Lucene search
+L

10 matches found

ncsc
ncsc
added 2021/01/21 12:0 a.m.7 views

Vulnerabilities fixed in Oracle Enterprise Manager

Oracle has fixed multiple vulnerabilities in Oracle Enterprise Manager. The vulnerabilities allow an unauthenticated remote malicious party potentially able to launch attacks leading to the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution Access to...

9.8CVSS7.6AI score0.9986EPSS
Exploits10
redhat
redhat
added 2020/12/16 12:11 p.m.179 views

Important: Red Hat Security Advisory: Red Hat Fuse 7.8.0 release and security update

A minor version update from 7.7 to 7.8 is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...

9.8CVSS8AI score0.95586EPSS
Exploits12References39
ibm
ibm
added 2020/10/01 12:30 p.m.34 views

Security Bulletin:IBM Resilient SOAR is Using Components with Known Vulnerabilities - Apache Camel ( CVE-2019-0188, CVE-2020-11972, CVE-2020-11973)

Summary IBM Resilient SOAR is using Apache Camel that has known vulnerabilities, as described below. Vulnerability Details CVEID: CVE-2019-0188 DESCRIPTION: Apache Camel could allow a remote attacker to obtain sensitive information, caused by improper handling of XML external entity XXE...

9.8CVSS1.5AI score0.08463EPSS
Exploits0Affected Software1
ibm
ibm
added 2020/08/11 2:33 p.m.32 views

Security Bulletin: Vulnerabilities in Apache Camel's JMX, Apache Camel RabbitMQ and Apache Camel Netty affects IBM Operations Analytics Predictive Insights (CVE-2020-11971, CVE-2020-11972, CVE-2020-11973)

Summary Apache Camel's JMX, Apache Camel RabbitMQ and Apache Camel Netty are used by IBM Operations Analytics Predictive Insights. IBM Operations Analytics Predictive Insights has addressed the applicable CVEs. See Remediation/Fixes section to apply the recommended fixes. Vulnerability Details...

9.8CVSS2AI score0.14331EPSS
Exploits0Affected Software1
ibm
ibm
added 2020/07/16 5:5 a.m.41 views

Security Bulletin: Multiple vulnerabilities have been identified in Apache Camel shipped with IBM Netcool/OMNIbus Probe DSL Factory Framework

Summary Apache Camel is a dependency component shipped with the IBM Netcool/OMNIbus Probe DSL Factory Framework. Information about the security vulnerabilities affecting Apache Camel has been published. CVE-2020-11971, CVE-2020-11973, CVE-2020-11972 Vulnerability Details CVEID: CVE-2020-11971...

9.8CVSS1.4AI score0.14331EPSS
Exploits0Affected Software1
redhatcve
redhatcve
added 2020/06/18 12:25 p.m.41 views

CVE-2020-11973

A flaw was found in camel. Apache Camel RabbitMQ enables java deserialization, by default, without any means of disabling which can lead to arbitrary code being executed. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Mitigation...

7.5CVSS4.3AI score0.06592EPSS
Exploits0References3
ibm
ibm
added 2020/06/15 6:0 a.m.36 views

Security Bulletin: IBM Jazz for Service Management is vulnerable to Apache Camel Core vulnerabilities

Summary IBM Jazz for Service Management is vulnerable to Apache Camel Core vulnerabilities CVE-2020-11971, CVE-2020-11973, CVE-2020-11972 Vulnerability Details CVEID: CVE-2020-11971 DESCRIPTION: Apache Camel could allow a remote attacker to obtain sensitive information, caused by a rebind flaw in...

9.8CVSS1.7AI score0.14331EPSS
Exploits0Affected Software1
nvd
nvd
added 2020/05/14 5:15 p.m.18 views

CVE-2020-11973

Apache Camel Netty enables Java deserialization by default. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.0, 3.0.0 up to 3.1.0 are affected. 2.x users should upgrade to 2.25.1, 3.x users should upgrade to 3.2.0...

9.8CVSS9.4AI score0.06592EPSS
Exploits0References6
osv
osv
added 2020/05/14 5:15 p.m.20 views

CVE-2020-11973

Apache Camel Netty enables Java deserialization by default. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.0, 3.0.0 up to 3.1.0 are affected. 2.x users should upgrade to 2.25.1, 3.x users should upgrade to 3.2.0...

9.8CVSS6.7AI score0.06592EPSS
Exploits0References6
cve
cve
added 2020/05/14 4:22 p.m.130 views

CVE-2020-11973

CVE-2020-11973 affects Apache Camel with Netty, enabling Java deserialization due to unsafe/deserialized handling. Affected Camel versions: 2.22.x, 2.23.x, 2.24.x, 2.25.0, up to 3.1.0. Remediation is upgrade to Camel 2.25.1 (2.x line) or 3.2.0 (3.x line); no exploit details are provided in the do...

9.8CVSS9.2AI score0.06592EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder