Lucene search
K

18 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/04/28 10:59 a.m.26 views

Security Bulletin: Denial of Service in Logback used by Apache Zookeeper affect IBM Operations Analytics - Log Analysis (CVE-2023-6481)

Summary There is a potential denial of service in Logback that is used by Apache Zookeeper. This is caused by serialization vulnerability in Logback. Vulnerability Details CVEID:CVE-2023-6481 DESCRIPTION: QOS.ch Sarl Logback is vulnerable to a denial of service, caused by a serialization flaw in...

7.5CVSS7.3AI score0.00682EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/25 9:8 a.m.33 views

Security Bulletin: IBM Event Streams is vulnerable to a cross-site request forgery due to the Axios component (CVE-2023-45857).

Summary IBM Event Streams is vulnerable to XSS vulnerability due to Axios component . Axios is a promise-based HTTP library that lets developers make requests to either their own or a third-party server to fetch data. Vulnerability Details CVEID:CVE-2023-45857 DESCRIPTION: Axios is vulnerable to...

6.5CVSS6.4AI score0.00556EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/12/11 6:42 p.m.27 views

Security Bulletin: Vulnerabilities in axios affect IBM Voice Gateway

Summary Security Vulnerabilities in axios affect IBM Voice Gateway. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2023-45857 DESCRIPTION: Axios is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By inserting the X-XSRF-TOK...

6.5CVSS7.1AI score0.00556EPSS
Exploits1Affected Software1
Prion
Prion
added 2020/04/15 2:15 p.m.8 views

Design/Logic Flaw

Vulnerability in the Oracle Financial Services Hedge Management and IFRS Valuations product of Oracle Financial Services Applications component: User Interface. Supported versions that are affected are 8.0.6 - 8.0.8. Easily exploitable vulnerability allows low privileged attacker with network...

5.5CVSS6.3AI score0.01051EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2020/04/15 2:15 p.m.12 views

Design/Logic Flaw

Vulnerability in the Oracle Financial Services Funds Transfer Pricing product of Oracle Financial Services Applications component: User Interface. Supported versions that are affected are 8.0.6 and 8.0.7. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP...

5.5CVSS6.3AI score0.01051EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2020/01/15 5:15 p.m.11 views

Design/Logic Flaw

Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications component: Infrastructure. Supported versions that are affected are 12.0.1-12.4.0 and 14.0.0-14.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTT...

5.5CVSS6.7AI score0.01123EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2019/01/16 2:28 p.m.30 views

CVE-2019-2534

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Replication. Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protoco...

7.1CVSS6.1AI score0.02113EPSS
Exploits0References4
Prion
Prion
added 2018/10/17 1:31 a.m.17 views

Buffer overflow

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware subcomponent: Outside In Filters. The supported version that is affected are 8.5.3 and 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

5.8CVSS6.8AI score0.01859EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2018/10/17 1:0 a.m.10 views

CVE-2018-3233

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware subcomponent: Outside In Filters. The supported version that is affected are 8.5.3 and 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

6.3AI score0.01466EPSS
Exploits0References2
NVD
NVD
added 2018/07/18 1:29 p.m.21 views

CVE-2018-3009

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware subcomponent: Outside In Filters. The supported version that is affected is 8.5.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...

7.1CVSS6.4AI score0.02336EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2018/07/18 1:0 p.m.15 views

CVE-2018-3097

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware subcomponent: Outside In Filters. The supported version that is affected is 8.5.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...

6.6AI score0.01769EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2018/07/18 1:0 p.m.10 views

CVE-2018-3103

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware subcomponent: Outside In Filters. The supported version that is affected is 8.5.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...

6.6AI score0.01489EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2018/07/18 1:0 p.m.11 views

CVE-2018-3009

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware subcomponent: Outside In Filters. The supported version that is affected is 8.5.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...

6.6AI score0.02336EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2018/07/18 1:0 p.m.65 views

CVE-2018-3064

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: InnoDB. Supported versions that are affected are 5.6.40 and prior, 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to...

7.1CVSS6.9AI score0.03162EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2017/08/08 3:0 p.m.10 views

CVE-2017-10085

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications subcomponent: Infrastructure. Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0, 12.2.0 and 12.3.0. Easily exploitable vulnerability allows low privileg...

6.5AI score0.0159EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2017/02/14 12:0 a.m.79 views

Riverbed RiOS Insecure Cryptographic Storage

Riverbed RiOS insecure cryptographic storage CVE-2017-5670 Description Riverbed Steelhead hardware appliances are used to optimize and accelerate network traffic. There can be implemented as TLS endpoints, so they have a secure vault aimed to store private TLS certificates for servers. The secure...

0.0042EPSS
Exploits1
0day.today
0day.today
added 2016/04/06 12:0 a.m.35 views

SocialEngine 4.8.9 - SQL Injection

Exploit for php platform in category web applications Product: SocialEngine Vendor: Webligo Vulnerable Versions: 4.8.9 and probably prior Tested Version: 4.8.9 Advisory Publication: December 21, 2015 without technical details Vendor Notification: December 21, 2015 Public Disclosure: April 6, 2016...

7.1AI score
Exploits0
ICS
ICS
added 2013/05/25 6:0 a.m.34 views

Top Server OPC Improper Input Validation Vulnerability

OVERVIEW Adam Crain of Automatak and independent researcher Chris Sistrunk have identified an improper input validation vulnerability in the Software Toolbox TOP Server DNP Master OPC product. Software Toolbox has produced a new version that mitigates this vulnerability. The researchers have test...

7.1CVSS6.2AI score0.0126EPSS
Exploits0References10
Rows per page
Query Builder