Lucene search
K

366 matches found

CNNVD
CNNVD
added 2026/03/20 12:0 a.m.12 views

AWStats 安全漏洞

AWStats is a log analysis tool developed by eldy, a personal developer. This software supports the analysis of web site logs on all operating systems such as IIS 5.0 and Apache. It can analyze logs from web, WAP, proxy, streaming servers, FTP, and mail servers. AWStats 8.0 has a security...

7.8CVSS5.7AI score0.01046EPSS
Exploits1References3
Packet Storm News
Packet Storm News
added 2026/03/06 12:0 a.m.9 views

Before You Hand over the Wheel: Evaluating LLMs for Security Incident Analysis

Security incident analysis SIA poses a major challenge for security operations centers, which must manage overwhelming alert volumes, large and diverse data sources, complex toolchains, and limited analyst expertise. These difficulties intensify because incidents evolve dynamically and require...

5.8AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/03 10:9 a.m.8 views

Security Bulletin: IBM Operations Analytics - Log Analysis is affected by denial of service and a possible information leak due to LZ4 compression

Summary LZ4 compression for Java in Logstash is used by IBM Operations Analytics - Log Analysis as part of the fast, lightweight compression to reduce storage size. CVE-2025-12183, CVE-2025-66566. Vulnerability Details CVEID:CVE-2025-12183 DESCRIPTION: Out-of-bounds memory operations in...

8.8CVSS6.1AI score0.00647EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/02/06 1:25 a.m.5 views

CVE-2024-40685

IBM Operations Analytics – Log Analysis versions 1.3.5.0 through 1.3.8.3 and IBM SmartCloud Analytics – Log Analysis are vulnerable to a cross-site request forgery CSRF vulnerability that could allow an attacker to trick a trusted user into performing unauthorized actions...

4.3CVSS5.2AI score0.00128EPSS
Exploits0References1
EUVD
EUVD
added 2026/02/05 12:31 a.m.4 views

EUVD-2024-55398

IBM Operations Analytics – Log Analysis versions 1.3.5.0 through 1.3.8.3 and IBM SmartCloud Analytics – Log Analysis are vulnerable to a cross-site request forgery CSRF vulnerability that could allow an attacker to trick a trusted user into performing unauthorized actions...

4.3CVSS5.2AI score0.00128EPSS
Exploits0References2
NVD
NVD
added 2026/02/04 10:15 p.m.5 views

CVE-2024-40685

IBM Operations Analytics – Log Analysis versions 1.3.5.0 through 1.3.8.3 and IBM SmartCloud Analytics – Log Analysis are vulnerable to a cross-site request forgery CSRF vulnerability that could allow an attacker to trick a trusted user into performing unauthorized actions...

4.3CVSS0.00128EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/04 9:12 p.m.25 views

CVE-2024-40685 IBM Operations Analytics - Log Analysis is affected by CSRF Token Replay Attack

IBM Operations Analytics – Log Analysis versions 1.3.5.0 through 1.3.8.3 and IBM SmartCloud Analytics – Log Analysis are vulnerable to a cross-site request forgery CSRF vulnerability that could allow an attacker to trick a trusted user into performing unauthorized actions...

4.3CVSS0.00128EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/04 9:12 p.m.4 views

CVE-2024-40685

IBM Operations Analytics – Log Analysis versions 1.3.5.0 through 1.3.8.3 and IBM SmartCloud Analytics – Log Analysis are vulnerable to a cross-site request forgery CSRF vulnerability that could allow an attacker to trick a trusted user into performing unauthorized actions...

4.3CVSS5.2AI score0.00128EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/04 9:12 p.m.4 views

CVE-2024-40685 IBM Operations Analytics - Log Analysis is affected by CSRF Token Replay Attack

IBM Operations Analytics – Log Analysis versions 1.3.5.0 through 1.3.8.3 and IBM SmartCloud Analytics – Log Analysis are vulnerable to a cross-site request forgery CSRF vulnerability that could allow an attacker to trick a trusted user into performing unauthorized actions...

4.3CVSS5.2AI score0.00128EPSS
Exploits0References1
CVE
CVE
added 2026/02/04 9:12 p.m.10 views

CVE-2024-40685

CVE-2024-40685 affects IBM Operations Analytics – Log Analysis and IBM SmartCloud Analytics – Log Analysis. Connected sources confirm a CSRF vulnerability that could allow an attacker to trick a trusted user into performing unauthorized actions. Affected versions include IBM Operations Analytics ...

4.3CVSS5.2AI score0.00128EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/04 12:0 a.m.9 views

IBM Operations Analytics - Log Analysis 跨站请求伪造漏洞

IBM Operations Analytics – Log Analysis is a log analysis software developed by IBM. Versions 1.3.5.0 to 1.3.8.3 of IBM Operations Analytics – Log Analysis contain a cross-site request forgeing vulnerability. This vulnerability is due to a susceptibility to cross-site request forgery attacks, whi...

