CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2897 matches found

IBM Security Bulletins•added 2025/06/09 11:53 a.m.•8 views

Security Bulletin: IBM Java: Two OpenJ9 internal ASCII to EBCDIC string wrapper vulnerabilities on z/OS (CVE-2025-1470,CVE-2025-1471,CWE-787)

Summary IBM Java: Two OpenJ9 internal ASCII to EBCDIC string wrapper vulnerabilities on z/OS CVE-2025-1470,CVE-2025-1471,CWE-787 Vulnerability Details CVEID:CVE-2025-1470 DESCRIPTION: In Eclipse OMR, from the initial contribution to version 0.4.0, some OMR internal port library and utilities...

7.8CVSS8.2AI score0.00167EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2025/06/09 11:52 a.m.•8 views

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Apr 2025- Includes Oracle Apr 2025 CPU

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 that are used by Maximo Asset Management, Maximo Industry Solutions including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas and Maximo for Utilities a...

7.8CVSS7.1AI score0.00749EPSS

Exploits0Affected Software11

IBM Security Bulletins•added 2025/06/05 7:40 a.m.•10 views

Security Bulletin: Maximo AI Service Component: Spring Security Aspects may not correctly locate method security annotations on private methods.

Summary Security Bulletin: Maximo AI Service Component Component uses Spring Security Aspects may not correctly locate method security annotations on private methods.This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-41232...

9.1CVSS6.7AI score0.00516EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2025/06/03 11:15 a.m.•6 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to dompurify-3.2.4.tgz, dompurify-3.2.5.tgz CVE-2025-48050

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to dompurify-3.2.4.tgz, dompurify-3.2.5.tgz CVE-2025-48050. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2025-48050 DESCRIPTION: In DOMPurify through 3.2.5 before...

7.5CVSS6.3AI score0.00394EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2025/06/03 11:13 a.m.•4 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component in IBM WebSphere Application Server Liberty is vulnerable to a denial of service due to Apache CXF (CVE-2025-23184)

Summary IBM Maximo Application Suite - Monitor Component IBM in WebSphere Application Server Liberty is vulnerable to a denial of service due to Apache CXF CVE-2025-23184. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2025-23184...

7.5CVSS7.4AI score0.01806EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2025/06/03 10:57 a.m.•3 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to Django-4.2.18-py3-none-any.whl CVE-2025-26699

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to Django-4.2.18-py3-none-any.whl CVE-2025-26699. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2025-26699 DESCRIPTION: An issue was discovered in Django 5.1 before...

7.5CVSS5AI score0.00748EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2025/06/03 10:33 a.m.•13 views

Security Bulletin: IBM Maximo Application Suite - Manage Component uses elliptic-6.5.4.tgz (Publicly disclosed vulnerability found by Mend)

Summary Security Bulletin: IBM Maximo Application Suite - Manage Component uses elliptic-6.5.4.tgz Publicly disclosed vulnerability found by Mend. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-48948 DESCRIPTION: The Elliptic...

9.1CVSS8.9AI score0.00612EPSS

Exploits3Affected Software1

IBM Security Bulletins•added 2025/05/30 1:25 p.m.•9 views

Security Bulletin: IBM Maximo Application Suite uses cryptography-44.0.0-cp39-abi3-manylinux_2_28_x86_64.whl which is vulnerable to CVE-2024-12797.

Summary IBM Maximo Application Suite uses cryptography-44.0.0-cp39-abi3-manylinux228x8664.whl which is vulnerable to CVE-2024-12797. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-12797 DESCRIPTION: Issue summary: Clients using...

6.3CVSS6.8AI score0.02357EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2025/05/30 1:17 p.m.•21 views

Security Bulletin: IBM Maximo Application Suite uses axios-1.7.7.tgz, Kubectl-1.22.4 and Websphere Liberty - 24.0.0.11 which is vulnerable to CVE-2025-27152, CVE-2024-47535, CVE-2024-24791, CVE-2024-45336, CVE-2024.

Summary IBM Maximo Application Suite uses axios-1.7.7.tgz, Kubectl-1.22.4 and Websphere Liberty - 24.0.0.11 which is vulnerable to CVE-2025-27152, CVE-2024-47535, CVE-2024-24791, CVE-2024-45336, CVE-2024. . This bulletin contains information regarding the vulnerability and its fixture...

