Lucene search
K

35 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2021-7861

Malicious code in bioql PyPI...

8.8CVSS7AI score0.00826EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/04/17 1:11 p.m.62 views

Security Bulletin: There is a security vulnerability in Node.js http-cache-semantics module used by IBM Maximo for Civil Infrastructure in Maximo Application Suite (CVE-2022-25881)

Summary There is a security vulnerability in Node.js http-cache-semantics module used by IBM Maximo for Civil Infrastructure in Maximo Application Suite Vulnerability Details CVEID:CVE-2022-25881 DESCRIPTION: Node.js http-cache-semantics module is vulnerable to a denial of service, caused by a...

7.5CVSS6.9AI score0.01613EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/29 9:35 a.m.28 views

Security Bulletin: There is a security vulnerability in Node.js ua-parser-js module used by IBM Maximo for Civil Infrastructure in Maximo Application Suite (CVE-2022-25927)

Summary There is a security vulnerability in Node.js ua-parser-js module used by IBM Maximo for Civil Infrastructure in Maximo Application Suite Vulnerability Details CVEID:CVE-2022-25927 DESCRIPTION: Node.js ua-parser-js module is vulnerable to a denial of service, caused by a regular expression...

7.5CVSS6.2AI score0.01725EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/29 9:33 a.m.25 views

Security Bulletin: There is a security vulnerability in Node.js module used by IBM Maximo for Civil Infrastructure in Maximo Application Suite (CVE-2022-33987)

Summary There is a security vulnerability in Node.js module used by IBM Maximo for Civil Infrastructure in Maximo Application Suite Vulnerability Details CVEID:CVE-2022-33987 DESCRIPTION: Node.js got module could allow a remote attacker to bypass security restrictions, caused by an unspecified. B...

5.3CVSS6.2AI score0.01855EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/29 9:32 a.m.32 views

Security Bulletin: There is a security vulnerability in Node.js create-choo-electron module used by IBM Maximo for Civil Infrastructure in Maximo Application Suite (CVE-2022-25908)

Summary There is a security vulnerability in Node.js create-choo-electron module used by IBM Maximo for Civil Infrastructure in Maximo Application Suite. Vulnerability Details CVEID:CVE-2022-25908 DESCRIPTION: Node.js create-choo-electron module could allow a remote attacker to execute arbitrary...

9.8CVSS8.8AI score0.01547EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/28 1:29 p.m.31 views

Security Bulletin: There is a security vulnerability in TinyMCE used by IBM Maximo for Civil Infrastructure in Maximo Application Suite (CVE-2022-23494)

Summary There is a security vulnerability in TinyMCE used by IBM Maximo for Civil Infrastructure in Maximo Application Suite Vulnerability Details CVEID:CVE-2022-23494 DESCRIPTION: TinyMCE is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote...

6.1CVSS5.8AI score0.00939EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/04/11 3:15 p.m.60 views

Security Bulletin: IBM Maximo For Civil infrastructure is vulnerable to a remote code execution in Spring Framework (CVE-2022-22965)

Summary IBM Maximo For Civil infrastructure is affected but not classified as vulnerable to a remote code execution in Spring Framework CVE-2022-22965 as it does not meet all of the following criteria: 1. JDK 9 or higher, 2. Apache Tomcat as the Servlet container, 3. Packaged as WAR in contrast t...

9.8CVSS2.6AI score0.99677EPSS
Exploits100Affected Software1
CNVD
CNVD
added 2021/03/16 12:0 a.m.5 views

Unspecified Vulnerability in IBM Maximo for Civil Infrastructure

IBM Maximo Anywhere is a suite of next-generation mobile solutions from IBM USA built on the IBM Worklight platform. The solution supports remote access to IBM Maximo Asset Management a comprehensive asset lifecycle and maintenance management solution workflow and asset management via mobile...

