Lucene search
K

40 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/05/28 7:28 p.m.16 views

Security Bulletin: Multiple Vulnerabilities have been identified in IBM HTTP Server shipped with IBM WebSphere Remote Server

Summary IBM HTTP Server is shipped with IBM WebSphere Remote Server. Information about security vulnerabilities affecting IBM HTTP Server have been published in a security bulletin CVE-2026-8834, CVE-2026-8852, CVE-2026-8856, CVE-2026-8850, CVE-2026-8854, CVE-2026-8855, CVE-2026-8835,...

9.8CVSS5.9AI score0.00488EPSS
Exploits1Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/15 12:0 a.m.18 views

PT-2026-41277

The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'table' parameter in all versions up to, and including, 9.1.12 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...

4.9CVSS5.9AI score0.00355EPSS
Exploits0References12
Vulnrichment
Vulnrichment
added 2026/04/01 8:54 p.m.3 views

CVE-2026-4820 IBM Maximo Application Suite was vulnerable to because Cookie ltpatoken2_<workspace_name> was not set with secure flag

IBM Maximo Application Suite 9.1, 9.0, 8.11, and 8.10 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to th...

4.3CVSS5.8AI score0.00118EPSS
Exploits0References1
CVE
CVE
added 2026/04/01 8:54 p.m.12 views

CVE-2026-4820

CVE-2026-4820 affects IBM Maximo Application Suite 9.1, 9.0, 8.11, and 8.10, where authorization tokens or session cookies are not marked with the Secure attribute. This can allow an unauthenticated attacker to steal cookie values by directing users to an http link and monitoring traffic, enablin...

4.3CVSS5.8AI score0.00118EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/03/26 9:42 p.m.23 views

CVE-2026-33674

PrestaShop versions prior to 8.2.5 and 9.1.0 improperly use the validation framework. The issue is addressed by a fix in 8.2.5 and 9.1.0; no public workarounds are listed. Upgrading to 8.2.5, 9.1.0, or newer versions is recommended. The available documents do not provide exploit details or in-the...

5.3CVSS5.8AI score0.00237EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/20 3:46 p.m.5 views

CVE-2025-69324 WordPress NEX-Forms plugin <= 9.1.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Basix NEX-Forms nex-forms-express-wp-form-builder allows Stored XSS.This issue affects NEX-Forms: from n/a through = 9.1.7...

5.3AI score0.00244EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/09 12:0 a.m.8 views

Yokogawa FAST/TOOLS 安全漏洞

Yokogawa FAST/TOOLS is a real-time operation management and visualization software developed by Yokogawa Electric Corporation. There are security vulnerabilities in the versions of Yokogawa FAST/TOOLS from R9.01 to R10.04. These vulnerabilities stem from the possibility of physical paths being...

6.9CVSS5.8AI score0.00261EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/02/04 11:31 a.m.7 views

WordPress NEX-Forms plugin <= 9.1.7 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Jarno Vos jrn5151 in WordPress Plugin NEX-Forms versions = 9.1.7...

7.1CVSS5.3AI score0.00244EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/21 6:5 p.m.5 views

Security Bulletin: IBM OpenPages is affected by multiple security vulnerabilities of DB2 Database Server (Nov 2025)

Summary IBM® Db2® Database Server is shipped as a supporting program of IBM OpenPages. Information about security vulnerabilities affecting IBM Db2 Database Server has been published in multiple security bulletins. Vulnerability Details Refer to the security bulletins listed in the...

5.4AI score
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/19 9:53 p.m.5 views

WordPress Newsletter - Send awesome emails from WordPress plugin <= 9.1.0 - Cross-Site Request Forgery to Newsletter Unsubscription vulnerability

WordPress Newsletter - Send awesome emails from WordPress plugin = 9.1.0 - Cross-Site Request Forgery to Newsletter Unsubscription vulnerability discovered by WordFence in WordPress Plugin Newsletter versions = 9.1.0...

