the server directly to perform administrative functions. Upon installation or upon first login, the...

9.8CVSS6.9AI score0.00851EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 9:15 p.m.9 views

CVE-2022-2547

A crafted HTTP packet without a content-type header can create a denial-of-service condition in Softing Secure Integration Server V1.22...

7.5CVSS6.7AI score0.01297EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/31 12:0 a.m.5 views

Bentley Systems ProjectWise Integration Server 安全漏洞

Bentley Systems ProjectWise Integration Server is an application from Bentley Systems, USA. A security vulnerability exists in Bentley Systems ProjectWise Integration Server versions prior to 10.00.03.288. An attacker could exploit the vulnerability to execute unexpected SQL queries via API calls...

6.4CVSS7.3AI score0.00126EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/31 12:0 a.m.6 views

PT-2025-2950 · Bentley Systems · Projectwise Integration Server

Name of the Vulnerable Software and Affected Versions: Bentley Systems ProjectWise Integration Server versions prior to 10.00.03.288 Description: The issue allows unintended SQL query execution by an authenticated user via an API call. Recommendations: For versions prior to 10.00.03.288, update t...

6.4CVSS7.8AI score0.00126EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/01/31 12:0 a.m.15 views

CVE-2024-53007

Bentley Systems ProjectWise Integration Server before 10.00.03.288 allows unintended SQL query execution by an authenticated user via an API call...

6.4CVSS0.00126EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/31 12:0 a.m.10 views

CVE-2024-53007

Bentley Systems ProjectWise Integration Server before 10.00.03.288 allows unintended SQL query execution by an authenticated user via an API call...

6.4CVSS6.9AI score0.00126EPSS
Exploits0References1
CVE
CVE
added 2025/01/31 12:0 a.m.94 views

CVE-2024-53007

CVE-2024-53007 affects Bentley Systems ProjectWise Integration Server prior to 10.00.03.288. An authenticated user can cause unintended SQL query execution via an API call. The CVSS 3.1 base score is 6.4 (MEDIUM): attack vector LOCAL, privileges required LOW, user interaction NONE, with confident...

6.4CVSS6.7AI score0.00126EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/11/05 12:7 p.m.21 views

Important: Red Hat Security Advisory: Red Hat Product OCP Tools 4.12 Openshift Jenkins security update

An update for Openshift Jenkins is now available for Red Hat Product OCP Tools 4.12. Red Hat Product Security has rated this update as having a security impact of important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS6.6AI score0.48081EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.157 views

Microsoft Host Integration Server 2006 Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft Host Integration Server 2006 Command Execution Vulnerability', 'Description' = %q This module exploits a command-injection vulnerabilit...

10CVSS7AI score0.77741EPSS
Exploits9
Rows per page
Query Builder