CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

475 matches found

Cvelist•added 2023/02/22 12:0 a.m.•9 views

CVE-2022-29273

pfSense CE through 2.6.0 and pfSense Plus before 22.05 allow XSS in the WebGUI via URL Table Alias URL parameters...

6.2AI score0.09435EPSS

Exploits0References3

IBM Security Bulletins•added 2023/02/07 2:42 a.m.•31 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Tivoli Netcool/OMNIbus WebGUI (CVE-2023-23477)

Summary Websphere Application Server WAS is shipped as a component of Tivoli Netcool/OMNIbus WebGUI. Information about a security vulnerability affecting WAS has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

9.8CVSS9.1AI score0.00165EPSS

Exploits0Affected Software1

OSV•added 2023/01/27 10:15 p.m.•1 views

CVE-2022-39811

Italtel NetMatch-S CI 5.2.0-20211008 has incorrect Access Control under NMSCI-WebGui/advancedsettings.jsp and NMSCIWebGui/SaveFileUploader. By not verifying permissions for access to resources, it allows an attacker to view pages that are not allowed, and modify the system configuration, bypassin...

9.1CVSS5.8AI score0.00197EPSS

Exploits1References1

Prion•added 2023/01/27 10:15 p.m.•12 views

Path traversal

Italtel NetMatch-S CI 5.2.0-20211008 allows Absolute Path Traversal under NMSCI-WebGui/SaveFileUploader. An unauthenticated user can upload files to an arbitrary path. An attacker can change the uploadDir parameter in a POST request not possible using the GUI to an arbitrary directory. Because th...

5CVSS7.4AI score0.01208EPSS

Exploits1References1Affected Software1

Prion•added 2023/01/27 10:15 p.m.•13 views

Information disclosure

6.4CVSS9.1AI score0.00197EPSS

Exploits1References1Affected Software1

CVE•added 2023/01/27 12:0 a.m.•44 views

CVE-2022-39812

Italtel NetMatch-S CI 5.2.0-20211008 is affected by an Absolute Path Traversal vulnerability in NMSCI-WebGui/SaveFileUploader. An unauthenticated attacker can upload files to an arbitrary path by changing the uploadDir parameter in a POST request (GUI cannot do this), potentially leading to unaut...

7.5CVSS7.3AI score0.01208EPSS

Exploits1References1Affected Software1

IBM Security Bulletins•added 2022/12/06 6:19 a.m.•12 views

Security Bulletin: Multiple security vulnerabilities has been identified in IBM WebSphere Application Server shipped with Tivoli Netcool/OMNIbus WebGUI - October 2022 CPU

Summary Websphere Application Server WAS is shipped as a component of Tivoli Netcool/OMNIbus WebGUI. Information about security vulnerabilities affecting WAS has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

6.8AI score

Exploits0Affected Software1

IBM Security Bulletins•added 2022/12/02 6:37 a.m.•23 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Tivoli Netcool/OMNIbus WebGUI (CVE-2022-38712)

Summary Websphere Application Server WAS is shipped as a component of Tivoli Netcool/OMNIbus WebGUI. Information about a security vulnerability affecting WAS has been published in a security bulletin. Vulnerability Details CVEID:CVE-2022-38712 DESCRIPTION: IBM WebSphere Application Server 7.0, 8....

5.9CVSS5.8AI score0.00073EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2022/12/02 6:16 a.m.•21 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Tivoli Netcool/OMNIbus WebGUI (CVE-2022-40750)

Summary Websphere Application Server WAS is shipped as a component of Tivoli Netcool/OMNIbus WebGUI. Information about a security vulnerability affecting WAS has been published in a security bulletin. Vulnerability Details CVEID:CVE-2022-40750 DESCRIPTION: IBM WebSphere Application Server 7.0, 8....

5.4CVSS5.5AI score0.00655EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2022/11/21 8:41 p.m.•46 views

Security Bulletin: A security vulnerability has been identified in IBM Jazz for Service Management shipped with Tivoli Netcool/OMNIbus WebGUI (CVE-2022-35722)

Summary IBM Jazz for Service Management JazzSM is shipped as a component of Tivoli Netcool/OMNIbus WebGUI. Information about a security vulnerability affecting JazzSM has been published in a security bulletin. Vulnerability Details CVEID:CVE-2022-35722 DESCRIPTION: IBM Jazz for Service Management...

5.4CVSS5.5AI score0.0033EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2022/11/21 8:12 p.m.•38 views

Security Bulletin: A security vulnerability has been identified in IBM Jazz for Service Management shipped with Tivoli Netcool/OMNIbus WebGUI (CVE-2022-35721)

Summary IBM Jazz for Service Management JazzSM is shipped as a component of Tivoli Netcool/OMNIbus WebGUI. Information about a security vulnerability affecting JazzSM has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes...

5.4CVSS5.3AI score0.0053EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2022/10/06 4:9 a.m.•56 views

Security Bulletin: Multiple vulnerabilities in React, webpack and Node.js modules affect Tivoli Netcool/OMNIbus WebGUI

Summary Fix is available for vulnerabilities in React, webpack and Node.js modules affecting Tivoli Netcool/OMNIbus WebGUI. The modules are used by Tivoli Netcool/OMNIbus WebGUI as part of its web client components. The fix updates the modules to the fixed versions. Vulnerability Details...

9.8CVSS10AI score0.84982EPSS

Exploits16Affected Software1

IBM Security Bulletins•added 2022/09/28 8:0 a.m.•27 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Tivoli Netcool/OMNIbus WebGUI (CVE-2022-35282)

6.5CVSS5.2AI score0.00132EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2022/09/14 4:48 a.m.•23 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Tivoli Netcool/OMNIbus WebGUI (CVE-2022-34336)

5.4AI score0.0053EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2022/09/14 4:44 a.m.•29 views

Security Bulletin: Vulnerability in IBM® Java SDK affects IBM WebSphere Application Server shipped with Tivoli Netcool/OMNIbus WebGUI due to July 2022 CPU plus deferred CVE-2021-2163

6.3AI score0.00081EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2022/09/02 4:39 a.m.•41 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Tivoli Netcool/OMNIbus WebGUI (CVE-2022-22477)

6.1CVSS6.2AI score0.00532EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2022/09/02 4:36 a.m.•48 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Tivoli Netcool/OMNIbus WebGUI (CVE-2022-22365)

5.9CVSS5.6AI score0.0024EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2022/09/02 4:35 a.m.•34 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Tivoli Netcool/OMNIbus WebGUI (CVE-2021-45105, CVE-2021-44832)

8.5CVSS8.6AI score0.74016EPSS

Exploits22Affected Software1

IBM Security Bulletins•added 2022/09/02 4:33 a.m.•53 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Tivoli Netcool/OMNIbus WebGUI (CVE-2021-39038)

5.4CVSS5AI score0.00039EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2022/07/21 3:38 a.m.•10 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Tivoli Netcool/OMNIbus WebGUI (CVE-2022-22473)

Summary Websphere Application Server WAS is shipped as a component of Tivoli Netcool/OMNIbus WebGUI. Information about a security vulnerability affecting WAS has been published in a security bulletin. Vulnerability Details CVEID:CVE-2022-22473 DESCRIPTION: IBM WebSphere Application Server 7.0, 8....

5.3CVSS4.5AI score0.00164EPSS

Exploits0Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by