Lucene search
K

247 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/07/24 5:23 p.m.28 views

Security Bulletin: Node.js http-cache-semantics module is vulnerable to CVE-2022-25881 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses Node.js http-cache-semantics modulewhich is vulnerable to CVE-2022-25881. Vulnerability Details CVEID:CVE-2022-25881 DESCRIPTION: Node.js http-cache-semantics module is vulnerable to a denial of service, caused by a regular expression...

7.5CVSS6.8AI score0.01613EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/24 5:20 p.m.21 views

Security Bulletin: OAuthlib is vulnerable to CVE-2022-36087 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses OAuthlib which is vulnerable to CVVE-2022-36087. Vulnerability Details CVEID:CVE-2022-36087 DESCRIPTION: OAuthlib is vulnerable to a denial of service, caused by improper input validation. By sending a specially-crafted request using...

6.5CVSS5.9AI score0.01258EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/06 9:17 p.m.73 views

Security Bulletin: tensorflow-2.7.3-cp37 vulnerable to CVE-2022-41911 CVE-2022-41907 CVE-2022-41908 CVE-2022-41896 CVE-2022-41891 CVE-2022-41894 CVE-2022-41884 IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses tensorflow-2.7.3-cp37 vulnerable to CVE-2022-41911, CVE-2022-41907, CVE-2022-41908, CVE-2022-41896, CVE-2022-41891, CVE-2022-41894, CVE-2022-41884, CVE-2022-41898, CVE-2022-41888, CVE-2022-41897, CVE-2022-41880, CVE-2022-41889,...

9.8CVSS8AI score0.00579EPSS
Exploits21Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/09 6:14 p.m.63 views

Security Bulletin: Loader-utils is vulnerable to CVE-2022-37603 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses loader-utils which is vulnerable to CVE-2022-37603. Vulnerability Details CVEID:CVE-2022-37603 DESCRIPTION: webpack loader-utils is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS flaw in the...

7.5CVSS8.2AI score0.02029EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/09 2:37 p.m.31 views

Security Bulletin: WebSphere Application Server Liberty is vulnerable to CVE-2022-3509 and CVE-2022-3171 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses WebSphere Application Server Liberty which is vulnerable to CVE-2022-3509 and CVE-2022-3171. Vulnerability Details CVEID:CVE-2022-3509 DESCRIPTION: protobuf-java core and lite are vulnerable to a denial of service, caused by a flaw in...

7.5CVSS6.3AI score0.01048EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/09 2:35 p.m.23 views

Security Bulletin: IBM WebSphere Application Server Liberty and Open Liberty is vulnerable to CVE-2022-22475 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses IBM WebSphere Application Server Liberty and Open Liberty which is vulnerable to CVE-2022-22475. Vulnerability Details CVEID:CVE-2022-22475 DESCRIPTION: IBM WebSphere Application Server Liberty and Open Liberty 17.0.0.3 through 22.0.0....

6.5CVSS5.7AI score0.00564EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/09 2:33 p.m.39 views

Security Bulletin: IBM WebSphere Application Server Liberty is vulnerable to CVE-2022-22393 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses IBM WebSphere Application Server Liberty which is vulnerable to CVE-2022-22393. Vulnerability Details CVEID:CVE-2022-22393 DESCRIPTION: IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.5 , with the adminCenter-1.0 featu...

6.5CVSS5.1AI score0.00678EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/08 8:38 p.m.22 views

Security Bulletin: Ansi-html is vulnerable to CVE-2021-23424 used in IBM Maximo Application Suite

Summary IBM Maximo Application Suite - Monitor Component uses the package ansi-html which is vulnerable to CVE-2021-23424. Vulnerability Details CVEID:CVE-2021-23424 DESCRIPTION: Node.js ansi-html module is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS...

7.5CVSS7.4AI score0.01981EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/08 8:27 p.m.52 views

Security Bulletin: Apache Log4j is vulnerable to CVE-2021-45105 and CVE-2021-45046 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses Apache Log4j which is vulnerable to CVE-2021-45105 and CVE-2021-45046. Vulnerability Details CVEID:CVE-2021-45105 DESCRIPTION: Apache Log4j is vulnerable to a denial of service, caused by the failure to protect from uncontrolled...

