Lucene search
K

674 matches found

CNVD
CNVD
added 2024/03/06 12:0 a.m.29 views

IBM Security Guardium XML External Entity Injection Vulnerability (CNVD-2024-12704)

IBM Security Guardium is a suite of platforms from International Business Machines IBM that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. IBM Security Guardium Key Lifecycle Manager suffers from an...

8.2CVSS7AI score0.01379EPSS
Exploits0References1
CNVD
CNVD
added 2024/03/01 12:0 a.m.28 views

IBM Security Guardium OS Command Injection Vulnerability (CNVD-2024-11735)

IBM Security Guardium is a suite of platforms from International Business Machines IBM that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. An operating system command injection vulnerability exists ...

8.8CVSS8.2AI score0.01351EPSS
Exploits0References1
NVD
NVD
added 2024/02/29 1:38 a.m.24 views

CVE-2023-25921

IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment. IBM X-Force ID: 247620...

8.8CVSS8.2AI score0.01103EPSS
Exploits0References2
OSV
OSV
added 2024/02/29 1:38 a.m.4 views

CVE-2023-25921

IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment. IBM X-Force ID: 247620...

8.8CVSS5.8AI score
Exploits0References2
NVD
NVD
added 2024/02/29 1:38 a.m.20 views

CVE-2023-25926

IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 247599...

8.2CVSS6AI score0.01379EPSS
Exploits0References2
Prion
Prion
added 2024/02/29 1:38 a.m.15 views

Xxe

IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 247599...

4.7CVSS6.7AI score0.01379EPSS
Exploits0References2
Prion
Prion
added 2024/02/29 1:38 a.m.23 views

Design/Logic Flaw

IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment. IBM X-Force ID: 247620...

4.6CVSS6.5AI score0.01103EPSS
Exploits0References2
CVE
CVE
added 2024/02/29 12:36 a.m.108 views

CVE-2023-25921

CVE-2023-25921 affects IBM Security Guardium Key Lifecycle Manager versions 3.0, 3.0.1, 4.0, 4.1, and 4.1.1, allowing an attacker to upload or transfer dangerous-file types that can be automatically processed within the product environment. The Red Hat / IBM bulletin confirms remediation in GKLM ...

8.8CVSS7.9AI score0.01103EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/02/29 12:36 a.m.12 views

CVE-2023-25921 IBM Security Guardium Key Lifecycle Manager file upload

IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment. IBM X-Force ID: 247620...

8.5CVSS6.5AI score0.01103EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/02/29 12:36 a.m.18 views

CVE-2023-25921 IBM Security Guardium Key Lifecycle Manager file upload

IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment. IBM X-Force ID: 247620...

8.5CVSS8.1AI score0.01103EPSS
Exploits0References2
CVE
CVE
added 2024/02/29 12:27 a.m.107 views

CVE-2023-25926

CVE-2023-25926 affects IBM Security Guardium Key Lifecycle Manager (GKLM) 3.0, 3.0.1, 4.0, 4.1, and 4.1.1, with an XML External Entity Injection (XXE) vulnerability when processing XML data. The root cause is XXE in the XML processing path, enabling a remote attacker to potentially expose sensiti...

8.2CVSS5.5AI score0.01379EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/02/29 12:27 a.m.13 views

CVE-2023-25926 IBM Security Guardium Key Lifecycle Manager XML external entity injection

IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 247599...

5.5CVSS6.5AI score0.01379EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/02/29 12:27 a.m.24 views

CVE-2023-25926 IBM Security Guardium Key Lifecycle Manager XML external entity injection

IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 247599...

5.5CVSS5.7AI score0.01379EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/02/29 12:0 a.m.6 views

IBM Security Guardium 代码问题漏洞

IBM Security Guardium is a suite of platforms from International Business Machines IBM that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. IBM Security Guardium Key Lifecycle Manager suffers from an...

8.2CVSS5.6AI score0.01379EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/02/29 12:0 a.m.3 views

IBM Security Guardium Security Vulnerabilities

IBM Security Guardium is a suite of platforms from International Business Machines IBM that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. A security vulnerability exists in IBM Security Guardium Ke...

8.8CVSS8.3AI score0.01103EPSS
Exploits0References3
NVD
NVD
added 2024/02/28 10:15 p.m.21 views

CVE-2023-25925

IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 247632...

8.8CVSS8.4AI score0.01351EPSS
Exploits0References2
Prion
Prion
added 2024/02/28 10:15 p.m.16 views

Design/Logic Flaw

IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 247632...

4.6CVSS7.4AI score0.01351EPSS
Exploits0References2
Prion
Prion
added 2024/02/28 10:15 p.m.22 views

Design/Logic Flaw

IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment. IBM X-Force ID: 247621...

4CVSS6.5AI score0.00556EPSS
Exploits0References2
CVE
CVE
added 2024/02/28 9:53 p.m.135 views

CVE-2023-25925

CVE-2023-25925 affects IBM Security Guardium Key Lifecycle Manager (GKLM) across multiple releases (3.0, 3.0.1, 4.0, 4.1, 4.1.1). A remote authenticated attacker can execute arbitrary commands on the system by sending a specially crafted request, as documented by IBM and Red Hat in their vendor a...

8.8CVSS8.3AI score0.01351EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/02/28 9:53 p.m.21 views

CVE-2023-25925 IBM Security Guardium Key Lifecycle Manager command injection

IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 247632...

8.5CVSS8.3AI score0.01351EPSS
Exploits0References2
Rows per page
Query Builder