8.8CVSS6.7AI score0.00826EPSS
Exploits0References1
CNVD
CNVD
added 2021/02/19 12:0 a.m.5 views

IBM Maximo for Civil Infrastructure Information Disclosure Vulnerability

IBM Maximo for Civil Infrastructure integrates inspection, defect tracking and maintenance activities to help organizations improve asset life, keep critical systems up and running and reduce the total cost of ownership of civil infrastructure. An information disclosure vulnerability exists in IB...

6.5CVSS6.2AI score0.01139EPSS
Exploits0References1
CNVD
CNVD
added 2021/02/19 12:0 a.m.7 views

IBM Maximo for Civil Infrastructure Cross-Site Scripting Vulnerability (CNVD-2021-11050)

IBM Maximo for Civil Infrastructure integrates inspection, defect tracking and maintenance activities to help organizations improve asset life, keep critical systems up and running and reduce the total cost of ownership of civil infrastructure. A cross-site scripting vulnerability exists in IBM...

6.1CVSS6.1AI score0.00661EPSS
Exploits0References1
CNVD
CNVD
added 2021/02/19 12:0 a.m.9 views

IBM Maximo for Civil Infrastructure Cross-Site Scripting Vulnerability

IBM Maximo for Civil Infrastructure integrates inspection, defect tracking and maintenance activities to help organizations improve asset life, keep critical systems up and running and reduce the total cost of ownership of civil infrastructure. A cross-site scripting vulnerability exists in IBM...

5.4CVSS6.1AI score0.00502EPSS
Exploits0References1
OSV
OSV
added 2021/02/18 3:15 p.m.4 views

CVE-2021-20443

IBM Maximo for Civil Infrastructure 7.6.2 includes executable functionality such as a library from a source that is outside of the intended control sphere. IBM X-Force ID: 196619...

8.8CVSS5.8AI score0.00826EPSS
Exploits0References2
NVD
NVD
added 2021/02/18 3:15 p.m.11 views

CVE-2021-20443

IBM Maximo for Civil Infrastructure 7.6.2 includes executable functionality such as a library from a source that is outside of the intended control sphere. IBM X-Force ID: 196619...

8.8CVSS0.00826EPSS
Exploits0References2
OSV
OSV
added 2021/02/18 3:15 p.m.3 views

CVE-2021-20446

IBM Maximo for Civil Infrastructure 7.6.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 196622...

5.4CVSS5.4AI score0.00502EPSS
Exploits0References2
OSV
OSV
added 2021/02/18 3:15 p.m.3 views

CVE-2021-20445

IBM Maximo for Civil Infrastructure 7.6.2 could allow a user to obtain sensitive information due to insecure storeage of authentication credentials. IBM X-Force ID: 196621...

6.5CVSS5.8AI score0.01139EPSS
Exploits0References2
OSV
OSV
added 2021/02/18 3:15 p.m.4 views

CVE-2021-20444

IBM Maximo for Civil Infrastructure 7.6.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 196620...

6.1CVSS6AI score0.00661EPSS
Exploits0References2
NVD
NVD
added 2021/02/18 3:15 p.m.14 views

CVE-2021-20446

IBM Maximo for Civil Infrastructure 7.6.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 196622...

5.4CVSS0.00502EPSS
Exploits0References2
NVD
NVD
added 2021/02/18 3:15 p.m.12 views

CVE-2021-20444

IBM Maximo for Civil Infrastructure 7.6.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 196620...

6.1CVSS0.00661EPSS
Exploits0References2
NVD
NVD
added 2021/02/18 3:15 p.m.19 views

CVE-2021-20445

IBM Maximo for Civil Infrastructure 7.6.2 could allow a user to obtain sensitive information due to insecure storeage of authentication credentials. IBM X-Force ID: 196621...

6.5CVSS0.01139EPSS
Exploits0References2
Prion
Prion
added 2021/02/18 3:15 p.m.18 views

Design/Logic Flaw

IBM Maximo for Civil Infrastructure 7.6.2 could allow a user to obtain sensitive information due to insecure storeage of authentication credentials. IBM X-Force ID: 196621...

4CVSS6.1AI score0.01139EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder