CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

908 matches found

IBM Security Bulletins•added 2018/06/15 7:6 a.m.•11 views

Security Bulletin: A Security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Business Process Manager, WebSphere Process Server and WebSphere Lombardi Edition (CVE-2016-8934)

Summary WebSphere Application Server is shipped as a component of IBM Business Process Manager, WebSphere Process Server, and WebSphere Lombardi Edition. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability...

5.4CVSS1.3AI score0.002EPSS

Exploits0Affected Software5

IBM Security Bulletins•added 2018/06/15 7:6 a.m.•6 views

Security Bulletin: A Security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Business Process Manager, WebSphere Process Server and WebSphere Lombardi Edition

2.1AI score

Exploits0Affected Software3

IBM Security Bulletins•added 2018/06/15 7:6 a.m.•21 views

Security Bulletin: HTML injection vulnerability in Business Space might affect IBM Business Process Manager (CVE-2016-3056)

Summary Some features in Business Space allow end users to create content that can be displayed by other users. In some cases, end users could provide HTML and thus control parts of the layout for other users. Vulnerability Details CVEID: CVE-2016-3056 DESCRIPTION: IBM Business Process Manager is...

5.4CVSS6.4AI score0.00241EPSS

Exploits0Affected Software3

IBM Security Bulletins•added 2018/06/15 7:6 a.m.•14 views

Security Bulletin: Cross Site Scripting vulnerability in IBM Business Process Manager (CVE-2016-5901)

Summary A test page that is vulnerabile to cross site scripting has been packaged with IBM Business Process Manager. Vulnerability Details CVEID: CVE-2016-5901 DESCRIPTION: IBM Business Process Manager is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary...

5.4CVSS1.2AI score0.0017EPSS

Exploits0Affected Software3

IBM Security Bulletins•added 2018/06/15 7:6 a.m.•28 views

Security Bulletin: Security vulnerabilities in IBM SDK for Node.js might affect IBM Business Process Manager (BPM) Configuration Editor (CVE-2014-9748, CVE-2016-1669)

Summary Security vulnerabilities have been reported for IBM SDK for Node.js. IBM Business Process Manager includes a stand-alone tool for editing configuration properties files that is based IBM SDK for Node.js. Vulnerability Details CVEID: CVE-2014-9748 DESCRIPTION: libuv, as used in Node.js is...

9.3CVSS0.5AI score0.01626EPSS

Exploits0Affected Software3

IBM Security Bulletins•added 2018/06/15 7:6 a.m.•26 views

Security Bulletin: Security vulnerabilities in Apache Struts might affect IBM Business Process Manager and WebSphere Lombardi Edition (CVE-2016-1181, CVE-2016-1182, CVE-2015-0899)

Summary Multiple security vulnerabilities have been reported for Apache Struts that is used by IBM Business Process Manager and WebSphere Lombardi Edition. Vulnerability Details CVEID: CVE-2016-1181 DESCRIPTION: Apache Struts could allow a remote attacker to execute arbitrary code on the system,...

8.2CVSS7.9AI score0.69459EPSS

Exploits0Affected Software4

IBM Security Bulletins•added 2018/06/15 7:6 a.m.•19 views

Security Bulletin: Security vulnerability in Apache Commons FileUpload might affect IBM Business Process Manager and WebSphere Lombardi Edition (CVE-2016-3092)

Summary A denial of service vulnerability has been reported for Apache Commons FileUpload 1.3.1 which is used in WebSphere Lombardi Edition and IBM Business Process Manager. Vulnerability Details CVEID: CVE-2016-3092 DESCRIPTION: Apache Tomcat is vulnerable to a denial of service, caused by an...

7.8CVSS0.4AI score0.40246EPSS

Exploits0Affected Software4

IBM Security Bulletins•added 2018/06/15 7:5 a.m.•31 views

Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Business Process Manager, WebSphere Process Server, WebSphere Dynamic Process Edition, and WebSphere Lombardi Edition

Summary WebSphere Application Server is shipped as a component of IBM Business Process Manager, WebSphere Process Server, WebSphere Dynamic Process Edition, and WebSphere Lombardi Edition. Information about security vulnerabilities affecting WebSphere Application Server has been published in...

8.2CVSS6.6AI score0.40246EPSS

Exploits0Affected Software6

IBM Security Bulletins•added 2018/06/15 7:5 a.m.•21 views

Security Bulletin: Security vulnerability in Business Space affects IBM Business Process Manager and WebSphere Process Server (CVE-2014-8912)

Summary Business Space is a user interface framework that is available in WebSphere Process Server and IBM Business Process Manager BPM. In IBM BPM Express Edition and Standard Edition the framework is not used directly by end users, however, it is still available and contributes parts of the...

