93 matches found
Security Bulletin: IBM Asset Data Dictionary Component uses zookeeper-3.5.9.jar and snappy-java-1.1.8.3.jar which are vulnerable to CVE-2023-44981,CVE-2023-34453, CVE-2023-34455 , CVE-2023-34454 and CVE-2023-43642
Summary IBM Asset Data Dictionary Component uses zookeeper-3.5.9.jar and snappy-java-1.1.8.3.jar which are vulnerable to CVE-2023-44981,CVE-2023-34453, CVE-2023-34455, CVE-2023-34454 and CVE-2023-43642. This bulletin contains information regarding the vulnerability and its remediation...
Security Bulletin: IBM Asset Data Dictionary Component uses urllib3 which is vulnerable to CVE-2023-43804
Summary IBM Asset Data Dictionary Component uses urllib3 which is vulnerable to CVE-2023-43804. This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2023-43804 DESCRIPTION: urllib3 could allow a remote authenticated attacker to obtain...
Vulnerability of the Server component: The Data Dictionary of the Oracle MySQL Server database management system, which allows attackers to cause service interruptions.
The vulnerability of the Server component: The Data Dictionary component of the Oracle MySQL Server database management system is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to cause service interruptions using the MySQL protocol...
Security Bulletin:IBM Asset Data Dictionary Component uses vertx-core-4.5.0.jar which is vulnerable to CVE-2024-1023 and CVE-2024-1300.
Summary IBM Asset Data Dictionary Component uses vertx-core-4.5.0.jar which is vulnerable to CVE-2024-1023 and CVE-2024-1300. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-1023 DESCRIPTION: Eclipse Vert.x is vulnerable to a...
CVE-2024-21060
A flaw was found in the MySQL Server product of Oracle MySQL component: Server: Data Dictionary. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in...
CVE-2024-21060
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Data Dictionary. Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise...
UBUNTU-CVE-2024-21060
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Data Dictionary. Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise...
PT-2024-3446 · Oracle +4 · Mysql Server +3
Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.36 and prior MySQL Server versions 8.3.0 and prior Description: The issue is related to the MySQL Server product of Oracle MySQL, specifically the Server: Data Dictionary component. It allows a high-privileged attack...
Security Bulletin: IBM Maximo Application Suite uses ion-java-1.2.0.jar which is vulnerable to CVE-2024-21634.
Summary IBM Maximo Application Suite uses ion-java-1.2.0.jar which is vulnerable to CVE-2024-21634. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-21634 DESCRIPTION: Amazon Ion is vulnerable to a denial of service, caused by a...
Security Bulletin: IBM Maximo Application Suite uses urllib3-2.0.3-py3-none-any.whl which is vulnerable to CVE-2023-45803
Summary BM Maximo Application Suite uses urllib3-2.0.3-py3-none-any.whl which is vulnerable to CVE-2023-45803. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2023-45803 DESCRIPTION: urllib3 could allow a remote authenticated attacke...
Security Bulletin: IBM Maximo Application Suite uses certifi-2023.5.7-py3-none-any.whl which is vulnerable to CVE-2023-37920
Summary IBM Maximo Application Suite uses certifi-2023.5.7-py3-none-any.whl which is vulnerable to CVE-2023-37920. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2023-37920 DESCRIPTION: An unspecified error with the removal of e-Tug...
Security Bulletin: There is a vulnerability in Asset Data Dictionary used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2023-34462 and CVE-2023-44487)
Summary There is a vulnerability in Asset Data Dictionary used by IBM Maximo Manage application in IBM Maximo Application Suite Vulnerability Details CVEID:CVE-2023-34462 DESCRIPTION: Netty is vulnerable to a denial of service, caused by a flaw with allocating up to 16MB of heap for each channel...
Security Bulletin: IBM Asset Data Dictionary Component uses json-path-2.6.0.jar which is vulnerable to CVE-2023-51074.
Summary IBM Asset Data Dictionary Component uses json-path-2.6.0.jar which is vulnerable to CVE-2023-51074. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2023-51074 DESCRIPTION: json-path is vulnerable to a denial of service, cause...
Security Bulletin:IBM Asset Data Dictionary Component uses logback-classic-1.3.0-alpha16.jar which is vulnerable to CVE-2023-6378
Summary IBM Asset Data Dictionary Component uses logback-classic-1.3.0-alpha16.jar which is vulnerable to CVE-2023-6378. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2023-6378 DESCRIPTION: QOS.ch Sarl Logback is vulnerable to a...
Security Bulletin: IBM Asset Data Dictionary Component uses netty-codec-http2-4.1.94, netty-handler-4.1.86 and netty-handler-4.1.92 which is vulnerable to CVE-2023-44487 and CVE-2023-34462
Summary IBM Asset Data Dictionary Component uses netty-codec-http2-4.1.94, netty-handler-4.1.86 and netty-handler-4.1.92 which is vulnerable to CVE-2023-44487 and CVE-2023-34462. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details...
Security Bulletin: IBM Asset Data Dictionary Component uses bcprov-jdk18on-1.72.jar which is vulnerable to CVE-2023-33201 and CVE-2023-33202
Summary IBM Asset Data Dictionary Component uses bcprov-jdk18on-1.72.jar which is vulnerable to CVE-2023-33201 and CVE-2023-33202. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2023-33201 DESCRIPTION: The Bouncy Castle Crypto Packa...
Security Bulletin: There are multiple vulnerabilities in mas-data-dictionary-lib-1.0.0.jar used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2022-1471, CVE-2023-1370 and CVE-2021-42550)
Summary There are multiple vulnerabilities in mas-data-dictionary-lib-1.0.0.jar used by IBM Maximo Manage application in IBM Maximo Application Suite Vulnerability Details CVEID:CVE-2022-1471 DESCRIPTION: SnakeYaml could allow a remote authenticated attacker to execute arbitrary code on the syste...
SUSE CVE-2021-35632
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Data Dictionary. Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQ...
Security Bulletin: Eclipse Vert.x-Web component is vulnerable to CVE-2023-24815 is used by IBM Maximo Application Suite
Summary IBM Maximo Application Suite uses Eclipse Vert.x-Web package which is vulnerable to CVE-2023-24815. Vulnerability Details CVEID:CVE-2023-24815 DESCRIPTION: Eclipse Vert.x-Web could allow a remote attacker to obtain sensitive information, caused by a flaw when mounted on a wildcard route. ...
Security Bulletin: Jettison component is vulnerable to CVE-2022-45685 and CVE-2022-45693 is used by IBM Maximo Application Suite
Summary IBM Maximo Application Suite uses Jettison package which is vulnerable to CVE-2022-45685 and CVE-2022-45693. Vulnerability Details CVEID:CVE-2022-45685 DESCRIPTION: Jettison is vulnerable to a denial of service, caused by a stack-based buffer overflow. By sending an overly long string usi...