4.3CVSS5.5AI score0.00104EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/01/09 12:0 a.m.7 views

TIM BPM Suite和TIM FLOW 安全漏洞

TIM BPM Suite and TIM FLOW are both business process management software from TIM Germany. A security vulnerability exists in TIM BPM Suite and TIM FLOW versions 9.1.2 and earlier, which stems from an authorization bypass that could lead to elevated privileges and information disclosure...

5.4CVSS6.4AI score0.00195EPSS
Exploits0References3
CVE
CVE
added 2025/11/17 8:47 p.m.17 views

CVE-2025-36118

IBM Storage Virtualize versions 8.4, 8.5, 8.7, and 9.1 are affected by CVE-2025-36118 due to an information disclosure flaw in the IKEv1 Security Association negotiation, allowing remote attackers to read sensitive memory data. The root cause is an IKEv1 implementation issue (heap/memory handling...

7.5CVSS6AI score0.00322EPSS
Exploits0References1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/27 12:58 p.m.7 views

Security Bulletin: IBM OpenPages fixes form-data package vulnerability

Summary Vulnerability in the form-data package with IBM OpenPages has been addressed in the latest IBM OpenPages fix pack version for 8.3, 9.0 and mod version for 9.1 Vulnerability Details CVEID:CVE-2025-7783 DESCRIPTION: Use of Insufficiently Random Values vulnerability in form-data allows HTTP...

9.4CVSS6.7AI score0.01735EPSS
Exploits1Affected Software1
OSV
OSV
added 2025/10/16 5:15 p.m.2 views

CVE-2025-36128

IBM MQ 9.1, 9.2, 9.3, 9.4 LTS and 9.3, 9.4 CD is vulnerable to a denial of service, caused by improper enforcement of the timeout on individual read operations. By conducting slowloris-type attacks, a remote attacker could exploit this vulnerability to cause a denial of service...

7.5CVSS5.8AI score0.00495EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/10/03 11:0 p.m.7 views

WordPress Woo superb slideshow transition gallery with random effect plugin <= 9.1 - Authenticated (Contributor+) SQL Injection vulnerability

Authenticated Contributor+ SQL Injection vulnerability discovered by Peter Thaleikis in WordPress Plugin Woo superb slideshow transition gallery with random effect versions = 9.1...

6.5CVSS7.7AI score0.00258EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-28065

Malicious code in bioql PyPI...

4.8CVSS6.6AI score0.00181EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/18 4:37 p.m.4 views

Security Bulletin: IBM OpenPages is affected by multiple security vulnerabilities of DB2 Database Server (July 2025)

Summary IBM® Db2® Database Server is shipped as a supporting program of IBM OpenPages. Information about security vulnerabilities affecting IBM Db2 Database Server has been published in multiple security bulletins. Vulnerability Details Refer to the security bulletins listed in the...

6.7AI score
Exploits0Affected Software1
Cvelist
Cvelist
added 2025/09/15 3:31 p.m.9 views

CVE-2025-36082 IBM OpenPages information disclosure

IBM OpenPages 9.0 and 9.1 allows web page cache to be stored locally which can be read by another user on the system...

4CVSS0.0012EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/08/14 3:13 p.m.5 views

Security Bulletin: IBM HTTP Server, which is bundled with WebSphere Remote Server, is affected by a security bypass vulnerability (CVE-2025-54090)

Summary IBM HTTP Server is shipped with IBM WebSphere Remote Server. Information about a security vulnerability affecting IBM HTTP Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and...

6.3CVSS6.7AI score0.00691EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2025/02/19 10:31 a.m.1 views

mysql: MySQL Server: Unauthorized Data Modification and Read Access Vulnerability

A flaw was found in MySQL Server. This vulnerability allows a low privileged attacker with network access via multiple protocols to achieve unauthorized data modification and read access to a subset of MySQL Server's accessible data...

5.4CVSS6.6AI score0.00481EPSS
Exploits0References5
Rows per page
Query Builder