4.3CVSS5.7AI score0.00128EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/04 12:0 a.m.5 views

PT-2026-5866

Name of the Vulnerable Software and Affected Versions IBM Operations Analytics – Log Analysis versions 1.3.5.0 through 1.3.8.3 IBM SmartCloud Analytics – Log Analysis versions 1.3.5.0 through 1.3.8.3 Description The software is susceptible to a cross-site request forgery CSRF condition. Successfu...

4.3CVSS5.2AI score0.00128EPSS
Exploits0References4
Packet Storm News
Packet Storm News
added 2026/01/30 12:0 a.m.10 views

Semantic-Aware Advanced Persistent Threat Detection Using Autoencoders on LLM-Encoded System Logs

Advanced Persistent Threats APTs are among the most challenging cyberattacks to detect. They are carried out by highly skilled attackers who carefully study their targets and operate in a stealthy, long-term manner. Because APTs exhibit "low-and-slow" behavior, traditional statistical methods and...

5.4AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/13 9:35 a.m.8 views

Security Bulletin: Due to use of Apache Commons Text, IBM Operations Analytics - Log Analysis is affected by Remote Code Execution Attacks

Summary Apache Commons Text in Apache Solr is used by IBM Operations Analytics - Log Analysis as part of the string manipulation and interpolation. CVE-2025-46295. Vulnerability Details CVEID:CVE-2025-46295 DESCRIPTION: Apache Commons Text versions prior to 1.10.0 included interpolation features...

9.8CVSS7.9AI score0.00919EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/09 3:40 p.m.10 views

Security Bulletin: IBM Operations Analytics - Log Analysis is affected by Denial-of-Service (DoS) due to use of jose4j library

Summary jose.4.j library in Apache Solr is used by IBM Operations Analytics - Log Analysis as part of the secure token-based authentication and encryption mechanisms. CVE-2024-29371. Vulnerability Details CVEID:CVE-2024-29371 DESCRIPTION: In jose4j before 0.9.5, an attacker can cause a...

7.5CVSS6.8AI score0.00244EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/09 3:21 p.m.12 views

Security Bulletin: IBM Operations Analytics - Log Analysis is affected by an improper input validation due to Apache Commons HttpClient

Summary Apache Commons HttpClient is used by IBM Operations Analytics - Log Analysis as part of the standards-based Java library for executing HTTP requests. CVE-2012-6153, CVE-2012-5783. Vulnerability Details CVEID:CVE-2012-6153 DESCRIPTION: http/conn/ssl/AbstractVerifier.java in Apache Commons...

5.8CVSS6.6AI score0.09254EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/07 9:0 a.m.5 views

Security Bulletin: IBM Operations Analytics - Log Analysis is affected by CSRF Token Replay Attack

Summary IBM Operations Analytics – Log Analysis uses CSRF tokens to prevent unauthorised actions from being performed by an attacker on behalf of an authenticated user. CVE-2024-40685. Vulnerability Details CVEID:CVE-2024-40685 DESCRIPTION: IBM SmartCloud Analytics - Log Analysis is vulnerable to...

4.3CVSS6.6AI score0.00128EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/06 4:45 p.m.5 views

Security Bulletin: Due to use of servlet feature in IBM WebSphere Application Server Liberty, IBM Operations Analytics - Log Analysis is affected by a security bypass vulnerability

Summary servlet feature in IBM WebSphere Application Server Liberty is used by IBM Operations Analytics - Log Analysis as part of HTTP Servlets support. CVE-2024-56339. Vulnerability Details CVEID:CVE-2024-56339 DESCRIPTION: IBM WebSphere Application Server 9.0 and WebSphere Application Server...

7.5CVSS6.7AI score0.004EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/06 4:23 p.m.6 views

Security Bulletin: IBM Operations Analytics - Log Analysis is affected by incorrect validation of integrity check due to OpenSSH

Summary OpenSSH is used by IBM Operations Analytics - Log Analysis as part of implementations of SSH servers and clients. CVE-2023-48795. Vulnerability Details CVEID:CVE-2023-48795 DESCRIPTION: The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other...

5.9CVSS7.7AI score0.93305EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/06 4:1 p.m.6 views

Security Bulletin: IBM Operations Analytics - Log Analysis is affected by SMTP injection due to Jakarta Mail in IBM WebSphere Application Server Liberty

Summary Jakarta Mail in IBM WebSphere Application Server Liberty is used by IBM Operations Analytics - Log Analysis as part of sending and receiving emails. CVE-2025-7962. Vulnerability Details CVEID:CVE-2025-7962 DESCRIPTION: In Jakarta Mail 2.0.2 it is possible to preform a SMTP Injection by...

7.5CVSS7.2AI score0.00756EPSS
Exploits0Affected Software1
Rows per page
Query Builder