Lucene search
+L

409 matches found

OpenVAS
OpenVAS
added 2023/11/19 12:0 a.m.22 views

Fedora: Security Advisory for gstreamer1-plugins-bad-free (FEDORA-2023-6a4aea6d13)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS9.1AI score0.02189EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/11 2:19 p.m.47 views

Security Bulletin: IBM Operations Analytics Predictive Insights v1.3.6 ifix7 contains fixes for multiple security vulnerabilities.

Summary IBM Operations Analytics Predictive Insights v1.3.6 ifix7 contains fixes for multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details CVEID:CVE-2023-32007 DESCRIPTION: Apache Spark could allow a remote authenticated attacker to execute arbitrary commands on the...

9.9CVSS8.9AI score0.75792EPSS
Exploits1Affected Software1
Prion
Prion
added 2023/10/11 6:15 a.m.19 views

Code injection

Certain credentials within the BigFix Patch Management Download Plug-ins are stored insecurely and could be exposed to a local privileged user...

1.4CVSS4.6AI score0.0015EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/10/11 5:1 a.m.53 views

CVE-2022-42451

CVE-2022-42451 affects HCL BigFix Patch Management, specifically the Download Plug-ins, where certain credentials are stored insecurely. This could allow a local privileged user to access sensitive credentials, consistent with a Local, Low-Complexity exposure (CVSS v3.1: base score ~4.4–4.6, Conf...

4.6CVSS4.5AI score0.0015EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/10/11 12:0 a.m.9 views

PT-2023-14116 · Ibm · Bigfix Patch Management

Name of the Vulnerable Software and Affected Versions: BigFix Patch Management affected versions not specified Description: The issue concerns certain credentials within the BigFix Patch Management Download Plug-ins being stored insecurely. This could potentially expose them to a local privileged...

4.6CVSS6.4AI score0.0015EPSS
Exploits0References3
OSV
OSV
added 2023/10/05 4:15 p.m.5 views

CVE-2023-4570

An improper access restriction in NI MeasurementLink Python services could allow an attacker on an adjacent network to reach services exposed on localhost. These services were previously thought to be unreachable outside of the node. This affects measurement plug-ins written in Python using versi...

8.8CVSS5.8AI score0.00281EPSS
Exploits0References1
CVE
CVE
added 2023/10/05 3:26 p.m.56 views

CVE-2023-4570

CVE-2023-4570 describes an improper access restriction in NI MeasurementLink Python services that permits an attacker on an adjacent network to reach services exposed on localhost, previously believed to be unreachable externally. Affected component: ni-measurementlink-service Python package (ver...

8.8CVSS8.7AI score0.00281EPSS
Exploits0References1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/30 4:30 a.m.22 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server Liberty shipped with IBM Tivoli Netcool Impact (CVE-2022-39161)

Summary IBM WebSphere Application Server Liberty is shipped with IBM Tivoli Netcool Impact as part of its server infrastructure. IBM WebSphere Application Server Liberty is vulnerable to spoofing via the optional and separately installable Web Server Plug-ins for IBM WebSphere Application Server...

5.3CVSS5.3AI score0.00362EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/04 6:55 a.m.42 views

Security Bulletin: The IBM® Engineering Lifecycle Engineering product using IBM WebSphere Application Server traditional is vulnerable to spoofing when using Web Server Plug-ins (CVE-2022-39161)

Summary When WebSphere Application Server traditional is used with the optionally installed Web Server Plug-ins component, the lack of hostname verification with the Web Plugins could allow an authenticated attacker to conduct spoofing attacks. A man in the middle attacker could conduct an exploi...

5.3CVSS5.2AI score0.00362EPSS
Exploits0Affected Software1
Wired Threat Level
Wired Threat Level
added 2023/07/25 11:0 a.m.23 views

ChatGPT Has a Plug-In Problem

Third-party plug-ins boost ChatGPT’s capabilities. But security researchers say they add an extra layer of risk...

7.1AI score
Exploits0
Veeam
Veeam
added 2023/07/14 12:0 a.m.50 views

Build Numbers and Versions of Veeam Plug-ins for Enterprise Applications

Plug-In Download The latest version of all Plug-Ins for Enterprise Applications can be found at the bottom of the My Products page within the My Portal, in the Application Plug-Ins under Additional downloads. View by Plug-in Build Number View by Veeam Backup & Replication Release This table lists...

