Lucene search
K

68 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2016-6901

Malware in sbrugna...

5.5CVSS5.5AI score0.00315EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/29 2:15 a.m.28 views

Security Bulletin: Rational Asset Analyzer is affected by two WebSphere Application Server vulnerabilities. (CVE-2021-23450, CVE-1999-0001)

Summary WebSphere Application Server Liberty used by Rational Asset Analyzer is vulnerable to remote code execution due to Dojo. This has been addressed. Vulnerability Details CVEID:CVE-2021-23450 DESCRIPTION: Dojo could allow a remote attacker to execute arbitrary code on the system, caused by a...

9.8CVSS9.5AI score0.30367EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/17 6:1 p.m.28 views

Security Bulletin: Rational Asset Analyzer is vulnerable to denial of service due to GraphQL Java (CVE-2022-37734)

Summary There is a vulnerability in IBM WebSphere Application Server Liberty used by Rational Asset Analyzer. This vulnerability is located in the GraphQL Java library used by IBM WebSphere Application Server Liberty, with the mpGraphQL-1.0 or mpGraphQL-2.0 feature enabled. This has been addresse...

7.5CVSS7.3AI score0.02121EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/17 5:29 p.m.18 views

Security Bulletin: Rational Asset Analyzer is vulnerable to HTTP header injection (CVE-2022-34165)

Summary IBM WebSphere Application Server Liberty used by Rational Asset Analyzer is vulnerable to HTTP header injection. This has been addressed. Vulnerability Details CVEID:CVE-2022-34165 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 and IBM WebSphere Application Server...

5.4CVSS5.6AI score0.00441EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/06 11:20 p.m.31 views

Security Bulletin: Rational Asset Analyzer is vulnerable to an Information disclosure (CVE-2022-22393)

Summary IBM WebSphere Application Server Liberty used by Rational Asset Analyzer could allow an authenticated user to issue a request to obtain the status of HTTP/HTTPS ports which are accessible by the application server. This has been addressed. Vulnerability Details CVEID:CVE-2022-22393...

6.5CVSS4.9AI score0.00678EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/06 11:18 p.m.10 views

Security Bulletin: Rational Asset Analyzer is vulnerable to identity spoofing by an authenticated user using a specially crafted request (CVE-2022-22476)

Summary IBM WebSphere Application Server Liberty used by Rational Asset analyzer is vulnerable to identity spoofing by an authenticated user using a specially crafted request. This has been addressed. Vulnerability Details CVEID:CVE-2022-22476 DESCRIPTION: IBM WebSphere Application Server Liberty...

8.8CVSS6.5AI score0.0077EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/06 11:14 p.m.18 views

Security Bulletin: Rational Asset analyzer is vulnerable to spoofing due to Eclipse Paho (CVE-2019-11777)

Summary IBM WebSphere Application Server Liberty used by Rational Asset Analyzer is vulnerable to spoofing in the Eclipse Paho library with the rtcomm-1.0 or rtcommGateway-1.0 feature enabled. This has been addressed. Vulnerability Details CVEID:CVE-2019-11777 DESCRIPTION: Eclipse Paho Java clien...

7.5CVSS7.4AI score0.00827EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/06 11:10 p.m.29 views

Security Bulletin: Rational Asset Analyzer is vulnerable to Identity Spoofing (CVE-2022-22475)

Summary IBM WebSphere Application Server Liberty used by Rational Asset analyzer is vulnerable to identity spoofing with the appSecurity-1.0, appSecurity-2.0, appSecurity-3.0 or appSecurity-4.0 feature enabled. This has been addressed. Vulnerability Details CVEID:CVE-2022-22475 DESCRIPTION: IBM...

6.5CVSS5.7AI score0.00564EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/05/19 5:52 p.m.21 views

Security Bulletin: Rational Asset Analyzer is affected by two WebSphere Application Server vulnerabilities. (CVE-2021-39038, CVE-1999-0002)

Summary WebSphere Application Server used by Rational Asset analyzer is vulnerable to Clickjacking. This has been addressed. Vulnerability Details CVEID: CVE-2021-39038 DESCRIPTION: IBM WebSphere Application Server 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.2 could...

10CVSS1.3AI score0.27858EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/05/05 5:0 p.m.15 views

Security Bulletin: Rational Asset Analyzer is affected by a WebSphere Application Server vulnerability (CVE-2022-22310).

Summary WebSphere Application Server Liberty used by Rational Asset Analyzer is vulnerable to an Information Disclosure attack. This has been addressed. Vulnerability Details CVEID:CVE-2022-22310 DESCRIPTION: IBM WebSphere Application Server Liberty 21.0.0.10 through 21.0.0.12 could provide weake...

6.5CVSS6.1AI score0.01012EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/05/05 4:58 p.m.40 views

Security Bulletin: A vulnerability in IBM® SDK, Java™ may affect Rational Asset Analyzer (CVE-2021-35550)

Summary There is a vulnerability in IBM® Java™ version 8 used by Rational Asset Analyzer. This has been addressed. Vulnerability Details CVEID: CVE-2021-35550 DESCRIPTION: An unspecified vulnerability in Java SE related to the JSSE component could allow an unauthenticated attacker to obtain...

