Lucene search
K

44 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/08/06 4:10 p.m.11 views

Security Bulletin: Multiple Vulnerabilities in IBM API Connect

Summary Multiple vulnerabilities were addressed in IBM API Connect version 10.0.8.3 Vulnerability Details CVEID:CVE-2013-4660 DESCRIPTION: The JS-YAML module before 2.0.5 for Node.js parses input without properly considering the unsafe !!js/function tag, which allows remote attackers to execute...

7.5CVSS10AI score0.99019EPSS
Exploits18Affected Software1
CBLMariner
CBLMariner
added 2025/05/15 9:13 p.m.11 views

CVE-2015-9251 affecting package python-blinker for versions less than 1.7.0-4

CVE-2015-9251 affecting package python-blinker for versions less than 1.7.0-4. An upgraded version of the package is available that resolves this issue...

6.1CVSS7.3AI score0.29726EPSS
Exploits2
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/26 4:0 a.m.56 views

Security Bulletin: Multiple security vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak.

Summary jQuery is used by IBM Robotic Process Automation for Cloud Pak as part of Abbyy CVE-2015-9251, CVE-2019-11358, CVE-2020-11022, CVE-2020-11023, CVE-2020-23064. Kubernetes kube-apiserver is used by IBM Robotic Process Automation for Cloud Pak as part of the operator CVE-2020-8552. Go Go-Yam...

7.5CVSS7.4AI score0.99019EPSS
Exploits17Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2015-9251

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jQuery before 3.0.0 is vulnerable to Cross-site Scripting XSS attacks when a cross-domain Ajax request is performed without the dataType option, causing...

6.1CVSS7AI score0.29726EPSS
Exploits2References3
CBLMariner
CBLMariner
added 2025/02/02 10:12 p.m.13 views

CVE-2015-9251 affecting package ceph for versions less than 18.2.2-1

CVE-2015-9251 affecting package ceph for versions less than 18.2.2-1. A patched version of the package is available...

6.1CVSS7.3AI score0.29726EPSS
Exploits2
CBLMariner
CBLMariner
added 2024/07/24 1:52 a.m.30 views

CVE-2015-9251 affecting package slf4j for versions less than 2.0.7-1

CVE-2015-9251 affecting package slf4j for versions less than 2.0.7-1. An upgraded version of the package is available that resolves this issue...

6.1CVSS7.2AI score0.29726EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.40 views

RHEL 7 : jquery (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - jquery: Cross-site scripting via cross-domain ajax requests CVE-2015-9251 Note that Nessus has not tested for this...

6.1CVSS7.3AI score0.29726EPSS
Exploits2References1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/17 7:40 p.m.73 views

Security Bulletin: IBM InfoSphere Information Server is affected by multiple vulnerabilities in JQuery, Node.js and Swagger UI

Summary Multiple vulnerabilities in JQuery, Node.js and Swagger UI used by InfoSphere Information Server were addressed. Vulnerability Details CVEID:CVE-2021-23358 DESCRIPTION: Node.js underscore module could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the...

9.8CVSS8.1AI score0.99019EPSS
Exploits27Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/14 9:14 p.m.50 views

Security Bulletin: IBM CICS TX Standard is vulnerable to multiple vulnerabilities in jQuery.

Summary IBM CICS TX Standard is vulnerable to multiple vulnerabilities in jQuery. The fix removes these vulnerabilities from IBM CICS TX Standard. Vulnerability Details CVEID:CVE-2012-6708 DESCRIPTION: jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied...

6.9CVSS7.3AI score0.99019EPSS
Exploits12Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/01 9:57 p.m.89 views

Security Bulletin: Vulnerability in jQuery affects IBM Process Mining (Multiple CVEs)

Summary There are multiple vulnerabilities in JQuery that could allow an attacker to launch cross-site scripting. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details CVEID:CVE-2015-9251 DESCRIPTION: jQuer...

6.9CVSS7AI score0.99019EPSS
Exploits15Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/12 9:59 p.m.40 views

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to cross-site scripting in jQuery (CVE-2015-9251).

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to cross-site scripting in jQuery, caused by improper validation of user-supplied input. CVE-2015-9251. jQuery is used by the runtime components included in IBM Watson Speech. Please read the details for...

