Lucene search
+L

343 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2021/04/08 8:59 p.m.33 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM InfoSphere BigInsights, including Broken security fixes in IBM Java and IBM SDK, Java Technology Edition Quarterly CPU - Apr 2016 (CVE-2016-0264, CVE-2016-0363)

Summary Security vulnerabilities have been identified in IBM SDK Java™ Technology Edition shipped with IBM InfoSphere BigInsights. Information about security vulnerabilities affecting IBM SDK Java has been published in a security bulletin. Vulnerability Details CVEID: CVE-2016-0264 DESCRIPTION: A...

9.3CVSS0.9AI score0.04382EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/04/08 8:59 p.m.14 views

Security Bulletin: Security vulnerabilities have been identified in IBM SDK Java™ Technology Edition shipped with IBM InfoSphere BigInsights.

Summary Security vulnerabilities have been identified in IBM SDK Java™ Technology Edition shipped with IBM InfoSphere BigInsights. Information about security vulnerabilities affecting IBM SDK Java has been published in a security bulletin. Vulnerability Details Please consult the security bulleti...

2AI score
Exploits0Affected Software1
Prion
Prion
added 2021/03/31 6:15 p.m.22 views

Code injection

On all 7.x versions fixed in 8.0.0, when set up for auto failover, a BIG-IQ Data Collection Device DCD cluster member that receives an undisclosed message may cause the corosync process to abort. This behavior may lead to a denial-of-service DoS and impact the stability of a BIG-IQ high...

5CVSS7.5AI score0.00973EPSS
Exploits0References1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/03/19 6:42 a.m.40 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation for Multiplatforms Oct 2020 CPU (CVE-2020-14782)

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition, Version 7 used by 4.1.0.0 to 4.1.0.3 and Version 8 used by 4.1.0.4 to 4.1.0.6 of IBM Tivoli System Automation for Multiplatforms. These issues were disclosed as part of the IBM Java SDK updates in Oct 2020. Vulnerabili...

4.3CVSS0.2AI score0.02272EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2021/03/11 12:0 a.m.14 views

PRTG Network Monitor 7.x - 22.1.75.1569 XSS Vulnerability

PRTG Network Monitor is prone to a cross-site scripting XSS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is...

5.4CVSS6AI score0.02857EPSS
Exploits3References3
Prion
Prion
added 2021/02/18 8:15 p.m.17 views

Design/Logic Flaw

The Microsoft Windows Installer for Atlassian Bitbucket Server and Data Center before version 6.10.9, 7.x before 7.6.4, and from version 7.7.0 before 7.10.1 allows local attackers to escalate privileges because of weak permissions on the installation directory...

4.6CVSS7.6AI score0.00265EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2021/01/29 7:15 p.m.15 views

Cross site scripting

The dashboard Editor in Hitachi Vantara Pentaho through 7.x - 8.x contains a reflected Cross-site scripting vulnerability, which allows an authenticated remote users to execute arbitrary JavaScript code. Specifically, the vulnerability lies in the 'pho:title' attribute of 'dashboardXml' parameter...

3.5CVSS5.7AI score0.0062EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/01/29 6:41 p.m.23 views

CVE-2020-24665

The Dashboard Editor in Hitachi Vantara Pentaho through 7.x - 8.x contains an XML Entity Expansion injection vulnerability, which allows an authenticated remote users to trigger a denial of service DoS condition. Specifically, the vulnerability lies in the 'dashboardXml' parameter. Remediated in ...

6.5AI score0.01089EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2021/01/15 12:0 a.m.47 views

Security update for nodejs10 (moderate)

openSUSE Security Update: Security update for nodejs10 Announcement ID: openSUSE-SU-2021:0065-1 Rating: moderate References: 1179491 1180553 1180554 Cross-References: CVE-2020-1971 CVE-2020-8265 CVE-2020-8287 Affected Products: openSUSE Leap 15.2 An update that fixes three vulnerabilities is now...

8.1CVSS6.4AI score0.16296EPSS
Exploits6References3
OSV
OSV
added 2021/01/11 2:1 p.m.8 views

SUSE-SU-2021:0060-1 Security update for nodejs10

This update for nodejs10 fixes the following issues: - New upstream LTS version 10.23.1: CVE-2020-8265: use-after-free in TLSWrap High bug in TLS implementation. When writing to a TLS enabled socket, node::StreamBase::Write calls node::TLSWrap::DoWrite with a freshly allocated WriteWrap object as...