7.1CVSS1.2AI score0.06868EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/05/05 4:56 p.m.32 views

Security Bulletin: Rational Asset Analyzer is affected by two WebSphere Application Server vulnerabilities (CVE-2018-25031, CVE-2021-46708)

Summary There are multiple vulnerabilities in the swagger-ui library used by IBM WebSphere Application Server Liberty. These vulnerabilities could allow spoofing attacks or clickjacking vulnerabilities. This has been addressed. Vulnerability Details CVEID: CVE-2018-25031 DESCRIPTION: swagger-ui...

6.1CVSS2.4AI score0.42326EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/05/05 4:54 p.m.27 views

Security Bulletin: A vulnerability in IBM® SDK, Java™ affects Rational Asset Analyzer (CVE-2021-35603)

Summary There is a vulnerability in IBM® Java™ version 8 used by Rational Asset Analyzer. This has been addressed. Vulnerability Details CVEID: CVE-2021-35603 DESCRIPTION: An unspecified vulnerability in Java SE related to the JSSE component could allow an unauthenticated attacker to obtain...

4.3CVSS1.1AI score0.04104EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/01/12 11:27 p.m.26 views

Security Bulletin: Rational Asset Analyzer (RAA) is vulnerable to arbitrary code execution due to Apache Log4j (CVE-2021-4104)

Summary A vulnerability in Apache Log4j CVE-2021-4104 affects WebSphere Application Server WAS Liberty which is used by RAA. The vulnerability was addressed by removing Apache Log4j from WAS Liberty. Vulnerability Details CVEID: CVE-2021-4104 DESCRIPTION: Apache Log4j could allow a remote attacke...

7.5CVSS2.4AI score0.81147EPSS
Exploits9Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/14 3:31 a.m.21 views

Security Bulletin: Rational Asset Analyzer is affected by vulnerabilities in WebSphere Application Server Liberty.

Summary Rational Asset Analyzer team has addressed the following vulnerabilities in WebSphere Application Server Liberty: CVE-2021-35517 and CVE-2021-36090 Vulnerability Details CVEID: CVE-2021-35517 DESCRIPTION: Apache Commons Compress is vulnerable to a denial of service, caused by an out of...

7.5CVSS7.8AI score0.13292EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/14 3:28 a.m.49 views

Security Bulletin: Vulnerabilities in IBM Java affecting IBM Rational Asset Analyzer.

Summary Multiple vulnerabilities are identified in IBM® SDK Java™ Technology Edition Version 1.8 that is used by IBM Rational Asset Analyzer. These issues were disclosed as part of the IBM Java SDK updates in October 2021 . Vulnerability Details CVEID: CVE-2021-35560 DESCRIPTION: An unspecified...

9.8CVSS7.1AI score0.14839EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/09/23 4:54 p.m.27 views

Security Bulletin: Rational Asset Analyzer is affected by a WebSphere Application Server vulnerability.

Summary WebSphere Application Server Liberty used by Rational Asset Analyzer is vulnerable to an XML External Entity Injection XXE vulnerability. This has been addressed. Vulnerability Details CVEID: CVE-2021-20492 DESCRIPTION: IBM WebSphere Application Server 8.0, 8.5, 9.0, and Liberty Java Batc...

8.2CVSS1.4AI score0.02071EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/06/25 8:12 p.m.24 views

Security Bulletin: Rational Asset Analyzer (RAA) is affected by a WebSphere Application Server vulnerability (CVE-2021-26296)

Summary Rational Asset Analyzer RAA has addressed the following vulnerability: CVE-2021-26296 Vulnerability Details CVEID: CVE-2021-26296 DESCRIPTION: Apache MyFaces is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading an authenticated...

7.5CVSS1AI score0.03026EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/06/25 8:10 p.m.22 views

Security Bulletin: Rational Asset Analyzer is affected by a vulnerability in WebSphere Application Server Liberty (CVE-2020-5258)

Summary Rational Asset Analyzer team has addressed the following vulnerability: CVE-2020-5258. Vulnerability Details CVEID: CVE-2020-5258 DESCRIPTION: Dojo dojo could allow a remote attacker to inject arbitrary code on the system, caused by a prototype pollution flaw. By injecting other values, a...

7.7CVSS2.1AI score0.04023EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/05/05 9:18 p.m.29 views

Security Bulletin: A vulnerabilities in IBM Java affects IBM Rational Asset Analyzer.

Summary A vulnerability identified in IBM® SDK Java™ Technology Edition Version 1.8 that is used by IBM Rational Asset Analyzer. These issues were disclosed as part of the IBM Java SDK updates in January 2021. Vulnerability Details CVEID: CVE-2020-14782 DESCRIPTION: An unspecified vulnerability i...

4.3CVSS1.8AI score0.02245EPSS
Exploits0Affected Software1
Rows per page
Query Builder