Lucene search
+L

109 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2022/02/15 4:15 p.m.25 views

Security Bulletin: WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is vulnerable to LDAP Injection (CVE-2021-39031)

Summary WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is vulnerable to LDAP Injection CVE-2021-39031 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products and...

8.8CVSS7.6AI score0.02017EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/01/11 8:4 p.m.35 views

Security Bulletin: IBM Cloud Transformation Advisor, which is bundled with IBM Cloud Pak for Applications, has addressed multiple security vulnerabilities.

Summary IBM Cloud Transformation Advisor, which is bundled with IBM Cloud Pak for Applications, has addressed multiple security vulnerabilities CVE-2021-35517, CVE-2021-36090, CVE-2021-45105, CVE-2021-45046, CVE-2021-22960, CVE-2021-35560, CVE-2021-35586, CVE-2021-35578, CVE-2021-35564,...

9.8CVSS8AI score0.99999EPSS
Exploits46Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/01/05 9:17 p.m.35 views

Security Bulletin: Multiple vulnerabilities in Apache log4j affect IBM WebSphere Application Server which is bundled with IBM Cloud Pak for Applications(CVE-2021-45105, CVE-2021-44832)

Summary Multiple vulnerabilities in Apache log4j affect IBM WebSphere Application Server CVE-2021-45105, CVE-2021-44832. IBM WebSphere Application Server is bundled with IBM Cloud Pak for Applications. There is a vulnerability in the Apache log4j library used by IBM WebSphere Application Server...

8.5CVSS3.5AI score0.99999EPSS
Exploits23Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/16 2:29 p.m.41 views

Security Bulletin: IBM Application Navigator, which is bundled with IBM Cloud Pak for Applications, is vulnerable to a remote attacker exploitation of Apache Log4j (CVE-2021-44228)

Summary IBM Application Navigator, which is bundled with IBM Cloud Pak for Applications, is vulnerable to a remote attacker exploitation of Apache Log4j CVE-2021-44228. The IBM Application Navigator contains a copy of Apache Log4j which is not used by the IBM Application Navigator function. Out o...

10CVSS0.8AI score0.99999EPSS
Exploits355Affected Software1
NVD
NVD
added 2021/12/15 3:15 p.m.52 views

CVE-2021-42295

Visual Basic for Applications Information Disclosure Vulnerability...

5.5CVSS0.02886EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/12/15 2:14 p.m.65 views

CVE-2021-42295 Visual Basic for Applications Information Disclosure Vulnerability

...

5.5CVSS6.1AI score0.02886EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2021/12/15 12:0 a.m.26 views

Microsoft Office 2016 Information Disclosure Vulnerability (KB4504710)

This host is missing an important security update according to Microsoft KB4504710 Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...

5.5CVSS6.1AI score0.02886EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2021/12/15 12:0 a.m.26 views

Microsoft Office 2013 Information Disclosure Vulnerability (KB4486726)

This host is missing an important security update according to Microsoft KB4486726 Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...

5.5CVSS6.1AI score0.02886EPSS
Exploits0References1
Microsoft KB
Microsoft KB
added 2021/12/14 8:0 a.m.64 views

Description of the security update for Office 2016: December 14, 2021 (KB4504710)

None None...

5.5CVSS6.6AI score0.02886EPSS
Exploits0
Kaspersky
Kaspersky
added 2021/12/14 12:0 a.m.96 views

KLA12389 Multiple vulnerabilities in Microsoft Office

Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, spoof user interface, obtain sensitive information. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in...

8.8CVSS8.7AI score0.05098EPSS
Exploits0References34
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/13 2:40 p.m.22 views

Security Bulletin: WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is vulnerable to a Denial of Service (CVE-2021-38951)

Summary WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is vulnerable to a Denial of Service CVE-2021-38951 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Principal Products and...

