247 matches found
Security Bulletin: Node.js http-cache-semantics module is vulnerable to CVE-2022-25881 used in IBM Maximo Application Suite - Monitor Component
Summary IBM Maximo Application Suite - Monitor Component uses Node.js http-cache-semantics modulewhich is vulnerable to CVE-2022-25881. Vulnerability Details CVEID:CVE-2022-25881 DESCRIPTION: Node.js http-cache-semantics module is vulnerable to a denial of service, caused by a regular expression...
Security Bulletin: OAuthlib is vulnerable to CVE-2022-36087 used in IBM Maximo Application Suite - Monitor Component
Summary IBM Maximo Application Suite - Monitor Component uses OAuthlib which is vulnerable to CVVE-2022-36087. Vulnerability Details CVEID:CVE-2022-36087 DESCRIPTION: OAuthlib is vulnerable to a denial of service, caused by improper input validation. By sending a specially-crafted request using...
Security Bulletin: tensorflow-2.7.3-cp37 vulnerable to CVE-2022-41911 CVE-2022-41907 CVE-2022-41908 CVE-2022-41896 CVE-2022-41891 CVE-2022-41894 CVE-2022-41884 IBM Maximo Application Suite - Monitor Component
Summary IBM Maximo Application Suite - Monitor Component uses tensorflow-2.7.3-cp37 vulnerable to CVE-2022-41911, CVE-2022-41907, CVE-2022-41908, CVE-2022-41896, CVE-2022-41891, CVE-2022-41894, CVE-2022-41884, CVE-2022-41898, CVE-2022-41888, CVE-2022-41897, CVE-2022-41880, CVE-2022-41889,...
Security Bulletin: Loader-utils is vulnerable to CVE-2022-37603 used in IBM Maximo Application Suite - Monitor Component
Summary IBM Maximo Application Suite - Monitor Component uses loader-utils which is vulnerable to CVE-2022-37603. Vulnerability Details CVEID:CVE-2022-37603 DESCRIPTION: webpack loader-utils is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS flaw in the...
Security Bulletin: WebSphere Application Server Liberty is vulnerable to CVE-2022-3509 and CVE-2022-3171 used in IBM Maximo Application Suite - Monitor Component
Summary IBM Maximo Application Suite - Monitor Component uses WebSphere Application Server Liberty which is vulnerable to CVE-2022-3509 and CVE-2022-3171. Vulnerability Details CVEID:CVE-2022-3509 DESCRIPTION: protobuf-java core and lite are vulnerable to a denial of service, caused by a flaw in...
Security Bulletin: IBM WebSphere Application Server Liberty and Open Liberty is vulnerable to CVE-2022-22475 used in IBM Maximo Application Suite - Monitor Component
Summary IBM Maximo Application Suite - Monitor Component uses IBM WebSphere Application Server Liberty and Open Liberty which is vulnerable to CVE-2022-22475. Vulnerability Details CVEID:CVE-2022-22475 DESCRIPTION: IBM WebSphere Application Server Liberty and Open Liberty 17.0.0.3 through 22.0.0....
Security Bulletin: IBM WebSphere Application Server Liberty is vulnerable to CVE-2022-22393 used in IBM Maximo Application Suite - Monitor Component
Summary IBM Maximo Application Suite - Monitor Component uses IBM WebSphere Application Server Liberty which is vulnerable to CVE-2022-22393. Vulnerability Details CVEID:CVE-2022-22393 DESCRIPTION: IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.5 , with the adminCenter-1.0 featu...
Security Bulletin: Ansi-html is vulnerable to CVE-2021-23424 used in IBM Maximo Application Suite
Summary IBM Maximo Application Suite - Monitor Component uses the package ansi-html which is vulnerable to CVE-2021-23424. Vulnerability Details CVEID:CVE-2021-23424 DESCRIPTION: Node.js ansi-html module is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS...
Security Bulletin: Apache Log4j is vulnerable to CVE-2021-45105 and CVE-2021-45046 used in IBM Maximo Application Suite - Monitor Component
Summary IBM Maximo Application Suite - Monitor Component uses Apache Log4j which is vulnerable to CVE-2021-45105 and CVE-2021-45046. Vulnerability Details CVEID:CVE-2021-45105 DESCRIPTION: Apache Log4j is vulnerable to a denial of service, caused by the failure to protect from uncontrolled...
Security Bulletin: Node-forge is vulnerable to security CVEs used in IBM Maximo Application Suite - Monitor Component
Summary IBM Maximo Application Suite - Monitor Component uses node-forge which is vulnerable to security CVEs. Vulnerability Details CVEID:CVE-2022-24773 DESCRIPTION: Node.js node-forge module could allow a remote attacker to bypass security restrictions, caused by improper signature verification...
Security Bulletin: Tensorflow is vulnerable to security CVEs used in IBM Maximo Application Suite - Monitor Component
Summary IBM Maximo Application Suite - Monitor Component uses Tensorflow which is vulnerable to security CVEs. Vulnerability Details CVEID:CVE-2022-23592 DESCRIPTION: TensorFlow could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a heap out-of-bounds rea...
Security Bulletin: Oracle Java SE is vulnerable to CVE-2022-21271 used in IBM Maximo Application Suite - Monitor Component
Summary IBM Maximo Application Suite - Monitor Component uses Oracle Java SE which is vulnerable to CVE-2022-21271. Vulnerability Details CVEID:CVE-2022-21271 DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the Libraries component could allow an unauthenticated attacker to...
Security Bulletin: Multiple Vulnerabilities in Apache Commons Compress affect WebSphere Application Server used by IBM Maximo Application Suite
Summary Multiple Vulnerabilities in Apache Commons Compress affect WebSphere Application Server used by IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2021-35517 DESCRIPTION: Apache Commons Compress is vulnerable to a denial of service, caused by an out of memory error when...
IntelMQ Manager Monitor Component OS Command Injection Vulnerability
IntelMQ Manager is a graphical interface for managing the configuration of the IntelMQ framework. An operating system command injection vulnerability exists in the 'send' function of the Inspect-tool of the Monitor component in IntelMQ Manager version 1.1.0 and later fixed in version 2.1.1, which...
CVE-2020-11016
IntelMQ Manager from version 1.1.0 and before version 2.1.1 has a vulnerability where the backend incorrectly handled messages given by user-input in the "send" functionality of the Inspect-tool of the Monitor component. An attacker with access to the IntelMQ Manager could possibly use this issue...
CVE-2020-11016
IntelMQ Manager from version 1.1.0 and before version 2.1.1 has a vulnerability where the backend incorrectly handled messages given by user-input in the "send" functionality of the Inspect-tool of the Monitor component. An attacker with access to the IntelMQ Manager could possibly use this issue...
Design/Logic Flaw
IntelMQ Manager from version 1.1.0 and before version 2.1.1 has a vulnerability where the backend incorrectly handled messages given by user-input in the "send" functionality of the Inspect-tool of the Monitor component. An attacker with access to the IntelMQ Manager could possibly use this issue...
CVE-2020-11016 Remote code execution in Message sending functionality in IntelMQ Manager
IntelMQ Manager from version 1.1.0 and before version 2.1.1 has a vulnerability where the backend incorrectly handled messages given by user-input in the "send" functionality of the Inspect-tool of the Monitor component. An attacker with access to the IntelMQ Manager could possibly use this issue...
F5 Networks BIG-IP : OpenSSH vulnerabilities (K17263)
CVE-2015-6563 The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITORREQPAMINITCTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction with control of the sshd uid to...
OpenSSH < 7.0 Multiple Vulnerabilities
Binary data 9309.prm...