CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

179 matches found

IBM Security Bulletins•added 2023/11/07 9:43 p.m.•23 views

Security Bulletin: A vulnerability in Node.js bl package affects Data Replication on Cloud Pak for Data

Summary A vulnerability in Node.js bl package used in Data Replication on Cloud Pak for Data was addressed. Vulnerability Details CVEID:CVE-2020-8244 DESCRIPTION: Node.js bl module could allow a remote attacker to obtain sensitive information, caused by a buffer over-read flaw in the consume...

6.5CVSS6.6AI score0.0114EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2023/11/07 9:39 p.m.•26 views

Security Bulletin: An unspecified IBM SDK, Java Technology Edition vulnerability affects InfoSphere Data Replication

Summary An unspecified IBM SDK, Java Technology Edition vulnerability is addressed. Vulnerability Details CVEID:CVE-2022-21626 DESCRIPTION: An unspecified vulnerability in Java SE related to the Security component could allow an unauthenticated attacker to cause a denial of service resulting in a...

5.3CVSS5.3AI score0.00146EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2023/11/07 9:27 p.m.•33 views

Security Bulletin: Multiple vulnerabilities in IBM SDK, Java Technology Edition affects InfoSphere Data Replication

Summary Multiple vulnerabilities in IBM SDK, Java Technology Edition used in InfoSphere Data Replication was addressed. Vulnerability Details CVEID: CVE-2023-21930 DESCRIPTION: An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the JSSE component could...

7.4CVSS6.8AI score0.00174EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2023/11/07 9:20 p.m.•23 views

Security Bulletin: A vulnerability in Golang Go package affects Data Replication on Cloud Pak for Data

Summary A vulnerability in Golang Go package used in Data Replication on Cloud Pak for Data was addressed. Vulnerability Details CVEID: CVE-2022-41723 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by a flaw in the HPACK decoder. By sending a specially-crafted HTTP/2 stream, ...

7.5CVSS6.6AI score0.00264EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2023/11/07 9:16 p.m.•40 views

Security Bulletin: Multiple vulnerabilities in Golang Go package affects Data Replication on Cloud Pak for Data

Summary Multiple vulnerabilities in Golang Go package used in Data Replication on Cloud Pak for Data was addressed. Vulnerability Details CVEID:CVE-2022-27664 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by a flaw in net/http. By sending a specially-crafted request, a remot...

7.5CVSS7.7AI score0.00098EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2023/11/07 9:10 p.m.•21 views

Security Bulletin: A vulnerability in tar package affects Data Replication on Cloud Pak for Data

Summary A vulnerability in tar package used in Data Replication on Cloud Pak for Data was addressed. Vulnerability Details CVEID:CVE-2022-48303 DESCRIPTION: GNU Tar is vulnerable to a heap-based buffer overflow, caused by an out-of-bounds read in the fromheader function in list.c when processing ...

5.5CVSS6.7AI score0.00047EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2023/11/07 9:8 p.m.•35 views

Security Bulletin: A vulnerability in SnakeYaml package affects Data Replication on Cloud Pak for Data

Summary A vulnerability in SnakeYaml package used in Data Replication on Cloud Pak for Data was addressed. Vulnerability Details CVEID: CVE-2022-1471 DESCRIPTION: SnakeYaml could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in...

9.8CVSS7.8AI score0.93849EPSS

Exploits7Affected Software1

IBM Security Bulletins•added 2023/11/07 8:35 p.m.•30 views

Security Bulletin: A vulnerability in libksba package affects Data Replication on Cloud Pak for Data

Summary A vulnerability in libksba package used in Data Replication on Cloud Pak for Data was addressed. Vulnerability Details CVEID: CVE-2022-47629 DESCRIPTION: Libksba could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow in the CRL signature parse...

9.8CVSS8AI score0.0146EPSS

Exploits2Affected Software1

IBM Security Bulletins•added 2023/10/27 9:32 p.m.•31 views

Security Bulletin: Due to use of Java 8.0.7.11 version, InfoSphere Data Replication is vulnerable to crypto attacks.

Summary InfoSphere Data Replication is using Java 8.0.7.11 as both, a build time environment and a runtime environment, which was exposed to the vulnerabilities reported in CVE-2023-30441. Vulnerability Details CVEID: CVE-2023-30441 DESCRIPTION: IBM Runtime Environment, Java Technology Edition...