7.5CVSS7.2AI score0.01521EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/08/02 5:36 p.m.38 views

Security Bulletin: A vulnerabilty in encoding/unicode in the UTF-16 decoder has been found in x/text package before v0.3.3 for Go that could lead to an infinite loop and denial of service, affecting IBM Cloud Pak for Applications

Summary A vulnerabilty in encoding/unicode in the UTF-16 decoder has been found in x/text package before v0.3.3 for Go that could lead to an infinite loop and denial of service, affecting IBM Cloud Pak for Applications Vulnerability Details CVEID: CVE-2020-14040 DESCRIPTION: Go Language x/text...

7.5CVSS0.9AI score0.01855EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/07/30 5:6 a.m.20 views

Security Bulletin: WebSphere Application Server, which is included in IBM Cloud Pak for Applications, is vulnerable to a Privilege Escalation vulnerability (CVE-2021-29754)

Summary WebSphere Application Server, which is included in IBM Cloud Pak for Applications, is vulnerable to a privilege escalation vulnerability. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products and...

8.8CVSS3.9AI score0.00744EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/07/30 5:4 a.m.18 views

Security Bulletin: A vulnerability has been found in IBM Cloud Pak for Applications v4.3 where insecure http communications is used

Summary A vulnerability has been found in IBM Cloud Pak for Applications v4.3 where insecure http communications is used Vulnerability Details CVEID: CVE-2021-20360 DESCRIPTION: IBM Cloud Pak for Applications uses weaker than expected cryptographic algorithms that could allow an attacker to decry...

7.5CVSS0.8AI score0.0071EPSS
Exploits0Affected Software1
OSV
OSV
added 2021/07/13 4:15 p.m.5 views

CVE-2021-20368

IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 195357...

5.4CVSS5.9AI score0.00495EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/07/12 12:0 a.m.5 views

IBM Cloud Pak for Applications 跨站脚本漏洞

IBM Cloud Pak for Applications is an enterprise containerized application development runtime platform that helps you modernize existing applications, embed additional security, and develop new applications for developing digital initiatives.A cross-site scripting vulnerability exists in IBM Clou...

5.4CVSS5.5AI score0.00495EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/07/12 12:0 a.m.4 views

IBM Cloud Pak for Applications安全漏洞

IBM Cloud Pak for Applications is an application from IBM America, Inc. Provides cloud-native development solutions that deliver value quickly. A security vulnerability exists in IBM Cloud Pak for Applications v4.3, which can be exploited by attackers to obtain sensitive information...

4.3CVSS5.6AI score0.00982EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2021/04/19 5:48 p.m.23 views

Security Bulletin: WebSphere Application Server, which is bundled in IBM Cloud Pak for Applications, contains a vulnerability in Dojo (CVE-2020-5258)

Summary WebSphere Application Server, which is bundled in IBM Cloud Pak for Applications, contains a vulnerability in Dojo CVE-2020-5258 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Principal Affected Products and...

7.7CVSS3.1AI score0.0399EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/04/19 5:47 p.m.16 views

Security Bulletin: WebSphere Application Server, which is bundled in IBM Cloud Pak for Applications, is vulnerable to a Server-side Request Forgery vulnerability (CVE-2021-20480)

Summary WebSphere Application Server, which is bundled in IBM Cloud Pak for Applications, is vulnerable to a Server-side Request Forgery vulnerability CVE-2021-20480 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions...

6.5CVSS3.1AI score0.01298EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/04/19 4:29 p.m.18 views

Security Bulletin: WebSphere Application Server, which is a component of IBM Cloud Pak for Aplications, is vulnerable to a Directory Traversal vulnerability (CVE-2020-5016)

Summary WebSphere Application Server is shipped as a component of IBM Cloud Pak for Applications. Information about security vulnerabilities affecting WebSphere Application Server have been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the...

6.5CVSS2.3AI score0.02252EPSS
Exploits0Affected Software1
Rows per page
Query Builder