Lucene search
+L

7 matches found

nessus
nessus
added 2025/03/05 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2023-22899

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Zip4j through 2.11.2, as used in Threema and other products, does not always check the MAC when decrypting a ZIP archive. CVE-2023-22899 Note that Nessus relies...

5.9CVSS6.7AI score0.00619EPSS
Exploits1References3
redhat
redhat
added 2023/06/27 10:56 a.m.36 views

Moderate: Red Hat Security Advisory: Migration Toolkit for Runtimes security update

An update is now available for Migration Toolkit for Runtimes. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

7.5CVSS6.8AI score0.00907EPSS
Exploits1References4
nessus
nessus
added 2023/04/19 12:0 a.m.39 views

Oracle Access Manager Multiple Vulnerabilities (Apr 2023 CPU)

The version of Oracle Access Manager installed on the remote host is missing a security patch from the April 2023 CPU Advisory. It is, therefore, affected by multiple vulnerabilities: - Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware component: Third Party Jython. T...

7.5CVSS7.3AI score0.03028EPSS
Exploits2References4
ibm
ibm
added 2023/02/15 6:22 p.m.40 views

Security Bulletin: IBM App Connect Enterprise is affected by a remote attacker due to the zip4j library [CVE-2023-22899]

Summary IBM App Connect Enterprise Transformation Advisor tool is affected by a remote attacker due to the zip4j library CVE-2023-22899. The resolving ifix includes zip4j v2.11.3. Vulnerability Details CVEID:CVE-2023-22899 DESCRIPTION: Zip4j could provide weaker than expected security, caused by...

5.9CVSS5.9AI score0.00619EPSS
Exploits1Affected Software1
vulnrichment
vulnrichment
added 2023/01/10 12:0 a.m.11 views

CVE-2023-22899

Zip4j through 2.11.2, as used in Threema and other products, does not always check the MAC when decrypting a ZIP archive...

6.7AI score0.00619EPSS
Exploits1References6
cve
cve
added 2023/01/10 12:0 a.m.233 views

CVE-2023-22899

CVE-2023-22899 affects Zip4j (v2.11.2 and earlier) as used in products like IBM/App Connect Enterprise and Threema. The issue is that MAC verification is not consistently applied when decrypting ZIP archives, constituting a cryptographic integrity risk. Several connected sources confirm the impac...

5.9CVSS5.8AI score0.00619EPSS
Exploits1References6Affected Software1
cvelist
cvelist
added 2023/01/10 12:0 a.m.40 views

CVE-2023-22899

Zip4j through 2.11.2, as used in Threema and other products, does not always check the MAC when decrypting a ZIP archive...

6.2AI score0.00619EPSS
Exploits1References6
Rows per page
Query Builder