CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

122 matches found

IBM Security Bulletins•added 3 days ago•5 views

Security Bulletin: IBM Transformation Advisor is affected by multiple vulnerabilities found in Node.js

Summary There are multiple vulnerabilities in Node.js used by IBM Transformation Advisor. Vulnerability Details CVEID:CVE-2026-44664 DESCRIPTION: fast-xml-builder builds XML from JSON. In 1.1.5, the fix for CVE-2026-41650 in fast-xml-parser sanitizes -- sequences in XML comment content using...

6.1CVSS5.9AI score0.00012EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 3 days ago•6 views

Security Bulletin: IBM Transformation Advisor is affected by multiple vulnerabilities found in Node.js

Summary There are multiple vulnerabilities in Node.js used by IBM Transformation Advisor. Vulnerability Details CVEID:CVE-2026-41238 DESCRIPTION: DOMPurify is a DOM-only cross-site scripting sanitizer for HTML, MathML, and SVG. Versions 3.0.1 through 3.3.3 are vulnerable to a prototype...

6.9CVSS5.8AI score0.00059EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2026/04/28 1:6 p.m.•8 views

Security Bulletin: IBM Transformation Advisor is affected by multiple vulnerabilities found in Java, JavaScript and IBM WebSphere Application Server Liberty

Summary There are multiple vulnerabilities in Java, JavaScript and IBM WebSphere Application Server Liberty used by IBM Transformation Advisor. Vulnerability Details CVEID:CVE-2026-33151 DESCRIPTION: Socket.IO is an open source, real-time, bidirectional, event-based, communication framework. Prio...

9.8CVSS7.4AI score0.0008EPSS

Exploits2Affected Software1

IBM Security Bulletins•added 2026/04/16 3:15 p.m.•3 views

Security Bulletin: IBM Transformation Advisor is affected by multiple vulnerabilities found in Node.js

Summary There are multiple vulnerabilities in Node.js used by IBM Transformation Advisor. Vulnerability Details CVEID:CVE-2026-2359 DESCRIPTION: Multer is a node.js middleware for handling multipart/form-data. A vulnerability in Multer prior to version 2.1.0 allows an attacker to trigger a Denial...

8.7CVSS5.8AI score0.00019EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2025/11/26 10:31 a.m.•19 views

Security Bulletin: IBM Transformation Advisor is affected by multiple vulnerabilities found in Java and Node.js

Summary There are multiple vulnerabilities in Java and Node.js used by IBM Transformation Advisor. Vulnerability Details CVEID:CVE-2025-57353 DESCRIPTION: The Runtime components of messageformat package for Node.js before 3.0.2 contain a prototype pollution vulnerability. Due to insufficient...

7.5CVSS6.4AI score0.00469EPSS

Exploits2Affected Software1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-26622

Malicious code in bioql PyPI...

8.4CVSS6.5AI score0.00016EPSS

Exploits0References2

IBM Security Bulletins•added 2025/09/24 2:59 p.m.•4 views

Security Bulletin: IBM Transformation Advisor is affected by multiple vulnerabilities found in Java, Node.js and IBM WebSphere Application Server Liberty

Summary There are multiple vulnerabilities in Java, Node.js and IBM WebSphere Application Server Liberty used by IBM Transformation Advisor. Vulnerability Details CVEID:CVE-2025-36047 DESCRIPTION: IBM WebSphere Application Server Liberty 18.0.0.2 through 25.0.0.8 is vulnerable to a denial of...

8.1CVSS6.6AI score0.02123EPSS

Exploits1Affected Software1

RedhatCVE•added 2025/09/05 8:8 p.m.•2 views

CVE-2025-36193

IBM Transformation Advisor 2.0.1 through 4.3.1 incorrectly assigns privileges to security critical files which could allow a local root escalation inside a container running the IBM Transformation Advisor Operator Catalog image...

