CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

30 matches found

Positive Technologies•added 2026/05/22 12:0 a.m.•6 views

PT-2026-42763

Name of the Vulnerable Software and Affected Versions Avantra versions prior to 25.3.0 Description An issue in syslink software AG Avantra on Linux and Windows allows the use of common or default usernames and passwords to gain unauthorized access. Recommendations Update to version 25.3.0 or late...

5.1CVSS5.8AI score0.00014EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-58802

Malicious code in bioql PyPI...

7.5CVSS7AI score0.00067EPSS

Exploits0References2

RedhatCVE•added 2025/05/23 8:39 a.m.•5 views

CVE-2024-23733

The /WmAdmin/,/invoke/vm.server/login login page in the Integration Server in Software AG webMethods 10.15.0 before CoreFix7 allows remote attackers to reach the administration panel and discover hostname and version information by sending an arbitrary username and a blank password to the...

7.5CVSS7.1AI score0.18099EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 2:6 a.m.•4 views

CVE-2023-6578

A vulnerability classified as critical has been found in Software AG WebMethods 10.11.x/10.15.x. Affected is an unknown function of the file wm.server/connect/. The manipulation leads to improper access controls. It is possible to launch the attack remotely. To access a file like /assets/ a popup...

7.5CVSS6.9AI score0.00067EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 5:9 p.m.•3 views

CVE-2020-35469

The Software AG Terracotta Server OSS Docker image 5.4.1 contains a blank password for the root user. Systems deployed using affected versions of the Terracotta Server OSS container may allow a remote attacker to achieve root access with a blank password...

10CVSS7.3AI score0.02014EPSS

Exploits0

NVD•added 2025/01/29 10:15 p.m.•10 views

CVE-2024-23733

7.5CVSS0.18099EPSS

Exploits1References1

Positive Technologies•added 2025/01/29 12:0 a.m.•5 views

PT-2025-2365 · Software Ag · Webmethods

Name of the Vulnerable Software and Affected Versions: Software AG webMethods versions 10.15.0 before Core Fix7 Description: The issue allows remote attackers to reach the administration panel and discover hostname and version information by sending an arbitrary username and a blank password to t...

7.5CVSS7.5AI score0.18099EPSS

Exploits1References6

Vulnrichment•added 2025/01/29 12:0 a.m.•6 views

CVE-2024-23733

7.6AI score0.18099EPSS

Exploits1References1

Cvelist•added 2025/01/29 12:0 a.m.•11 views

CVE-2024-23733

0.18099EPSS

Exploits1References1

CVE•added 2025/01/29 12:0 a.m.•57 views

CVE-2024-23733

Software AG webMethods 10.15.0 is affected by CVE-2024-23733 due to an authentication bypass on the admin login page. The vulnerability exists in the WmAdmin login endpoint (/WmAdmin/#/login/) and allows remote attackers to reach the administration panel and reveal hostname and version informatio...

7.5CVSS6.8AI score0.18099EPSS

Exploits1References1

CNNVD•added 2025/01/29 12:0 a.m.•2 views

Software AG webMethods 安全漏洞

Software AG webMethods is Software AG's suite of integration and application development tools used to help organizations with tasks such as application integration, data integration, business process management, and application development. webMethods is designed to help organizations better...

7.5CVSS6.8AI score0.18099EPSS

Exploits1References2

Packet Storm•added 2024/04/01 12:0 a.m.•415 views

ARIS: Business Process Management 10.0.21.0 Cross Site Scripting

Exploit Title: Stored Cross-Site Scripting XSS in ARIS: Business Process Management Edition Version 10.0.21.0 Exploit Author: Seid Yassin Date: 2024-03-28 Vendor: Software AG Software Link: https://aris.com/ Version: ARIS: Business Process Management Description: Discovered a file upload feature...

7.4AI score

Exploits0

OSV•added 2023/12/07 9:15 p.m.•1 views

CVE-2023-6578

6.5CVSS5.4AI score

Exploits0References2

NVD•added 2023/12/07 9:15 p.m.•8 views

CVE-2023-6578

7.5CVSS0.00067EPSS

Exploits0References2

Prion•added 2023/12/07 9:15 p.m.•10 views

Improper access control

7.5CVSS7.1AI score0.00067EPSS

Exploits0References2Affected Software1

CVE•added 2023/12/07 9:0 p.m.•63 views

CVE-2023-6578

Summary (CVE-2023-6578) : Software AG WebMethods versions 10.11.x–10.15.x are affected by an access-control vulnerability in the wm.server/connect/ area. The issue allows remote access by manipulating access controls, potentially exposing internal IPs, ports, and versions when visiting /invoke/wm...

7.5CVSS6.7AI score0.00067EPSS

Exploits0References2Affected Software1

Cvelist•added 2023/12/07 9:0 p.m.•9 views

CVE-2023-6578 Software AG WebMethods access control

7.5CVSS7.4AI score0.00067EPSS

Exploits0References2

CNNVD•added 2023/12/07 12:0 a.m.•1 views

Software AG webMethods Access Control Error Vulnerability

7.5CVSS6.9AI score0.00067EPSS

Exploits0References3

Cvelist•added 2023/09/06 5:27 p.m.•15 views

CVE-2023-0925 Software AG webMethods OneData Deserialization Vulnerability

Version 10.11 of webMethods OneData runs an embedded instance of Azul Zulu Java 11.0.15 which hosts a Java RMI registry listening on TCP port 2099 by default and two RMI interfaces listening on a single, dynamically assigned TCP high port. Port 2099 serves as a Java Remote Method Invocation RMI...

9.6AI score0.00248EPSS

Exploits0References1

CNNVD•added 2023/03/25 12:0 a.m.•1 views

Software AG webMethods 代码问题漏洞

9.8CVSS8.3AI score0.00248EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by