CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2897 matches found

Cvelist•added 2024/10/24 5:23 p.m.•15 views

CVE-2024-38314 IBM Maximo Application Suite - Monitor Component information disclosure

IBM Maximo Application Suite - Monitor Component 8.10, 8.11, and 9.0 could disclose information in the form of the hard-coded cryptographic key to an attacker that has compromised environment...

5.9CVSS0.00306EPSS

Exploits0References1

CVE•added 2024/10/24 5:23 p.m.•45 views

CVE-2024-38314

CVE-2024-38314 affects IBM Maximo Application Suite - Monitor Component (versions 8.10, 8.11, 9.0). The root cause is a hard-coded cryptographic key that could disclose secret information to an attacker in a compromised environment, leading to information disclosure. IBM’s advisory lists remediat...

5.9CVSS5.5AI score0.00306EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2024/10/24 5:23 p.m.•11 views

CVE-2024-38314 IBM Maximo Application Suite - Monitor Component information disclosure

IBM Maximo Application Suite - Monitor Component 8.10, 8.11, and 9.0 could disclose information in the form of the hard-coded cryptographic key to an attacker that has compromised environment...

5.9CVSS6.4AI score0.00306EPSS

Exploits0References1

CNNVD•added 2024/10/24 12:0 a.m.•2 views

IBM Maximo Application Suite 安全漏洞

IBM Maximo Application Suite is a single platform for intelligent asset management, monitoring, maintenance, computer vision, security and reliability from International Business Machines IBM. A security vulnerability exists in IBM Maximo Application Suite-Monitor Component, which stems from the...

5.9CVSS6.2AI score0.00306EPSS

Exploits0References1

Positive Technologies•added 2024/10/24 12:0 a.m.•2 views

PT-2024-27939 · Ibm · Ibm Maximo Application Suite - Monitor

Name of the Vulnerable Software and Affected Versions: IBM Maximo Application Suite - Monitor Component versions 8.10 through 9.0 Description: The issue could disclose information in the form of a hard-coded cryptographic key to an attacker that has compromised the environment. Recommendations: F...

5.9CVSS5.5AI score0.00306EPSS

Exploits0References4

IBM Security Bulletins•added 2024/10/11 4:18 p.m.•21 views

Security Bulletin: IBM Maximo Application Suite - Maximo Visual Inspection Component uses dnspython-2.3.0-py3-none-any.whl which is vulnerable to this CVE-2023-29483

Summary Security Bulletin: IBM Maximo Application Suite - Maximo Visual Inspection Component uses dnspython-2.3.0-py3-none-any.whl which is vulnerable to this CVE-2023-29483 Vulnerability Details CVEID:CVE-2023-29483 DESCRIPTION: Dnspython is vulnerable to a denial of service, caused by a flaw in...

7CVSS6.5AI score0.01258EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2024/10/08 8:35 a.m.•30 views

Security Bulletin: IBM Maximo Application Suite uses multiple packages which are vulnerable to multiple CVEs

Summary IBM Maximo Application Suite uses golang.org/x/net/http2 - v0.19.0 , v0.20.0, github.com/lestrrat-go/jwx/v2 - v2.0.11, setuptools - 50.3.2, tar - 6.2.0, github.com/docker/docker - v24.0.7, follow-redirects - 1.15.4, express - 4.18.2 , idna - 3.6 ,org.apache.cxfcxf-core - 3.5.5,...

9.3CVSS8.4AI score0.05849EPSS

Exploits6Affected Software1

IBM Security Bulletins•added 2024/09/30 5:2 p.m.•29 views

Security Bulletin: IBM Maximo Application Suite - Maximo Visual Inspection Component uses Werkzeug-2.2.3-py3-none-any.whl which is vulnerable to this CVE-2023-46136

Summary Security Bulletin: IBM Maximo Application Suite - Maximo Visual Inspection Component uses Werkzeug-2.2.3-py3-none-any.whl which is vulnerable to this CVE-2023-46136 Vulnerability Details CVEID:CVE-2023-46136 DESCRIPTION: Pallets Werkzeug is vulnerable to a denial of service, caused by a...

8CVSS7.5AI score0.01063EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2024/09/26 8:39 a.m.•24 views

Security Bulletin: IBM Maximo Application Suite - Predict Component component uses certifi-2024.2.2-py3-none-any.whl which is vulnerable to this CVE-2024-39689

Summary IBM Maximo Application Suite - Predict Component component uses certifi-2024.2.2-py3-none-any.whl which is vulnerable to this CVE-2024-39689 Vulnerability Details CVEID:CVE-2024-39689 DESCRIPTION: Certifi python-certifi could provide weaker than expected security, caused by the use of...

7.5CVSS7.3AI score0.01049EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2024/09/19 3:48 p.m.•22 views

Security Bulletin: IBM Maximo Application Suite uses certifi-2024.6.2-py3-none-any.whl which is vulnerable to CVE-2024-39689.