8.1CVSS6.2AI score0.16296EPSS
Exploits6References7
CNNVD
CNNVD
added 2021/01/01 12:0 a.m.9 views

Drupal REST/JSON Security Vulnerability

Drupal is an open source content management system developed in PHP by the Drupal community. A security vulnerability exists in Drupal REST/JSON project 7.x-1.x that allows user registration bypass...

9.8CVSS7.3AI score0.0118EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/01/01 12:0 a.m.10 views

Drupal REST/JSON Security Vulnerability

Drupal is an open source content management system developed in PHP by the Drupal community. A security vulnerability exists in Drupal REST/JSON project 7.x-1.x that allows users to enumerate...

7.5CVSS7.1AI score0.01045EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2020/11/20 12:0 a.m.63 views

Drupal 7.x < 7.74 / 8.x < 8.8.11 / 8.9.x < 8.9.9 / 9.0.x < 9.0.8 RCE (SA-CORE-2020-012)

According to its self-reported version, the instance of Drupal running on the remote web server is 7.x prior to 7.74, 8.x prior to 8.8.11, 8.9.x prior to 8.9.9, or 9.0.x prior to 9.0.8. It is, therefore, affected by a remote code execution vulnerability in its file upload functionality due to a...

8.8CVSS8.6AI score0.04304EPSS
Exploits0References6
IBM Security Bulletins
IBM Security Bulletins
added 2020/08/21 9:43 a.m.38 views

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Jan 2020 - CVE-2020-2601 affects IBM Tivoli Composite Application Manager for Transactions-Robotic Response Time

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 ,version 8, that is used by IBM Tivoli Composite Application Manager for Transactions - Robotic Response Time. CVE-2020-2601 was disclosed as part of the IBM Java SDK updates in January 2020. Vulnerability...

6.8CVSS1AI score0.04196EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2020/07/28 12:0 a.m.27 views

Debian: Security Advisory (DLA-2291-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.1AI score0.02305EPSS
Exploits2References4
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/24 10:19 p.m.40 views

Security Bulletin: Java Vulnerability Impacts IBM Control Center

Summary There is a vulnerability in IBM® Runtime Environment Java™ Technology Edition, Version 7 and 8 that is used by IBM Control Center. The issue was disclosed as part of the IBM Java SDK update in April 2018. Vulnerability Details CVEID: CVE-2018-2783 DESCRIPTION: An unspecified vulnerability...

7.4CVSS1.3AI score0.03966EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/24 10:19 p.m.41 views

Security Bulletin: Java Vulnerability Impacts IBM Control Center (CVE-2018-1656)

Summary There is a vulnerability in IBM® Runtime Environment Java™ Technology Edition, Version 7 and 8 that is used by IBM Control Center. This issue was disclosed as part of the IBM Java SDK updates in July 2018. Vulnerability Details CVEID: CVE-2018-1656 DESCRIPTION:The IBM Java Runtime...

7.4CVSS1.4AI score0.04513EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/06/19 3:0 p.m.40 views

Security Bulletin: There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7, Version 8, that is used by IBM Workload Scheduler.

Summary here are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7, Version 8, that is used by IBM Workload Scheduler. These issues were disclosed as part of the IBM Java SDK updates in January 2020. Vulnerability Details CVEID: CVE-2020-2593 DESCRIPTION: An unspecified...

7.2CVSS1.1AI score0.04202EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/05/28 9:12 p.m.16 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Spectrum LSF Analytics

Summary There are multiple vulnerabilities in IBM®Runtime Environment Java™Version 7 used by IBM Spectrum LSF Analytics. IBM Spectrum LSF Analytics has addressed the applicable CVEs. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products an...

1AI score
Exploits0Affected Software1
CVE
CVE
added 2020/05/14 1:0 a.m.106 views

CVE-2020-5576

Movable Type CSRF (CVE-2020-5576) affects Movable Type and related products across multiple versions (MT 7 r.4606/7.2.1 and older; MT 6.5/6.3 series; MT Advanced and Premium variants; MT for AWS). Root cause described as a Cross‑site Request Forgery vulnerability that allows remote attackers to h...

8.8CVSS8.8AI score0.00843EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder