CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

101 matches found

NVD•added 2026/05/26 5:16 p.m.•8 views

CVE-2025-36221

IBM Cloud Pak for Data System - Cyclops 11.3.0.2 through Interim Fix 002 IBM Cloud Pak for Data System uses default passwords default passwords from the manufacturing process for use during the installation process, which could allow an attacker to bypass authentication...

7.5CVSS0.00044EPSS

Exploits0References1

Cvelist•added 2026/05/26 3:55 p.m.•33 views

CVE-2025-36221 Vulnerabilities exists in IBM Cloud Pak for Data System (CPDS 1.0) - Cyclops.

5.3CVSS0.00044EPSS

Exploits0References1

ATTACKERKB•added 2026/05/26 3:54 p.m.•5 views

CVE-2025-36220

IBM Cloud Pak for Data System - Cyclops 11.3.0.2 through Interim Fix 002 IBM Cloud Pak for Data System is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database...

4.3CVSS5.9AI score0.00049EPSS

Exploits0References2Affected Software1

IBM Security Bulletins•added 2026/05/26 6:40 a.m.•8 views

Security Bulletin: Vulnerabilities exists in IBM Cloud Pak for Data System (CPDS 1.0) - Cyclops.

Summary Vulnerabilities exists in IBM Cloud Pak for Data System CPDS 1.0 - Cyclops addressed in 11.3.1.1. Vulnerability Details CVEID:CVE-2022-3219 DESCRIPTION: GnuPG can be made to spin on a relatively small input by for example crafting a public key with thousands of signatures attached,...

7.5CVSS5.4AI score0.00165EPSS

Exploits3Affected Software1

IBM Security Bulletins•added 2026/05/26 6:31 a.m.•7 views

Security Bulletin: Vulnerabilities exists in IBM Cloud Pak for Data System (CPDS 1.0) - Cyclops.

Summary Vulnerabilities exists in IBM Cloud Pak for Data System CPDS 1.0 - Cyclops addressed in 11.3.1.1. Vulnerability Details CVEID:CVE-2025-36220 DESCRIPTION: IBM Cloud Pak for Data System is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which coul...

9.8CVSS5.9AI score0.00049EPSS

Exploits0Affected Software1

CNNVD•added 2026/05/26 12:0 a.m.•5 views

IBM Cloud Pak for Data System SQL注入漏洞

IBM Cloud Pak for Data System is an enterprise data and AI integration platform provided by IBM. Version 11.3.0.2 of IBM Cloud Pak for Data System, as well as the Interim Fix 002, contain a SQL injection vulnerability. This vulnerability allows for SQL injection attacks, potentially enabling remo...

9.8CVSS5.9AI score0.00049EPSS

Exploits0References1

CNNVD•added 2026/05/26 12:0 a.m.•5 views

IBM Cloud Pak for Data System 安全漏洞

IBM Cloud Pak for Data System is an enterprise data and AI integration platform provided by IBM. The version 11.3.0.2 of IBM Cloud Pak for Data System, as well as the Interim Fix 002, contain security vulnerabilities. These vulnerabilities stem from the use of default passwords during the...

7.5CVSS5.8AI score0.00044EPSS

Exploits0References1

NVD•added 2026/04/27 9:16 p.m.•0 views

CVE-2024-46636

NASA Earth Observing System Data and Information System EOSDIS MODAPS v8.1 was discovered to contain a SQL injection vulnerability in the category parameter...

9.4CVSS0.0004EPSS

Exploits1References3

IBM Security Bulletins•added 2026/04/15 6:16 a.m.•4 views

Security Bulletin: IBM Cloud Pak for Data System (CPDS 2.0) - NULL Pointer Dereference in OpenSSL cryptography package

Summary IBM Cloud Pak for Data System CPDS 2.0 uses the Python cryptography package version 3.4.7, which depends on OpenSSL. CVE-2024-0727 affects OpenSSL's PKCS12 file processing functionality. A maliciously formatted PKCS12 file can cause a NULL pointer dereference, leading to application crash...

5.5CVSS6.7AI score0.00208EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/04/15 6:14 a.m.•7 views

Security Bulletin: IBM Cloud Pak for Data System (CPDS 2.0) - Insufficient Verification in cryptography package

Summary IBM Cloud Pak for Data System CPDS 2.0 uses the Python cryptography package version 3.3.2, which contains a critical vulnerability CVE-2026-26007 affecting elliptic curve cryptography operations. The package fails to verify that public key points belong to the expected prime-order subgrou...

8.2CVSS6.9AI score0.00009EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/04/01 10:35 a.m.•3 views

Security Bulletin: IBM Cloud Pak for Data System (CPDS 1.0) is affected by improper handling of Windows device names due to Werkzeug

Summary Werkzeug is used by IBM Cloud Pak for Data System 1.0 as a WSGI web application library. CVE-2025-66221 affects Werkzeug's handling of Windows device names, which could lead to improper resource handling and potential availability impact on Windows systems. This vulnerability relates to t...