Summary IBM Maximo Application Suite uses certifi-2024.6.2-py3-none-any.whl which is vulnerable to CVE-2024-39689. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-39689 DESCRIPTION: Certifi python-certifi could provide weaker th...

7.5CVSS7.2AI score0.01049EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2024/09/19 3:46 p.m.•9 views

Security Bulletin: IBM Maximo Application Suite uses tinymce-6.8.3.tgz which is vulnerable to CVE-2024-38357, CVE-2024-38356

Summary IBM Maximo Application Suite uses tinymce-6.8.3.tgz which is vulnerable to CVE-2024-38357, CVE-2024-38356. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-38357 DESCRIPTION: TinyMCE is vulnerable to cross-site scripting,...

6.1CVSS6AI score0.00529EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2024/09/18 8:45 a.m.•19 views

Security Bulletin: Maximo Application Suite - IBM WebSphere Application Server is vulnerable to CVE-2024-25026 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses WebSphere Application Server which is vulnerable to CVE-2024-25026. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-25026 DESCRIPTION: IBM WebSphere Application Server 8.5...

7.5CVSS6.6AI score0.00792EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2024/09/16 5:22 p.m.•73 views

Security Bulletin: IBM Maximo Application Suite uses k82.io package which is vulnerable to CVE-2019-11250, CVE-2020-8565, CVE-2019-11253.

Summary IBM Maximo Application Suite uses k82.io package which is vulnerable to CVE-2019-11250, CVE-2020-8565, CVE-2019-11253. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2019-11250 DESCRIPTION: Kubernetes could allow a local...

7.5CVSS6.5AI score0.25939EPSS

Exploits2Affected Software1

IBM Security Bulletins•added 2024/09/13 8:4 a.m.•28 views

Security Bulletin: IBM Maximo Application Suite uses bcprov-jdk15on-1.70.jar which is vulnerable to CVE-2024-29857.

Summary IBM Maximo Application Suite uses bcprov-jdk15on-1.70.jar which is vulnerable to CVE-2024-29857. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-29857 DESCRIPTION: The Bouncy Castle Crypto Package For Java is vulnerable ...

7.5CVSS7.3AI score0.011EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2024/09/13 7:30 a.m.•25 views

Security Bulletin: IBM Maximo Application Suite uses micromatch-4.0.5.tgz which is vulnerable to CVE-2024-4067.

Summary IBM Maximo Application Suite uses micromatch-4.0.5.tgz which is vulnerable to CVE-2024-4067. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-4067 DESCRIPTION: Node.js micromatch module is vulnerable to a denial of servic...

5.3CVSS6.2AI score0.01429EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2024/09/13 7:30 a.m.•26 views

Security Bulletin: IBM Maximo Application Suite uses Werkzeug-2.2.3-py3-none-any.whl which is vulnerable to CVE-2024-4067.

Summary IBM Maximo Application Suite uses Werkzeug-2.2.3-py3-none-any.whl which is vulnerable to CVE-2024-4067. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-34069 DESCRIPTION: Pallets Werkzeug could allow a remote attacker to...

7.5CVSS6.9AI score0.03397EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2024/09/13 7:11 a.m.•14 views

Security Bulletin: IBM Maximo Application Suite uses dnspython-2.3.0-py3-none-any.whl which is vulnerable to CVE-2023-29483.

Summary IBM Maximo Application Suite uses dnspython-2.3.0-py3-none-any.whl which is vulnerable to CVE-2023-29483. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2023-29483 DESCRIPTION: Dnspython is vulnerable to a denial of service,...

7CVSS6.8AI score0.01258EPSS

Exploits1Affected Software1

CNVD•added 2024/09/11 12:0 a.m.•10 views

IBM Maximo Application Suite Encryption Issue Vulnerability

IBM Maximo Application Suite is a single platform for intelligent asset management, monitoring, maintenance, computer vision, security and reliability from International Business Machines IBM. An encryption issue vulnerability exists in IBM Maximo Application Suite versions 8.10, 8.11, and 9.0,...

7.5CVSS6.5AI score0.00247EPSS

Exploits0References1

IBM Security Bulletins•added 2024/09/09 8:21 a.m.•22 views

Security Bulletin: IBM Maximo Asset Management - A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2024-22354)

Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Industry Solutions including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas, and Maximo for Utilities, Maximo Adapter for Primavera, and...

7CVSS7.2AI score0.00649EPSS

Exploits0Affected Software11

IBM Security Bulletins•added 2024/09/09 8:21 a.m.•13 views

Security Bulletin: IBM Maximo Application Suite - Predict Component component uses aiohttp-3.9.5-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl which is vulnerable to this CVE-2024-42367

Summary Security Bulletin: IBM Maximo Application Suite - Predict Component component uses aiohttp-3.9.5-cp39-cp39-manylinux217x8664.manylinux2014x8664.whl which is vulnerable to this CVE-2024-42367 Vulnerability Details CVEID:CVE-2024-42367 DESCRIPTION: aio-libs aiohttp ould allow a remote...

4.8CVSS4.9AI score0.00645EPSS

Exploits0Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by