7.5CVSS6AI score0.00059EPSS

Exploits0Affected Software1

CNVD•added 2023/08/11 12:0 a.m.•15 views

SAP Supplier Relationship Management Information Disclosure Vulnerability

SAP Supplier Relationship Management SRM is a supplier relationship management solution from SAP. The product automates purchasing and acquisition processes within an organization and between suppliers, and provides functions such as invoicing. An information disclosure vulnerability exists in SA...

5.8CVSS5.3AI score0.00228EPSS

Exploits0References1

CNNVD•added 2023/08/08 12:0 a.m.•4 views

SAP Supplier Relationship Management 信息泄露漏洞

5.8CVSS6.1AI score0.00228EPSS

Exploits0References4

RedHat Linux•added 2023/03/15 7:58 p.m.•31 views

Important: Red Hat Security Advisory: Red Hat OpenStack Platform (openstack-swift) security update

An update for openstack-swift is now available for Red Hat OpenStack Platform. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

6.5CVSS6.7AI score0.00247EPSS

Exploits1References2

RedHat Linux•added 2023/02/28 3:48 p.m.•20 views

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 17.0 (openstack-swift) security update

An update for openstack-swift is now available for Red Hat OpenStack Platform 17.0 Wallaby. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

6.5CVSS6.7AI score0.00247EPSS

Exploits1References2

CNVD•added 2022/11/08 12:0 a.m.•22 views

Apache Pulsar Trust Management Issue Vulnerability (CNVD-2022-83591)

Apache Pulsar is an Apache Foundation distributed messaging platform for cloud environments that integrates messaging, storage, and lightweight functional computing. The software supports multi-tenancy, persistent storage, multi-room cross-regional data replication, with strong consistency, high...

8.1CVSS1.5AI score0.00155EPSS

Exploits1References1

CNVD•added 2022/09/28 12:0 a.m.•45 views

Apache Pulsar Trust Management Issues Vulnerability

Apache Pulsar is the United States Apache Apache Foundation for cloud environments, set of messages, storage, lightweight functional computing as one of the distributed message flow platform. The software supports multi-tenancy, persistent storage, multi-machine room cross-region data replication...

5.9CVSS5.9AI score0.00177EPSS

Exploits0References1

CNVD•added 2022/09/28 12:0 a.m.•30 views

Apache Pulsar Trust Management Issue Vulnerability

5.9CVSS1.9AI score0.00223EPSS

Exploits0References1

IBM Security Bulletins•added 2022/09/26 5:45 a.m.•18 views

Security Bulletin: Directory listing vulnerability in IBM InfoSphere Data Replication Dashboard (CVE-2012-4861)

Abstract InfoSphere Data Replication Dashboard includes a web server that can be used to list specific directories under the dashboard web application. Content VULNERABILITY DETAILS: CVE ID: CVE-2012-4861 DESCRIPTION: It is possible to retrieve a directory listing by sending a request for specifi...

4CVSS5.9AI score0.00146EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2022/09/25 11:13 p.m.•26 views

Security Bulletin: Denial of service in IBM InfoSphere Data Replication Dashboard (CVE-2011-4461)

Abstract InfoSphere Data Replication Dashboard includes Jetty which has a known security vulnerability that can lead to a denial of service. Content VULNERABILITY DETAILS: CVE ID: CVE-2011-4461 DESCRIPTION: An attacker, using specially crafted HTTP requests, can cause up to 100% CPU usage,...

5.3CVSS5.4AI score0.03003EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2022/09/25 11:13 p.m.•29 views

Security Bulletin: Multiple vulnerabilities in IBM JRE affect InfoSphere Data Replication Dashboard (CVE-2013-0440, CVE-2013-0443, CVE-2013-0169)

Abstract The IBM JRE embedded in the InfoSphere Data Replication Dashboard has security vulnerabilities that affect SSL connections to the dashboard web server. Content VULNERABILITY DETAILS: CVE ID: CVE-2013-0440 DESCRIPTION: An unspecified vulnerability allows remote attackers to affect...

5CVSS6.5AI score0.00943EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2022/09/25 10:39 p.m.•34 views

Security Bulletin: InfoSphere Data Replication Dashboard is affected by a vulnerability in the IBM JRE (CVE-2013-0169)

Abstract The IBM JRE that is embedded in the InfoSphere Data Replication Dashboard has a security vulnerability that affects SSL connections to the dashboard web server. Content VULNERABILITY DETAILS: CVE ID: CVE-2013-0169 DESCRIPTION: The TLS protocol does not properly consider timing side-chann...

2.6CVSS6.2AI score0.00943EPSS

Exploits0Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by