Lucene search
K

97 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

MiracleLinux 3 : jakarta-commons-httpclient-3.0-7jpp.4.AXS3 (AXSA:2014-519:01)

The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2014-519:01 advisory. Description : The Hyper-Text Transfer Protocol HTTP is perhaps the most significant protocol used on the Internet today. Web services, network-enabled...

5.8CVSS6.4AI score0.09149EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/26 3:53 a.m.31 views

Security Bulletin: IBM Cloud Pak for Security includes components with multiple known vulnerabilities

Summary IBM Cloud Pak for Security includes components with known vulnerabilities. These have been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest version of Cloud Pak for Security...

7.5CVSS9.3AI score0.19312EPSS
Exploits3Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2014-3577

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - org.apache.http.conn.ssl.AbstractVerifier in Apache HttpComponents HttpClient before 4.3.5 and HttpAsyncClient before 4.0.2 does not properly verify that the...

5.8CVSS7AI score0.09149EPSS
Exploits1References1
IBM Security Bulletins
IBM Security Bulletins
added 2024/08/22 10:51 a.m.48 views

Security Bulletin: Multiple Vulnerabilities in IBM Application Performance Management

Summary Multiple vulnerabilities were addressed in IBM Application Performance Management 8.1.4.0 IF16 patch Vulnerability Details CVEID:CVE-2023-32342 DESCRIPTION: IBM GSKit could allow a remote attacker to obtain sensitive information, caused by a timing-based side channel in the RSA Decryption...

7.5CVSS10AI score0.09149EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/03/19 11:50 a.m.41 views

Security Bulletin: IBM Db2 and IBM Java SDK used by IBM Security Verify Governance - Identity Manager have multiple vulnerabilities

Summary Information about security vulnerabilities affecting IBM DB2 and IBM Java has been published in security bulletins. IBM Security Verify Governance - Identity Manager ships with IBM DB2 and IBM Java SDK. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes...

8.4CVSS7.9AI score0.09149EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/04 12:58 p.m.51 views

Security Bulletin: Vulnerabilities in Apache HttpComponents affect IBM Storage Protect Client, IBM Storage Protect for Virtual Environments, and IBM Storage Protect for Space Management (CVE-2012-6153, CVE-2014-3577, CVE-2020-13956)

Summary IBM Storage Protect Backup-Archive Client, IBM Storage Protect for Virtual Environments Data Protection for VMware only, and IBM Storage Protect for Space Management can be affected by a vulnerability in Apache HttpComponents. The vulnerability can lead to spoofing attacks, bypass of...

5.8CVSS5.7AI score0.09149EPSS
Exploits2Affected Software3
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/05 1:33 p.m.38 views

Security Bulletin: Multiple Vulnerabilities found in IBM DB2 which is shipped with IBM® Intelligent Operations Center(CVE-2022-43929, CVE-2022-43927, CVE-2014-3577, CVE-2022-43930)

Summary Multiple vulnerabilities have been identified in IBM DB2 which is shipped with IBM® Intelligent Operations Center. Information about these vulnerabilities affecting IBM® Intelligent Operations Center have been published and addressed the applicable CVEs. Vulnerability Details...

7.5CVSS7AI score0.09149EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/14 3:55 p.m.22 views

Security Bulletin: Multiple Vulnerabilities of Apache HttpClient have affected APM Linux KVM Agent

Summary APM Linux KVM Agent is vulnerable to Apache HttpClient vulnerabilities described in220912, CVE-2020-13956. The fix includes httpclient-4.5.jar upgraded to httpclient-4.5.13.jar Vulnerability Details CVEID:CVE-2012-6153 DESCRIPTION: Apache HttpComponents could allow a remote attacker to...