8.4CVSS6.8AI score0.00016EPSS

Exploits0References1

OSV•added 2025/09/03 7:15 p.m.•0 views

CVE-2025-36193

6.7CVSS5.8AI score

Exploits0References1

Cvelist•added 2025/09/03 7:0 p.m.•4 views

CVE-2025-36193 IBM Transformation Advisor incorrect permissions

8.4CVSS0.00016EPSS

Exploits0References1

Vulnrichment•added 2025/09/03 7:0 p.m.•1 views

CVE-2025-36193 IBM Transformation Advisor incorrect permissions

8.4CVSS6.2AI score0.00016EPSS

Exploits0References1

IBM Security Bulletins•added 2025/09/03 6:1 p.m.•4 views

Security Bulletin: IBM Transformation Advisor is affected by a vulnerability found in a container (CVE-2025-36193)

Summary IBM Transformation Advisor is vulnerable to a privilege escalation vulnerability inside a container running the IBM Transformation Advisor Operator Catalog image. Vulnerability Details CVEID:CVE-2025-36193 DESCRIPTION: IBM Transformation Advisor incorrectly assigns privileges to security...

8.4CVSS6.8AI score0.00016EPSS

Exploits0Affected Software1

Positive Technologies•added 2025/09/03 12:0 a.m.•2 views

PT-2025-35826

Name of the Vulnerable Software and Affected Versions IBM Transformation Advisor versions 2.0.1 through 4.3.1 Description IBM Transformation Advisor incorrectly assigns privileges to security critical files. This could allow a local root escalation within a container running the IBM Transformatio...

8.4CVSS5.8AI score0.00016EPSS

Exploits0References6

CNNVD•added 2025/09/03 12:0 a.m.•0 views

IBM Transformation Advisor 安全漏洞

IBM Transformation Advisor is an application modernization separation and migration assessment tool from International Business Machines IBM. A security vulnerability exists in IBM Transformation Advisor versions 2.0.1 through 4.3.1, which stems from an improper assignment of privileges and could...

8.4CVSS6.3AI score0.00016EPSS

Exploits0References1

IBM Security Bulletins•added 2025/08/28 3:51 p.m.•4 views

Security Bulletin: IBM Transformation Advisor is affected by vulnerability found in Node.js (CVE-2025-7338)

Summary There is a vulnerability in Node.js used by IBM Transformation Advisor, The issues have been addressed in an update. Vulnerability Details CVEID:CVE-2025-7338 DESCRIPTION: Multer is a node.js middleware for handling multipart/form-data. A vulnerability that is present starting in version...

7.5CVSS9.1AI score0.0004EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2025/08/18 10:29 a.m.•7 views

Security Bulletin: IBM Cloud Transformation Advisor is affected by multiple vulnerabilities found in Java and Node.js (CVE-2025-48924, CVE-2025-4949)

Summary There are multiple vulnerabilities in Java and Node.js used by IBM Cloud Transformation Advisor. Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with...

6.8CVSS7.4AI score0.00197EPSS

Exploits1Affected Software1

RedhatCVE•added 2025/05/23 12:53 a.m.•4 views

CVE-2022-41299

IBM Cloud Transformation Advisor 2.0.1 through 3.3.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force...

5.4CVSS6.1AI score0.0053EPSS

Exploits0References1

IBM Security Bulletins•added 2025/05/06 9:46 a.m.•24 views

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to a vulnerability found in Node.js

Summary There is a vulnerability in Node.js used by IBM Cloud Transformation Advisor CVE-2024-57699. Vulnerability Details CVEID:CVE-2024-57699 DESCRIPTION: A security issue was found in Netplex Json-smart 2.5.0 through 2.5.1. When loading a specially crafted JSON input, containing a large number...

7.5CVSS6.9AI score0.00058EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2025/04/29 2:35 a.m.•83 views

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities

Summary IBM Cloud Transformation Advisor has addressed multiple security vulnerabilities listed herein. Vulnerability Details CVEID:CVE-2023-49569 DESCRIPTION: go-git could allow a remote attacker to traverse directories on the system. By sending a specially crafted request using the ChrootOS...

9.8CVSS10AI score0.04945EPSS

Exploits5Affected Software1

IBM Security Bulletins•added 2025/04/15 2:54 a.m.•47 views

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities found in Java, Node.js and IBM WebSphere Application Server Liberty

Summary There are multiple vulnerabilities in Java, Node.js and IBM WebSphere Application Server Liberty used by IBM Cloud Transformation Advisor. Vulnerability Details CVEID:CVE-2024-22020 DESCRIPTION: Node.js could allow a remote attacker to execute arbitrary code on the system. By embedding...

8CVSS10AI score0.01561EPSS

Exploits6Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by