Lucene search
K

786 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-52421

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00976EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-30802

Malicious code in bioql PyPI...

5.5CVSS5.8AI score0.00195EPSS
Exploits0References2
OSV
OSV
added 2025/09/12 11:46 a.m.4 views

BIT-NIFI-2020-13940

In Apache NiFi 1.0.0 to 1.11.4, the notification service manager and various policy authorizer and user group provider objects allowed trusted administrators to inadvertently configure a potentially malicious XML file. The XML file has the ability to make external calls to services via XXE...

5.5CVSS6.9AI score0.01911EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2016-3900

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cmds/servicemanager/servicemanager.c in ServiceManager in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 does...

9.3CVSS7.5AI score0.00557EPSS
Exploits0References2
Trellix
Trellix
added 2025/09/08 12:0 a.m.7 views

Silent Pivot: Detecting Fileless Lateral Movement via Service Manager with Trellix NDR

Silent Pivot: Detecting Fileless Lateral Movement via Service Manager with Trellix NDR By Maulik Maheta and Lishoy Mathew · September 8, 2025 Executive summary The tactics of cyber adversaries continue to evolve as they attempt to bypass security vendors. Rather than traditional malware, today’s...

6.1AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/08/30 6:19 p.m.6 views

CVE-2025-31979

A File Upload Validation Bypass vulnerability has been identified in the HCL BigFix SM, where the application fails to properly enforce file type restrictions during the upload process. An attacker may exploit this flaw to upload malicious or unauthorized files, such as scripts, executables, or w...

5.4CVSS7AI score0.00194EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/13 5:15 p.m.3 views

Malicious code in f0-service-manager (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 3c1c79e59e1f33e79ec5042730e0bfb49f02f35acd0399884dbdac006aebcbbd The OpenSSF Package Analysis project identified 'f0-service-manager' @ 4.1.0 npm as malicious. It is considered malicious because: - The package...

6.9AI score
Exploits0
OSV
OSV
added 2025/08/13 5:15 p.m.2 views

MAL-2025-6866 Malicious code in f0-service-manager (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 3c1c79e59e1f33e79ec5042730e0bfb49f02f35acd0399884dbdac006aebcbbd The OpenSSF Package Analysis project identified 'f0-service-manager' @ 4.1.0 npm as malicious. It is considered malicious because: - The package...

7.1AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2025/07/22 9:12 p.m.3 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Business Service Manager (CVE-2025-21587, CVE-2025-30698, CVE-2025-4447)

Summary IBM® SDK, Java™ Technology Edition is shipped as a component of IBM Tivoli Business Service Manager. Information about security vulnerabilities affecting IBM® SDK, Java™ Technology Edition has been published in a security bulletin. Vulnerability Details Refer to the security bulletins...

7.8CVSS6.9AI score0.0073EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/07/02 3:26 p.m.10 views

Security Bulletin: IBM Tivoli Business Service Manager is vulnerable to improper access control due to Apache Commons BeanUtils (CVE-2025-23184)

Summary Apache Commons BeanUtils is shipped with IBM Tivoli Business Service Manager as part of its backend process to handle Java Beans. Information about a security vulnerability affecting Apache Commons BeanUtils has been published in a security bulletin. Vulnerability Details...

8.8CVSS6.8AI score0.01941EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/07/02 3:25 p.m.3 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Business Service Manager

Summary IBM® SDK, Java™ Technology Edition is shipped as a component of IBM Tivoli Business Service Manager. Information about security vulnerabilities affecting IBM® SDK, Java™ Technology Edition has been published in a security bulletin. Vulnerability Details CVEID:CVE-2024-21235 DESCRIPTION:...

5.3CVSS5.5AI score0.01157EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/07/02 2:50 p.m.5 views

Security Bulletin: IBM Tivoli Business Service Manager is vulnerable to denial of service attack due to Apache CXF (CVE-2025-23184)

Summary Apache CXF is shipped with IBM Tivoli Business Service Manager as part of the web services framework. Information about a security vulnerability affecting Apache CXF has been published in a security bulletin. Vulnerability Details CVEID:CVE-2025-23184 DESCRIPTION: A potential denial of...

7.5CVSS5.3AI score0.01941EPSS
Exploits0Affected Software1
Fedora
Fedora
added 2025/06/03 1:27 a.m.10 views

[SECURITY] Fedora 41 Update: systemd-256.15-1.fc41

systemd is a system and service manager that runs as PID 1 and starts the rest of the system. It provides aggressive parallelization capabilities, uses sock et and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux control groups,...

4.7CVSS4.9AI score0.00641EPSS
Exploits1
Fedora
Fedora
added 2025/06/01 1:23 a.m.12 views

[SECURITY] Fedora 42 Update: systemd-257.6-1.fc42

systemd is a system and service manager that runs as PID 1 and starts the rest of the system. It provides aggressive parallelization capabilities, uses sock et and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux control groups,...

4.7CVSS4.9AI score0.00641EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 10:8 a.m.3 views

CVE-2024-3250

It was discovered that Canonical's Pebble service manager read-file API and the associated pebble pull command, before v1.10.2, allowed unprivileged local users to read files with root-equivalent permissions when Pebble was running as root. Fixes are also available as backports to v1.1.1, v1.4.2,...

6.5CVSS6.5AI score0.00201EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:10 p.m.6 views

CVE-2021-38560

Ivanti Service Manager 2021.1 allows reflected XSS via the appName parameter associated with ConfigDB calls, such as in RelocateAttachments.aspx...

6.1CVSS5.8AI score0.02893EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:44 p.m.10 views

CVE-2021-39806

In closef of labelbackendsandroid.c, there is a possible way to corrupt memory due to a double free. This could lead to local escalation of privilege during startup of servicemanager, if an attacker can trigger an initialization failure, with no additional execution privileges needed. User...

7.8CVSS7.1AI score0.00104EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:35 p.m.6 views

CVE-2020-9521

An SQL injection vulnerability was discovered in Micro Focus Service Manager Automation SMA, affecting versions 2019.08, 2019.05, 2019.02, 2018.08, 2018.05, 2018.02. The vulnerability could allow for the improper neutralization of special elements in SQL commands and may lead to the product being...

8.8CVSS8.1AI score0.01138EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:54 p.m.6 views

CVE-2020-9518

Login filter can access configuration files vulnerability in Micro Focus Service Manager Web Tier, affecting versions 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow unauthorized access to configuration data...

5.3CVSS6.8AI score0.00862EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:54 p.m.5 views

CVE-2020-9519

HTTP methods reveled in Web services vulnerability in Micro Focus Service manager server, affecting versions 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63. The vulnerability could be exploited to allow exposure of configuration data...

5.3CVSS6.9AI score0.00862EPSS
Exploits0References1
Rows per page
Query Builder