Lucene search
+L

5 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/08/31 10:37 a.m.94 views

Security Bulletin: IBM QRadar User Behavior Analytics is vulnerable to components with known vulnerabilities

Summary IBM QRadar User Behavior Analytics contains vulnerable packages/components and that may be identified and potentially exploited. The packages have been updated in the latest release and the vulnerabilities identified in the CVEs have been addressed. Please follow the instructions in the...

9.8CVSS9.7AI score0.44824EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/05/24 6:34 p.m.87 views

Security Bulletin: Node.js as used by IBM Security QRadar Analyst Workflow App for IBM QRadar SIEM is vulnerable to multiple vulnerabilities

Summary Node.js as used by IBM Security QRadar Analyst Workflow App for IBM QRadar SIEM is vulnerable to multiple vulnerabilities. IBM Security QRadar Analyst Workflow App for IBM QRadar SIEM has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2020-28469 DESCRIPTION: Node.js...

7.5CVSS1.1AI score0.2241EPSS
Exploits8Affected Software1
vulnersOsv
vulnersOsv
added 2021/03/08 4:6 p.m.6 views

3dcore-lib (=0.17.9), 42-cli (>=1.0.0 <=1.0.4) +2735 more potentially affected by CVE-2020-28498 via elliptic (>=0.10.2 <=6.5.3)

elliptic NPM version =0.10.2, =1.0.0, =1.0.0, =0.1.0, =0.0.0-alpha8, =2.0.0, =2.0.0, =1.0.0, =1.5.1, =2.0.0, =0.0.0-alpha8, =0.0.0-alpha8, =0.0.0-alpha8, =0.0.0-alpha8, =0.0.0-alpha8, =2.1.1 and more Source cves: CVE-2020-28498 Source advisory: OSV:GHSA-R9P9-MRJM-926W...

6.8CVSS6.8AI score0.01245EPSS
Exploits0
CVE
CVE
added 2021/02/02 6:50 p.m.95 views

CVE-2020-28498

CVE-2020-28498 affects the elliptic JS library (Node.js elliptic module) specifically the secp256k1 implementation in elliptic/ec/key.js. The root cause is that there is no validation to ensure the public key point passed to derive() actually lies on the secp256k1 curve, enabling potential privat...

6.8CVSS6.6AI score0.01245EPSS
Exploits0References4Affected Software1
vulnersOsv
vulnersOsv
added 2021/01/26 3:35 p.m.5 views

3dcore-lib (=0.17.9), @0xcert/client (>=1.0.0 <=1.0.2) +1809 more potentially affected by CVE-2020-28498 via elliptic (>=6.0.2 <=6.5.3)

elliptic NPM version =6.0.2, =1.0.0, =0.1.0, =0.0.0-alpha8, =2.0.0, =2.0.0, =1.0.0, =1.5.1, =2.0.0, =0.0.0-alpha8, =0.0.0-alpha8, =0.0.0-alpha8, =0.0.0-alpha8, =0.0.0-alpha8, =0.0.0-alpha8, =2.1.1 and more Source cves: CVE-2020-28498 Source advisory: SNYK:JS-ELLIPTIC-1064899...

6.8CVSS6.8AI score0.01245EPSS
Exploits0
Rows per page
Query Builder