5.6AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/10 6:24 a.m.17 views

Security Bulletin: The IBM® Engineering Lifecycle Engineering product using IBM WebSphere Application Server Liberty is vulnerable to spoofing - CVE-2022-39161

Summary IBM WebSphere Application Server Liberty are vulnerable to spoofing via the optional and separately installable Web Server Plug-ins for IBM WebSphere Application Server component. Following IBM® Engineering Lifecycle Engineering products are vulnerable to this attack, it has been addresse...

5.3CVSS5.3AI score0.00362EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/07 11:21 p.m.31 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM WebSphere Remote Server (CVE-2023-35890)

Summary WebSphere Application Server, shipped with IBM WebSphere Remote Server, is vulnerable to spoofing when using Web Server Plug-ins. Information about a security vulnerability affecting WebSphere Application when using Web Server Plug-ins has been published in a security bulletin...

5.5CVSS5.4AI score0.00122EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/08 7:8 a.m.27 views

Security Bulletin: IBM Tivoli Composite Application Manager for Application Diagnostics Installed IBM WebSphere Application Server traditional is vulnerable to spoofing when using Web Server Plug-ins

Summary The security issue described in CVE-2022-39161 has been identified in the WebSphere Application Server traditional included as part of IBM Tivoli Composite Application Manager for Application Diagnostics Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes...

5.3CVSS5.3AI score0.00362EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/30 6:50 p.m.38 views

Security Bulletin: IBM WebSphere Application Server Liberty is vulnerable to spoofing when using Web Server Plug-ins

Summary IBM Security Verify Governance uses IBM WebSphere Application Server .The fix includes upgrading IBM WebSphere Application Server with the security patch. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected...

5.3CVSS5.3AI score0.00362EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/09 1:48 p.m.35 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM WebSphere Remote Server (CVE-2022-39161)

Summary IBM WebSphere Application Server, shipped with IBM WebSphere Remote Server, is vulnerable to spoofing when using Web Server Plug-ins. Information about a security vulnerability affecting IBM WebSphere Application Server when using Web Server Plug-ins has been published in a security...

5.3CVSS5.3AI score0.00362EPSS
Exploits0Affected Software1
OSV
OSV
added 2023/05/03 8:15 p.m.4 views

CVE-2022-39161

IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0, and IBM WebSphere Application Server Liberty, when configured to communicate with the Web Server Plug-ins for IBM WebSphere Application Server, could allow an authenticated user to conduct spoofing attacks. A man-in-the-middle attacker could...

5.3CVSS6.1AI score0.00362EPSS
Exploits0References2
Prion
Prion
added 2023/05/03 8:15 p.m.20 views

Spoofing

IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0, and IBM WebSphere Application Server Liberty, when configured to communicate with the Web Server Plug-ins for IBM WebSphere Application Server, could allow an authenticated user to conduct spoofing attacks. A man-in-the-middle attacker could...

2.1CVSS5.1AI score0.00362EPSS
Exploits0References2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/03 2:12 p.m.60 views

Security Bulletin: IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to spoofing when using Web Server Plug-ins (CVE-2022-39161)

Summary IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to spoofing via the optional and separately installable Web Server Plug-ins for IBM WebSphere Application Server component. This has been addressed in the remediation section. Vulnerability Detail...

5.3CVSS4.9AI score0.00362EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/02 8:38 p.m.90 views

Security Bulletin: IBM WebSphere Application Server and IBM WebSphere Application Server Liberty, which are bundled with IBM Cloud Pak for Applications, are vulnerable to spoofing when using Web Server Plug-ins (CVE-2022-39161)

Summary IBM WebSphere Application Server and IBM WebSphere Application Server Liberty, which are bundled with IBM Cloud Pak for Applications, are vulnerable to spoofing when using Web Server Plug-ins CVE-2022-39161 Vulnerability Details Refer to the security bulletins listed in the...

5.3CVSS5.3AI score0.00362EPSS
Exploits0Affected Software1
Rows per page
Query Builder