6.3CVSS6.9AI score0.00032EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/04/01 10:31 a.m.•4 views

Security Bulletin: IBM Cloud Pak for Data System (CPDS 1.0) is affected by multiple vulnerabilities due to urllib3

Summary The urllib3 library is used by IBM Cloud Pak for Data System 1.0 to provide HTTP client functionality for Python applications. Multiple vulnerabilities affect urllib3. CVE-2025-66418 involves allocation of resources without limits or throttling, which could lead to resource exhaustion...

8.9CVSS6.9AI score0.00021EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/04/01 9:58 a.m.•4 views

Security Bulletin: IBM Cloud Pak for Data System (CPDS 1.0) is affected by credential disclosure due to Python Requests library

Summary The Python Requests library is used by IBM Cloud Pak for Data System 1.0 to handle HTTP communications. CVE-2024-47081 affects Requests due to a URL parsing issue that may leak .netrc credentials to third parties when processing maliciously-crafted URLs. This vulnerability could result in...

5.3CVSS7AI score0.00208EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2026/04/01 9:46 a.m.•3 views

Security Bulletin: IBM Cloud Pak for Data System (CPDS 1.0) is affected by denial of service due to Python cryptography package

Summary The Python cryptography package is used by IBM Cloud Pak for Data System to provide cryptographic functionality. CVE-2024-0727 affects the underlying OpenSSL library used by the cryptography package. Processing a maliciously formatted PKCS12 file may cause a NULL pointer dereference in...

5.5CVSS6.7AI score0.00208EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/04/01 9:38 a.m.•1 views

Security Bulletin: IBM Cloud Pak for Data System (CPDS 1.0) is affected by improper validation due to Eclipse Jetty.

Summary Eclipse Jetty is used by IBM Cloud Pak for Data System CPDS as part of its web server infrastructure. CVE-2024-6763 affects Eclipse Jetty's HttpURI class, which performs insufficient validation on the authority segment of a URI. This could potentially lead to open redirect attacks or...

5.3CVSS7.1AI score0.01189EPSS

Exploits1Affected Software1

Positive Technologies•added 2026/01/16 12:0 a.m.•1 views

PT-2026-3323

Name of the Vulnerable Software and Affected Versions Modular DS versions 2.5.2 through 2.5.9 Description An incorrect privilege assignment exists in the Modular DS modular-connector component, potentially allowing for privilege escalation. The issue allows an attacker to gain elevated privileges...

10CVSS6.9AI score0.00026EPSS

Exploits0References10

RedhatCVE•added 2026/01/15 9:27 a.m.•7 views

CVE-2026-23550

Incorrect Privilege Assignment vulnerability in Modular DS Modular DS modular-connector allows Privilege Escalation.This issue affects Modular DS: from n/a through = 2.5.1...

9.8CVSS6AI score0.04525EPSS

Exploits6References1

Positive Technologies•added 2026/01/14 12:0 a.m.•5 views

PT-2026-2847

Name of the Vulnerable Software and Affected Versions Modular DS versions through 2.5.1 Description A critical vulnerability exists in the Modular DS WordPress plugin that allows unauthenticated attackers to gain administrative access to affected websites. This flaw, tracked as CVE-2026-23550, is...

9.8CVSS5.9AI score0.04525EPSS

Exploits6References52

IBM Security Bulletins•added 2025/12/17 2:51 p.m.•4 views

Security Bulletin: Vulnerability in requests affects IBM Cloud Pak for Data System 2.0 (CPDS 2.0) [CVE-2024-35195]

Summary The requests package is used by IBM Cloud Pak for Data System 2.0 . IBM Cloud Pak for Data System 2.0 has addressed the applicable CVEs CVE-2024-35195 Vulnerability Details CVEID:CVE-2024-35195 DESCRIPTION: Psf Requests could allow a local authenticated attacker to bypass security...

5.6CVSS6.1AI score0.00044EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2025/12/17 1:46 p.m.•3 views

Security Bulletin: Vulnerability in urllib3 affects IBM Cloud Pak for Data System 2.0 (CPDS 2.0)[CVE-2023-43804, CVE-2023-45803]

Summary The urllib3 package is used by IBM Cloud Pak for Data System 2.0 . IBM Cloud Pak for Data System 2.0 has addressed the applicable CVEsCVE-2023-43804, CVE-2023-45803 Vulnerability Details CVEID:CVE-2023-43804 DESCRIPTION: urllib3 is a user-friendly HTTP client library for Python. urllib3...

8.1CVSS6.8AI score0.0095EPSS

Exploits0Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by