5.8CVSS6.2AI score0.09149EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/10 4:49 p.m.35 views

Security Bulletin: Security vulnerabilities have been identified in IBM Db2 shipped with IBM Security Guardium Key Lifecycle Manager (CVE-2022-43930, CVE-2014-3577, CVE-2022-43927, CVE-2022-43929)

Summary IBM Db2 is shipped as a component of IBM Security Key Lifecycle Manager SKLM/GKLM. Information about multiple security vulnerabilities affecting IBM Db2 has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

7.5CVSS6.9AI score0.09149EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/04/28 7:47 a.m.32 views

Security Bulletin: TADDM is vulnerable to a denial of service due to vulnerabilities in Apache HttpClient

Summary Apache HttpClient used by IBM Tivoli Application Dependency Discovery Manager and is vulnerable to CVE-2011-1498, CVE-2012-5783, CVE-2012-6153, CVE-2014-3577,CVE-2015-5262 Vulnerability Details CVEID:CVE-2011-1498 DESCRIPTION: Apache HttpComponents could allow a remote attacker to obtain...

5.8CVSS6.6AI score0.19312EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/21 5:41 p.m.48 views

Security Bulletin: Security vulnerabilities have been identified in IBM DB2 used by IBM Security Verify Governance, Identity Manager virtual appliance component

Summary Information about security vulnerabilities affecting IBM DB2 have been published in a security bulletin Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products| Versions ---|--- IBM Security Verify...

7.5CVSS7.1AI score0.09149EPSS
Exploits1Affected Software1
OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.24 views

Debian: Security Advisory (DLA-222-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.8CVSS6.9AI score0.09254EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/17 3:44 p.m.99 views

Security Bulletin: Multiple vulnerabilities found with third-party libraries used by IBM® MobileFirst Platform

Summary There are multiple vulnerabilities in open source libraries used by IBM MobileFirst Platform Foundation. They are addressed in this update. Vulnerability Details CVEID:CVE-2022-3517 DESCRIPTION: minimatch is vulnerable to a denial of service, caused by a regular expression denial of servi...

9.8CVSS9.6AI score0.19312EPSS
Exploits39Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/08 2:22 p.m.55 views

Security Bulletin: IBM® Db2® Connect Server is vulnerable due to the use of Apache HttpComponents. (CVE-2014-3577)

Summary IBM® Db2® Connect Server is vulnerable due to the use of Apache HttpComponents. Vulnerability Details CVEID:CVE-2014-3577 DESCRIPTION: Apache HttpComponents could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain...

5.8CVSS6AI score0.09149EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/12 1:16 p.m.65 views

Security Bulletin: Apache Commons HttpClient 3.x (and few others) allow Man-In-The-Middle (MITM) attack

Summary Apache Commons HttpClient 3.x and few others used do not verify the server hostname in the subject Common Name CN and allows Man-In-The-Middle MITM attack Vulnerability Details CVEID:CVE-2012-5783 DESCRIPTION: Apache Commons HttpClient, as used in Amazon Flexible Payments Service FPS...

5.8CVSS6.5AI score0.19312EPSS
Exploits1Affected Software1
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.28 views

Mageia: Security Advisory (MGASA-2014-0348)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.8CVSS6.7AI score0.09149EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.28 views

Mageia: Security Advisory (MGASA-2014-0557)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.8CVSS6.6AI score0.09149EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2021/11/22 12:0 a.m.36 views

Jenkins Enterprise and Operations Center < 2.249.33.0.1 / 2.277.42.0.1 / 2.303.2.5 Multiple Vulnerabilities (CloudBees Security Advisory 2021-10-06)

The version of Jenkins Enterprise or Jenkins Operations Center running on the remote web server is 2.249.x prior to 2.249.33.0.1, 2.277.x prior to 2.277.42.0.1, or 2.x prior to 2.303.2.5. It is, therefore, affected by multiple vulnerabilities, including the following: -...

6.5CVSS6.7AI score0.09149EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2021/10/08 12:0 a.m.38 views

FreeBSD : jenkins -- Jenkins core bundles vulnerable version of the commons-httpclient library (9bad457e-b396-4452-8773-15bec67e1ceb)

Jenkins Security Advisory : DescriptionMedium SECURITY-2475 / CVE-2014-3577 Jenkins core bundles vulnerable version of the commons-httpclient library %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML...

5.8CVSS6.3AI score0.09149EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2021/10/08 12:0 a.m.16 views

Jenkins < 2.303.2, < 2.315 Multiple Vulnerabilities - Windows

Jenkins is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.5CVSS6.4AI score0.09149EPSS
Exploits1References1
Rows per page
Query Builder