10CVSS9.5AI score0.99999EPSS
Exploits351Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/08 8:20 p.m.33 views

Security Bulletin: Node-forge is vulnerable to security CVEs used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses node-forge which is vulnerable to security CVEs. Vulnerability Details CVEID:CVE-2022-24773 DESCRIPTION: Node.js node-forge module could allow a remote attacker to bypass security restrictions, caused by improper signature verification...

7.5CVSS6.3AI score0.01015EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/08 5:50 p.m.52 views

Security Bulletin: Tensorflow is vulnerable to security CVEs used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses Tensorflow which is vulnerable to security CVEs. Vulnerability Details CVEID:CVE-2022-23592 DESCRIPTION: TensorFlow could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a heap out-of-bounds rea...

8.1CVSS7.5AI score0.0087EPSS
Exploits25Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/04 6:54 p.m.41 views

Security Bulletin: Oracle Java SE is vulnerable to CVE-2022-21271 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses Oracle Java SE which is vulnerable to CVE-2022-21271. Vulnerability Details CVEID:CVE-2022-21271 DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the Libraries component could allow an unauthenticated attacker to...

5.3CVSS5.2AI score0.02789EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/04/19 7:44 p.m.32 views

Security Bulletin: Multiple Vulnerabilities in Apache Commons Compress affect WebSphere Application Server used by IBM Maximo Application Suite

Summary Multiple Vulnerabilities in Apache Commons Compress affect WebSphere Application Server used by IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2021-35517 DESCRIPTION: Apache Commons Compress is vulnerable to a denial of service, caused by an out of memory error when...

7.5CVSS7.6AI score0.13292EPSS
Exploits0Affected Software1
CNVD
CNVD
added 2020/05/07 12:0 a.m.1 views

IntelMQ Manager Monitor Component OS Command Injection Vulnerability

IntelMQ Manager is a graphical interface for managing the configuration of the IntelMQ framework. An operating system command injection vulnerability exists in the 'send' function of the Inspect-tool of the Monitor component in IntelMQ Manager version 1.1.0 and later fixed in version 2.1.1, which...

9.1CVSS8.4AI score0.02334EPSS
Exploits0References1
NVD
NVD
added 2020/04/30 11:15 p.m.39 views

CVE-2020-11016

IntelMQ Manager from version 1.1.0 and before version 2.1.1 has a vulnerability where the backend incorrectly handled messages given by user-input in the "send" functionality of the Inspect-tool of the Monitor component. An attacker with access to the IntelMQ Manager could possibly use this issue...

9.1CVSS9.5AI score0.02334EPSS
Exploits0References4
OSV
OSV
added 2020/04/30 11:15 p.m.22 views

CVE-2020-11016

IntelMQ Manager from version 1.1.0 and before version 2.1.1 has a vulnerability where the backend incorrectly handled messages given by user-input in the "send" functionality of the Inspect-tool of the Monitor component. An attacker with access to the IntelMQ Manager could possibly use this issue...

8.8CVSS7.9AI score
Exploits0References4
Prion
Prion
added 2020/04/30 11:15 p.m.10 views

Design/Logic Flaw

IntelMQ Manager from version 1.1.0 and before version 2.1.1 has a vulnerability where the backend incorrectly handled messages given by user-input in the "send" functionality of the Inspect-tool of the Monitor component. An attacker with access to the IntelMQ Manager could possibly use this issue...

6.5CVSS8.9AI score0.02334EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2020/04/30 10:25 p.m.15 views

CVE-2020-11016 Remote code execution in Message sending functionality in IntelMQ Manager

IntelMQ Manager from version 1.1.0 and before version 2.1.1 has a vulnerability where the backend incorrectly handled messages given by user-input in the "send" functionality of the Inspect-tool of the Monitor component. An attacker with access to the IntelMQ Manager could possibly use this issue...

9.1CVSS9.5AI score0.02334EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2016/06/02 12:0 a.m.134 views

F5 Networks BIG-IP : OpenSSH vulnerabilities (K17263)

CVE-2015-6563 The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITORREQPAMINITCTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction with control of the sshd uid to...

7CVSS6.3AI score0.00599EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2016/04/22 12:0 a.m.59 views

OpenSSH < 7.0 Multiple Vulnerabilities

Binary data 9309.prm...

8.5CVSS6.2AI score0.09302EPSS
Exploits5References5
Rows per page
Query Builder