8.7CVSS6.7AI score0.01414EPSS

Exploits2Affected Software1

IBM Security Bulletins•added 2025/05/30 1:15 p.m.•11 views

Security Bulletin: IBM Maximo Application Suite - IoT Component uses commons-codec-1.11.jar, okio-jvm-3.0.0.jar, jetty-http-10.0.24.jar and jetty-server-10.0.24.jar which is vulnerable to CVE-2020-8908, CVE-2023-2976, CVE-2024-6763, CVE-2023-3635

Summary IBM Maximo Application Suite - IoT Component uses commons-codec-1.11.jar, okio-jvm-3.0.0.jar, jetty-http-10.0.24.jar and jetty-server-10.0.24.jar which is vulnerable to CVE-2020-8908, CVE-2023-2976, CVE-2024-6763, CVE-2023-3635. This bulletin contains information regarding the vulnerabili...

7.5CVSS6.9AI score0.01077EPSS

Exploits3Affected Software1

IBM Security Bulletins•added 2025/05/30 8:28 a.m.•7 views

Security Bulletin: IBM Maximo Application Suite Predict Component : Flask is a web server gateway interface (WSGI) web application framework. In Flask 3.1.0, the way fallback key configuration was handled resulted in the last fallback key being used.

Summary Security Bulletin: IBM Maximo Application Suite Predict Component Component uses Flask is a web server gateway interface WSGI web application framework. In Flask 3.1.0.This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-4727...

1.8CVSS6.5AI score0.00152EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2025/05/29 7:35 a.m.•14 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to http-proxy-middleware-2.0.7.tgz CVE-2025-32997

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to http-proxy-middleware-2.0.7.tgz CVE-2025-32997. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2025-32997 DESCRIPTION: In http-proxy-middleware before 2.0.9 and 3....

5.3CVSS6.5AI score0.0039EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2025/05/29 7:34 a.m.•16 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to WebSphere Liberty which is vulnerable to a denial of service due to Netty CVE-2024-47535

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to WebSphere Liberty which is vulnerable to a denial of service due to Netty CVE-2024-47535. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-47535 DESCRIPTION:...

5.5CVSS5.4AI score0.00408EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2025/05/29 7:30 a.m.•13 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to cxf-core-3.5.5.jar, cxf-core-4.0.5.jar CVE-2025-23184

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to cxf-core-3.5.5.jar, cxf-core-4.0.5.jar CVE-2025-23184. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2025-23184 DESCRIPTION: A potential denial of service...

7.5CVSS6.5AI score0.01806EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2025/05/29 7:27 a.m.•12 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to openssl-0.10.70.crate CVE-2025-3416

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to openssl-0.10.70.crate CVE-2025-3416. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2025-3416 DESCRIPTION: A flaw was found in OpenSSL's handling of the properties...

3.7CVSS6.4AI score0.00426EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2025/05/29 7:24 a.m.•12 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to jinja2-3.1.4-py3-none-any.whl, jinja2-3.1.5-py3-none-any.whl CVE-2025-27516

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to jinja2-3.1.4-py3-none-any.whl, jinja2-3.1.5-py3-none-any.whl CVE-2025-27516. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2025-27516 DESCRIPTION: Jinja is an...

8.8CVSS7.2AI score0.00465EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2025/05/29 7:23 a.m.•17 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to transformers-4.46.3-py3-none-any.whl CVE-2025-1194

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to transformers-4.46.3-py3-none-any.whl CVE-2025-1194. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2025-1194 DESCRIPTION: A Regular Expression Denial of Service...

6.5CVSS6.3AI score0.00388EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2025/05/29 7:22 a.m.•14 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to openssl-0.10.64.crate CVE-2025-24898

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to openssl-0.10.64.crate CVE-2025-24898. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2025-24898 DESCRIPTION: rust-openssl is a set of OpenSSL bindings for the Rust...

6.3CVSS6.9AI score0.00623EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2025/05/29 7:21 a.m.•16 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to axios-1.3.4.min.js, axios-1.7.7.tgz CVE-2024-57965

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to axios-1.3.4.min.js, axios-1.7.7.tgz CVE-2024-57965. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-57965 DESCRIPTION: In axios before 1.7.8,...

9.8CVSS6.6AI score0.00342EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2025/05/29 7:20 a.m.•17 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to to a denial of service due to Netty in IBM WebSphere Application Server Liberty CVE-2025-25193

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to to a denial of service due to Netty in IBM WebSphere Application Server Liberty CVE-2025-25193. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2025-25193...

5.5CVSS5.6AI score0.00357EPSS

Exploits0Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by