Lucene search
K

177 matches found

Prion
Prion
added 2019/03/26 6:29 p.m.19 views

Design/Logic Flaw

The application server component of TIBCO Software Inc.'s TIBCO Data Science for AWS, and TIBCO Spotfire Data Science contains a vulnerability that theoretically enables a user to spoof their account to look like a different user in the affected system. Affected releases are TIBCO Software Inc.'s...

4CVSS4.7AI score0.0125EPSS
Exploits0References3Affected Software2
Prion
Prion
added 2019/03/26 6:29 p.m.16 views

Cross site scripting

The application server component of TIBCO Software Inc.'s TIBCO Data Science for AWS, and TIBCO Spotfire Data Science contains a persistent cross-site scripting vulnerability that theoretically allows an authenticated user to gain access to all the capabilities of the web interface available to...

3.5CVSS5.4AI score0.01131EPSS
Exploits0References3Affected Software2
Cvelist
Cvelist
added 2019/03/26 5:54 p.m.20 views

CVE-2019-8988 TIBCO Spotfire Data Science Privilege Escalation Vulnerability

The application server component of TIBCO Software Inc.'s TIBCO Data Science for AWS, and TIBCO Spotfire Data Science contains a persistent cross-site contains a vulnerability that theoretically allows a user to escalate their privileges on the affected system, in a way that may allow for data...

6.5CVSS8.1AI score0.0178EPSS
Exploits0References3
CVE
CVE
added 2019/03/26 5:54 p.m.46 views

CVE-2019-8987

The CVE-2019-8987 entry describes a persistent cross-site scripting vulnerability in the application server component of TIBCO Data Science for AWS and TIBCO Spotfire Data Science. Affected products and versions: TIBCO Data Science for AWS up to 6.4.0 and TIBCO Spotfire Data Science up to 6.4.0. ...

7.6CVSS5.7AI score0.01131EPSS
Exploits0References3Affected Software2
CVE
CVE
added 2019/03/26 5:54 p.m.51 views

CVE-2019-8989

The CVE describes a spoofing flaw in the application server components of TIBCO Data Science for AWS and TIBCO Spotfire Data Science, affecting releases up to 6.4.0 for both products. Impact is that an authenticated user could spoof their account to appear as another user in the affected system. ...

5CVSS4.6AI score0.0125EPSS
Exploits0References3Affected Software2
Cvelist
Cvelist
added 2019/03/26 5:54 p.m.19 views

CVE-2019-8987 TIBCO Spotfire Data Science Vulnerable to Persistent Cross-Site Scripting

The application server component of TIBCO Software Inc.'s TIBCO Data Science for AWS, and TIBCO Spotfire Data Science contains a persistent cross-site scripting vulnerability that theoretically allows an authenticated user to gain access to all the capabilities of the web interface available to...

7.6CVSS5.4AI score0.01131EPSS
Exploits0References3
CVE
CVE
added 2019/03/26 5:54 p.m.46 views

CVE-2019-8988

The CVE-2019-8988 issue affects TIBCO Data Science for AWS and TIBCO Spotfire Data Science up to version 6.4.0. The connected sources describe a persistent cross-site vulnerability in the application server component that could allow a user to escalate privileges, enabling data modifications and ...

8.1CVSS7.2AI score0.0178EPSS
Exploits0References3Affected Software2
Cvelist
Cvelist
added 2019/03/26 5:54 p.m.20 views

CVE-2019-8989 TIBCO Spotfire Data Science Spoofing Vulnerability

The application server component of TIBCO Software Inc.'s TIBCO Data Science for AWS, and TIBCO Spotfire Data Science contains a vulnerability that theoretically enables a user to spoof their account to look like a different user in the affected system. Affected releases are TIBCO Software Inc.'s...

5CVSS4.6AI score0.0125EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2019/03/26 12:0 a.m.4 views

PT-2019-19291 · Tibco Software · Tibco Spotfire Data Science +1

Name of the Vulnerable Software and Affected Versions: TIBCO Data Science for AWS versions up to and including 6.4.0 TIBCO Spotfire Data Science versions up to and including 6.4.0 Description: The application server component of TIBCO Software Inc.'s products contains a persistent cross-site...

8.1CVSS6.8AI score0.0178EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2019/03/26 12:0 a.m.6 views

PT-2019-19290 · Tibco · Tibco Data Science For Aws +1

Name of the Vulnerable Software and Affected Versions: TIBCO Data Science for AWS versions up to and including 6.4.0 TIBCO Spotfire Data Science versions up to and including 6.4.0 Description: The application server component contains a persistent cross-site scripting issue that theoretically...

