CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

ATTACKERKB•added 2026/02/17 9:49 p.m.•4 views

CVE-2023-38005

IBM Cloud Pak System 2.3.3.6, 2.3.3.7, 2.3.4.0, 2.3.4.1, and 2.3.5.0 could allow an authenticated user to perform unauthorized tasks due to improper access controls...

4.3CVSS5.5AI score0.00012EPSS

Exploits0References2Affected Software1

NVD•added 2026/02/17 8:22 p.m.•4 views

CVE-2023-38265

IBM Cloud Pak System 2.3.3.6, 2.3.3.7, 2.3.4.0, 2.3.4.1, and 2.3.5.0 could disclose folder location information to an unauthenticated attacker that could aid in further attacks against the system...

5.3CVSS0.00049EPSS

Exploits0References1

ATTACKERKB•added 2026/02/17 7:6 p.m.•3 views

CVE-2023-38265

IBM Cloud Pak System 2.3.3.6, 2.3.3.7, 2.3.4.0, 2.3.4.1, and 2.3.5.0 could disclose folder location information to an unauthenticated attacker that could aid in further attacks against the system...

5.3CVSS5.5AI score0.00049EPSS

Exploits0References2Affected Software1

CNNVD•added 2025/06/30 12:0 a.m.•1 views

IBM Cloud Pak System 安全漏洞

IBM Cloud Pak System is a full-stack, converged infrastructure with configurable, pre-integrated software from International Business Machines IBM. The product supports deploying, managing, and moving application environments across hybrid clouds. A security vulnerability exists in IBM Cloud Pak...

5.4CVSS6.6AI score0.00093EPSS

Exploits0References2

IBM Security Bulletins•added 2024/10/30 10:22 a.m.•35 views

Security Bulletin: Unspecified Vulnerability in IBM Java SDK affect Cloud Pak System [CVE-2023-22045, CVE-2023-22049]

Summary Unspecified Vulnerability in IBM Java SDK affect WebSphere Application Server Patterns shipped with Cloud Pak System. Vulnerability Details CVEID:CVE-2023-22045 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow a remote attacker to cause low...

3.7CVSS5AI score0.00141EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2024/10/29 10:37 a.m.•50 views

Security Bulletin: Multiple Vulnerabilities in http-server affect Cloud Pak System

Summary Multiple Vulnerabilities in http-server affect Cloud Pak System. Vulnerability Details CVEID:CVE-2024-38474 DESCRIPTION: Apache HTTP Server could allow a remote attacker to execute arbitrary code on the system, caused by a substitution encoding issue in modrewrite. By sending a specially...

9.8CVSS8.4AI score0.93858EPSS

Exploits3Affected Software1

OSV•added 2022/06/27 5:15 p.m.•1 views

CVE-2022-2140

Elcomplus SmartICS v2.3.4.0 does not neutralize user-controllable input, which allows an authenticated user to inject arbitrary code into specific parameters...

9CVSS7.5AI score0.00362EPSS

Exploits0References1

Positive Technologies•added 2022/06/23 12:0 a.m.•3 views

PT-2022-3471 · Elcomplus · Elcomplus Smartics

Name of the Vulnerable Software and Affected Versions: Elcomplus SmartICS version 2.3.4.0 Description: The issue is related to insufficient filename validation, which allows authenticated administrator-level users to perform path traversal attacks and specify arbitrary files. This can be exploite...

5.5CVSS3.9AI score0.00215EPSS

Exploits0References6

CNNVD•added 2022/06/23 12:0 a.m.•2 views

Elcomplus SmartICS 安全漏洞

Elcomplus LLC SmartICS is a builder for top-level visualization of industrial automation systems from Elcomplus LLC. An access control error vulnerability exists in Elcomplus LLC SmartICS version 2.3.4.0. An authenticated attacker with administrator privileges can exploit this vulnerability to be...

6.8CVSS5.6AI score0.00128EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by