6.1CVSS6.6AI score0.29726EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/05 3:14 p.m.63 views

Security Bulletin: jQuery included in ITNM is vulnerable to Cross-site Scripting (XSS) attacks (multiple vulnerabilities)

Summary Multiple vulnerabilities CVE-2015-9251; CVE-2019-11358; CVE-2020-11022; CVE-2020-11023 found in jQuery that is present in IBM Tivoli Network Manager ITNM IP Edition. jQuery versions before 3.0.0 are vulnerable to Cross-site Scripting XSS attacks when a cross-domain Ajax request is perform...

6.9CVSS6.8AI score0.99019EPSS
Exploits15Affected Software1
OpenVAS
OpenVAS
added 2022/12/20 12:0 a.m.35 views

Tenable Nessus Network Monitor < 5.11.0 Multiple Vulnerabilities (TNS-2019-08)

Tenable Nessus Network Monitor is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.8CVSS6.9AI score0.87218EPSS
Exploits5References1
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/21 10:10 p.m.62 views

Security Bulletin: API Connect is vulnerable to JQuery Cross-Site Scripting (XSS) and other vulnerabilities (CVE-2012-6708, CVE-2015-9251, CVE-2019-11358, CVE-2020-11022, CVE-2020-11023)

Summary A vulnerable version of JQuery was used by API Connect. The fix includes updated JQuery which addresses CVE-2012-6708, CVE-2015-9251, CVE-2019-11358, CVE-2020-11022, and CVE-2020-11023. Vulnerability Details CVEID:CVE-2012-6708 DESCRIPTION: jQuery is vulnerable to cross-site scripting,...

6.9CVSS6.7AI score0.99019EPSS
Exploits19Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/10/27 12:0 a.m.58 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : ipa Multiple Vulnerabilities (NS-SA-2021-0171)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has ipa packages installed that are affected by multiple vulnerabilities: - jQuery before 3.0.0 is vulnerable to Cross-site Scripting XSS attacks when a cross-domain Ajax request is performed without the dataType option, causin...

6.9CVSS6.6AI score0.99019EPSS
Exploits17References21
IBM Security Bulletins
IBM Security Bulletins
added 2021/07/16 5:54 p.m.66 views

Security Bulletin: Multiple vulnerabilites affect IBM Jazz Foundation and IBM Engineering products.

Summary There are multiple vulnerabilities that are used by IBM Jazz Team Server affecting the following IBM Jazz Team Server based Applications: Engineering Lifecycle Management ELM, IBM Engineering Requirements Management DOORS Next DOORS Next, IBM Engineering Workflow Management EWM, IBM...

9.8CVSS9AI score0.99019EPSS
Exploits15Affected Software5
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.40 views

SUSE: Security Advisory (SUSE-SU-2020:0737-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7AI score0.29726EPSS
Exploits8References10
Atlassian
Atlassian
added 2021/02/16 6:28 p.m.487 views

Update jQuery to avoid CVE-2020-11022, CVE-2020-11023, and CVE-2015-9251

Crowd was using jQuery version 1.8.3, which is affected by CVE-2020-11023, CVE-2020-11022, and CVE-2015-9251. Affected Version/s: 4.0.3, 4.1.1 Fixed Version/s: 4.1.2, 4.0.4, 4.2.0...

6.9CVSS6.8AI score0.99019EPSS
Exploits12
Tenable Nessus
Tenable Nessus
added 2021/02/01 12:0 a.m.130 views

CentOS 8 : pki-core:10.6 and pki-deps:10.6 (CESA-2020:4847)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:4847 advisory. - jquery: Cross-site scripting via cross-domain ajax requests CVE-2015-9251 - bootstrap: XSS in the data-target attribute CVE-2016-10735 - bootstrap:...

9.8CVSS7.5AI score0.9927EPSS
Exploits65References14
Tenable Nessus
Tenable Nessus
added 2021/02/01 12:0 a.m.61 views

CentOS 8 : idm:DL1 and idm:client (CESA-2020:4670)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:4670 advisory. - jquery: Cross-site scripting via cross-domain ajax requests CVE-2015-9251 - bootstrap: XSS in the data-target attribute CVE-2016-10735 - bootstrap:...

6.9CVSS7AI score0.99019EPSS
Exploits16References11
Rows per page
Query Builder