1649 matches found
Vehicle Service Management System 1.0 - Stored Cross Site Scripting
Vehicle Service Management System 1.0 contains a stored cross-site scripting vulnerability via the Service List section in login panel. id: CVE-2021-46072 info: name: Vehicle Service Management System 1.0 - Stored Cross Site Scripting author: TenBird severity: medium description: | Vehicle Servic...
Vehicle Service Management System 1.0 - Stored Cross Site Scripting
Vehicle Service Management System 1.0 contains a stored cross-site scripting vulnerability via the Mechanic List section in login panel. id: CVE-2021-46069 info: name: Vehicle Service Management System 1.0 - Stored Cross Site Scripting author: TenBird severity: medium description: | Vehicle Servi...
Vehicle Service Management System 1.0 - Cross Site Scripting
Vehicle Service Management System 1.0 contains a cross-site scripting vulnerability via the User List section in login panel. id: CVE-2021-46073 info: name: Vehicle Service Management System 1.0 - Cross Site Scripting author: TenBird severity: medium description: | Vehicle Service Management Syst...
ehicle Service Management System 1.0 - Cross-Site Scripting
Vehicle Service Management System 1.0 contains a stored cross-site scripting vulnerability via the Category List section in login panel. id: CVE-2021-46071 info: name: ehicle Service Management System 1.0 - Cross-Site Scripting author: TenBird severity: medium description: | Vehicle Service...
Vehicle Service Management System - Stored Cross-Site Scripting
A Stored Cross Site Scripting XSS vulnerability exists in Vehicle Service Management System 1.0 via the My Account Section in login panel. id: CVE-2021-46068 info: name: Vehicle Service Management System - Stored Cross-Site Scripting author: TenBird severity: medium description: | A Stored Cross...
Security Bulletin: IBM WebSphere Application Server shipped with Jazz for Service Management (JazzSM) is affected by server-side request forgery
Summary IBM WebSphere Application Server shipped with Jazz for Service Management JazzSM is affected by server-side request forgery CVE-2026-9006 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products| Version...
Security Bulletin: IBM WebSphere Application Server shipped with Jazz for Service Management (JazzSM) is affected by an authentication bypass vulnerability
Summary IBM WebSphere Application Server shipped with Jazz for Service Management JazzSM is affected by an authentication bypass vulnerability CVE-2026-10845 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected...
Security Bulletin: IBM WebSphere Application Server shipped with Jazz for Service Management (JazzSM) is affected by multiple vulnerabilities
Summary IBM WebSphere Application Server shipped with Jazz for Service Management JazzSM is affected by multiple vulnerabilities CVE-2026-8646, CVE-2026-9320, CVE-2026-9071 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions...
Prototype Pollution axios Dependency in Jira Service Management Data Center and Server
This is a vulnerability in a non-Atlassian dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity Prototype Pollution vulnerability was introduced in versions 10.3.0 and 11.3.0 of Jira Service Management Data Center and Server...
RCE (Remote Code Execution) axios Dependency in Jira Service Management Data Center
This High severity RCE Remote Code Execution vulnerability was introduced in versions 5.17.2, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.1, 11.0.0, 11.1.0, 11.2.0, and 11.3.0 of Jira Service Management Data Center. This RCE Remote Code Execution vulnerability, with a CVSS Score ...
DoS (Denial of Service) io.netty:netty-codec-http2 Dependency in Jira Service Management Data Center
This High severity DoS Denial of Service vulnerability was introduced in versions 5.17.0, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.1, 11.0.0, 11.1.0, 11.2.0, and 11.3.0 of Jira Service Management Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 8.7 a...
HTTP Request Smuggling io.netty:netty-codec-http Dependency in Jira Service Management Data Center
This is a vulnerability in a non-Atlassian Jira dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This High severity HTTP Request Smuggling vulnerability was introduced in versions 10.3.0 and 11.3.0 of Jira Service Management Data Center. This HT...
The Hidden Security Risk in Modern Networks: The Work Between Tools
Organizations have more visibility than ever. Growing tech stacks provide greater coverage, and network security teams are increasingly adopting AI and automation to help with routine tasks and reduce manual effort. But the same challenges persist. Outages still last hours, causing significant...
CVE-2025-31985
HCL BigFix Service Management SM is affected by a security misconfiguration due to a missing or insecure “X-Content-Type-Options” header. This could allow browsers to perform MIME-type sniffing, potentially causing malicious content to be interpreted and executed incorrectly...
CVE-2025-31974
HCL BigFix Service Management SM is susceptible to a Root File System Not Mounted as Read-Only. An improperly configured root file system may allow unintended modifications to critical system components, potentially increasing the risk of system compromise or unauthorized changes...
CVE-2025-31983
HCL BigFix Service Management SM is affected by a security misconfiguration vulnerability due to CSP header. This could allow attackers to inject malicious scripts increasing the risk of cross-site scripting XSS and potential exposure of sensitive information...
CVE-2025-31984
HCL BigFix Service Management SM is affected by a security misconfiguration due to a missing or insecure “X-Content-Type-Options” header. This could allow browsers to perform MIME-type sniffing, potentially causing malicious content to be interpreted and executed incorrectly...
CVE-2025-31975
HCL BigFix Service Management SM is affected by an Information Disclosure – Server Banner issue was identified. Exposed server banners may reveal software versions and system details, potentially aiding attackers in targeting known vulnerabilities...
CVE-2025-31982
HCL BigFix Service Management SM had directories that were not linked or publicly visible but could be accessed directly. This could allow an increased risk of information disclosure or misuse of sensitive functionality...
CVE-2025-31959
HCL BigFix Service Management SM application fails to strip EXIF metadata from uploaded images. This could lead to confidentiality and privacy risks if sensitive location information is unintentionally shared...