7.6CVSS6.2AI score0.01131EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2019/02/12 5:20 p.m.28 views

Security Bulletin: A security vulnerability has been identified in Ansible shipped with Data Science Experience Local

Summary Ansible is shipped as a component of Data Science Experience Local. Information about a security vulnerability affecting Ansible has been published in a security bulletin. Vulnerability Details CVEID: CVE-2018-10874 DESCRIPTION: Ansible could allow a local authenticated attacker to execut...

7.8CVSS1.6AI score0.00485EPSS
Exploits0Affected Software1
Microsoft Secure
Microsoft Secure
added 2018/12/13 7:0 p.m.69 views

Microsoft AI competition explores the next evolution of predictive technologies in security

Predictive technologies are already effective at detecting and blocking malware at first sight. A new malware prediction competition on Kaggle will challenge the data science community to push these technologies even furtherto stop malware before it is even seen. The Microsoft-sponsored competiti...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/10/15 7:1 a.m.51 views

Malwarebytes Labs Cybercrime Tactics and Techniques Report (CTNT) shows shift to business targets in Q3

Once again, it's that time of year: time for the quarterly Malwarebytes Labs Cybercrime Tactics and Techniques Report. Strap in your seat belts, folks, because the third quarter of 2018 was quite a wild ride. After a sleepy first two quarters, cybercriminals shook out the cobwebs and revved up...

0.2AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2018/10/02 6:5 p.m.11 views

Security Bulletin: IBM Data Science Experience Local is affected by a Use of Hard-coded Password vulnerability

Summary IBM Data Science Experience Local has addressed the following vulnerability. Password for Data Science Experience Local Hadoop Integration server certificate private key is hard-coded. Vulnerability Details CVEID: Not Applicable DESCRIPTION: No CVE description. CVSS Base Score: 7.5 CVSS...

1.5AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/09/19 7:15 p.m.12 views

Security Bulletin: IBM Data Science Experience Local is affected by continuous traffic to a US Softlayer server

Summary IBM Data Science Experience Local has addressed the following vulnerability. After installing DSX Local, the cluster will try to reach out to an external IP located on Softlayer in the US. Vulnerability Details CVEID: Not Applicable DESCRIPTION: No CVE description. CVSS Base Score: 4.3 CV...

1.4AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/09/19 7:15 p.m.15 views

Security Bulletin: IBM Data Science Experience Local is affected by how it is encrypting external data source credentials

Summary IBM Data Science Experience Local has addressed the following vulnerability. Data Science Experience Local is has incorrect usage of encryption. Some keyes in Data Science Experience Local are stored in clear text next to the data that it encrypts. Vulnerability Details CVEID: Not...

1.4AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/09/19 7:10 p.m.9 views

Security Bulletin: IBM Data Science Experience Local is affected by how we store keystore and truststore passwords

Summary IBM Data Science Experience Local has addressed the following vulnerability. Data Science Experience Local is hardcoding the keystore truststore passwords. The 1.2.1 release fixes this vulnerability. Vulnerability Details CVEID: Not Applicable DESCRIPTION: No CVE description. CVSS Base...

1.1AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/09/18 7:15 p.m.8 views

Security Bulletin: IBM Data Science Experience Local is affected by a cryptography vulnerability

Summary IBM Data Science Experience local has addressed the following vulnerability. IBM Data Science Experience Local implements insecure algorithms for encrypting external data source credentials. Vulnerability Details CVEID: Not Applicable DESCRIPTION: No CVE description. CVSS Base Score: 6.3...

2.1AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/09/18 7:15 p.m.30 views

Security Bulletin: A security vulnerability has been identified in HAProxy shipped with Data Science Experience Local

Summary HAProxy is shipped as a component of Data Science Experience Local. Information about a security vulnerability affecting HAProxy has been published in a security bulletin. Vulnerability Details Please consult the security bulletins: CVE-2018-10184, CVE-2018-11469 for vulnerability details...

7.5CVSS1.4AI score0.0843EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/08/29 9:20 p.m.8 views

Security Bulletin: IBM Data Science Experience Local is affected by a information disclosure vulnerability.

Summary IBM Data Science Experience local has addressed the following vulnerability. IBM Data Science Experience Local could expose highly sensitive information to a local unprivileged user. Vulnerability Details CVEID: CVE-2018-1681 DESCRIPTION: IBM Data Science Experience Local could expose...

1AI score
Exploits0Affected Software1
Rows per page
Query Builder