8.8CVSS0.3AI score0.00769EPSS

Exploits0Affected Software4

IBM Security Bulletins•added 2018/06/15 7:5 a.m.•45 views

7.5CVSS6.8AI score0.03808EPSS

Exploits0Affected Software5

IBM Security Bulletins•added 2018/06/15 7:5 a.m.•26 views

Security Bulletin: Multiple vulnerabilities in WebSphere Application Server affect IBM Business Process Manager, WebSphere Process Server and WebSphere Lombardi Edition (Java CPU April 2016)

10CVSS2.1AI score0.93287EPSS

Exploits1Affected Software5

IBM Security Bulletins•added 2018/06/15 7:5 a.m.•18 views

5.9CVSS1.5AI score0.00264EPSS

Exploits0Affected Software5

IBM Security Bulletins•added 2018/06/15 7:5 a.m.•18 views

Security Bulletin: Incorrect authorization for update of process instance variables in IBM Business Process Manager (CVE-2016-0349)

Summary Due to incorrect authorization for update of process instance variables, users without required permission can update process instance variables in IBM Business Process Manager. Vulnerability Details CVEID: CVE-2016-0349 DESCRIPTION: IBM Business Process Manager allows authenticated users...

6.5CVSS1.9AI score0.00105EPSS

Exploits0Affected Software3

IBM Security Bulletins•added 2018/06/15 7:5 a.m.•55 views

Security Bulletin: Vulnerabilities in IBM SDK for Node.js affect IBM Business Process Manager Configuration Editor

Summary Security vulnerabilities have been reported for IBM SDK for Node.js. IBM Business Process Manager includes a stand-alone tool for editing configuration properties files that is based IBM SDK for Node.js CVE-2016-2086, CVE-2016-2216, CVE-2015-3197, CVE-2016-0705, CVE-2016-0797,...

10CVSS0.9AI score0.36537EPSS

Exploits2Affected Software3

IBM Security Bulletins•added 2018/06/15 7:5 a.m.•17 views

Security Bulletin: Cross-Site scripting vulnerability in IBM Business Process Manager document list control (CVE-2016-0227)

Summary Due to insufficient user input escaping IBM Business Process Manager document list control is vulnerable to Cross-Site scripting. Vulnerability Details CVEID: CVE-2016-0227 DESCRIPTION: IBM Business Process Manager is vulnerable to cross-site scripting, caused by improper validation of...

5.4CVSS0.8AI score0.00241EPSS

Exploits0Affected Software3

IBM Security Bulletins•added 2018/06/15 7:5 a.m.•23 views

Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Business Process Manager and WebSphere Lombardi Edition (CVE-2016-0483, CVE-2016-0475, CVE-2016-0466, CVE-2015-7575, CVE-2016-0448)

Summary WebSphere Application Server WAS is shipped as a component of IBM Business Process Manager BPM and WebSphere Lombardi Edition WLE. Information about security vulnerabilities affecting WebSphere Application Server has been published in security bulletins. There are multiple vulnerabilities...

10CVSS0.5AI score0.09896EPSS

Exploits0Affected Software5

IBM Security Bulletins•added 2018/06/15 7:4 a.m.•21 views

5.4CVSS1.9AI score0.00172EPSS

Exploits0Affected Software5

IBM Security Bulletins•added 2018/06/15 7:4 a.m.•23 views

Security Bulletin: Multiple Cross-Site scripting vulnerabilities in IBM Business Process Manager Process Portal (CVE-2015-8524)

Summary Due to insufficient user input escaping IBM Business Process Manager Process Portal is vulnerable to Cross-Site scripting. Vulnerability Details CVEID: CVE-2015-8524 DESCRIPTION: IBM Business Process Manager is vulnerable to reflected cross-site scripting, which is caused by the improper...

6.1CVSS0.6AI score0.00266EPSS

Exploits0Affected Software3

IBM Security Bulletins•added 2018/06/15 7:4 a.m.•31 views

Security Bulletin: Vulnerabilities in IBM SDK for Node.js affect IBM Business Process Manager Configuration Editor (CVE-2015-8027, CVE-2015-3194, CVE-2015-3195, CVE-2015-3196)

Summary Security vulnerabilities have been reported for IBM SDK for Node.js. IBM Business Process Manager includes a stand-alone tool for editing configuration properties files that is based IBM SDK for Node.js. Vulnerability Details CVEID: CVE-2015-8027 DESCRIPTION: An unspecified vulnerability ...

7.5CVSS0.8AI score0.54488EPSS

Exploits1Affected Software3

IBM Security Bulletins•added 2018/06/15 7:4 a.m.•20 views

Security Bulletin: IBM Business Process Manager authorization checks for process and task deletion are insufficient (CVE-2015-7463)

Summary An API to delete process and task data is incorrectly available for non administrative users. Vulnerability Details CVEID: CVE-2015-7463 DESCRIPTION: IBM Business Process Manager could allow an authenticated user to delete process and task data through a command that should only be...

5.5CVSS1.1AI score0.00085EPSS

Exploits0Affected Software3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by