Lucene search
K

277 matches found

Patchstack
Patchstack
added 2023/03/03 12:0 a.m.8 views

WordPress i2 Pros & Cons Plugin <= 1.3.1 is vulnerable to Cross Site Scripting (XSS)

Software i2 Pros & Cons Type Plugin Vulnerable versions = 1.3.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0065 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID cc85825abe76 Credits Lana Codes Required...

5.4CVSS5.9AI score0.00471EPSS
Exploits2References3Affected Software1
wpexploit
wpexploit
added 2023/02/13 12:0 a.m.114 views

i2 Pros & Cons <= 1.3.1 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. i2prosandcons showbutton='true'...

5.4CVSS5.2AI score0.00471EPSS
Exploits2
vulnersOsv
vulnersOsv
added 2022/05/20 12:0 a.m.9 views

ai.aitia:arrowhead-application-library-java-spring (>=4.4.0.2 <=4.6.0.0), ai.ylyue:yue-library-auth-client (=j11.2.6.0) +1751 more potentially affected by CVE-2022-22978 via org.springframework.security:spring-security-core (>=5.6.0 <=5.6.3)

org.springframework.security:spring-security-core MAVEN version =5.6.0, =4.4.0.2, =1.3.1.RELEASE, =0.2.0, =0.8.3, =2.1.0.M8, =1.0.0, =2.7.0.Beta3, =2.7.0.Beta4, =2.7.0.Beta3, =2.7.0.Beta3, =2.7.0.Beta3, =2.7.0.RC1 and more Source cves: CVE-2022-22978 Source advisory: OSV:GHSA-HH32-7344-CG2F...

9.8CVSS6.7AI score0.10037EPSS
Exploits6
vulnersOsv
vulnersOsv
added 2022/04/03 12:0 a.m.4 views

city.smartb.f2:f2-spring-boot-starter-function (>=0.2.2 <=0.6.0), city.smartb.f2:f2-spring-boot-starter-function-http (>=0.2.2 <=0.6.0) +412 more potentially affected by CVE-2022-22963 via org.springframework.cloud:spring-cloud-function-context (>=3.2.0 <=3.2.2)

org.springframework.cloud:spring-cloud-function-context MAVEN version =3.2.0, =0.2.2, =0.2.2, =0.2.2, =0.2.0, =0.2.0, =0.2.0, =0.5.0, =0.2.0, =0.2.0, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =0.6.0 and more Source cves: CVE-2022-22963 Source advisory: OSV:GHSA-6V73-FGF6-W5J7...

9.8CVSS7.3AI score0.99939EPSS
Exploits36
IBM Security Bulletins
IBM Security Bulletins
added 2022/01/28 4:10 p.m.42 views

Security Bulletin: Vulnerability with Diffie-Hellman ciphers may affect IBM i2 Intelligence Analysis Platform (CVE-2015-4000)

Summary The LogJam Attack on Diffie-Hellman ciphers CVE-2015-4000 may affect some configurations of the IBM WebSphere Application Server used with the IBM i2 Intelligence Analysis Platform. The IBM HTTP Server used by IBM i2 Intelligence Analysis Platform is not affected. Vulnerability Details...

4.3CVSS7AI score0.9986EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/31 8:13 p.m.228 views

Security Bulletin: IBM i2 Analyze and IBM i2 Analyst's Notebook Premium are affected by Apache Log4j Vulnerabilities (CVE-2021-45105 and CVE-2021-45046)

Summary Apache Log4j is used by IBM i2 Analyze for general purpose and application error logging. It is also used in IBM i2 Analyst's Notebook Premium when the chart store is deployed. This bulletin addresses the vulnerabilities for the reported CVE-2021-45105 and CVE-2021-45046. The below fix...

10CVSS0.4AI score0.99999EPSS
Exploits355Affected Software3
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/24 8:33 a.m.294 views

Security Bulletin: i2 Analyze, i2 Connect and Analyst's Notebook Premium are affected by the Log4j vulnerability (CVE-2021-44228)

Summary Log4j is used by i2 Analyze and i2 Connect for general purpose and application error logging. It is also used in Analyst's Notebook Premium when the chart store is deployed. This bulletin provides mitigation for the reported CVE-2021-44228 by providing configuration that addresses Log4j...

10CVSS1.6AI score0.99999EPSS
Exploits351Affected Software3
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/21 6:59 p.m.33 views

Security Bulletin: i2 Analysts' Notebook memory corruption vulnerability

Summary i2 Analysts' Notebook is potentially vulnerable to a memory corruption vulnerability Vulnerability Details CVEID: CVE-2021-39050 DESCRIPTION: IBM i2 Analyst's Notebook 9.2.0, 9.2.1, and 9.2.2 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local...

7.8CVSS7.6AI score0.00299EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/21 6:45 p.m.42 views

Security Bulletin: i2 Analysts' Notebook memory corruption vulnerability

Summary i2 Analysts' Notebook is vulnerable to potential memory corruption vulnerabilities Vulnerability Details CVEID: CVE-2021-39049 DESCRIPTION: IBM i2 Analyst's Notebook 9.2.0, 9.2.1, and 9.2.2 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local attacke...

7.8CVSS7.6AI score0.00299EPSS
Exploits0Affected Software2
NVD
NVD
added 2021/12/13 7:15 p.m.20 views

CVE-2021-39050

IBM i2 Analyst's Notebook 9.2.0, 9.2.1, and 9.2.2 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and gain lower level privileges. IBM X-Force ID: 214440...

7.8CVSS0.00299EPSS
Exploits0References2
NVD
NVD
added 2021/12/13 7:15 p.m.20 views

CVE-2021-39049

IBM i2 Analyst's Notebook 9.2.0, 9.2.1, and 9.2.2 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and gain lower level privileges. IBM X-Force ID: 214439...

7.8CVSS0.00299EPSS
Exploits0References2
Prion
Prion
added 2021/12/13 7:15 p.m.14 views

Stack overflow

IBM i2 Analyst's Notebook 9.2.0, 9.2.1, and 9.2.2 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and gain lower level privileges. IBM X-Force ID: 214440...

4.6CVSS7.6AI score0.00299EPSS
Exploits0References2
Prion
Prion
added 2021/12/13 7:15 p.m.15 views

Stack overflow

IBM i2 Analyst's Notebook 9.2.0, 9.2.1, and 9.2.2 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and gain lower level privileges. IBM X-Force ID: 214439...

4.6CVSS7.6AI score0.00299EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/12/13 6:35 p.m.30 views

CVE-2021-39050

IBM i2 Analyst's Notebook 9.2.0, 9.2.1, and 9.2.2 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and gain lower level privileges. IBM X-Force ID: 214440...

5.3CVSS7.7AI score0.00299EPSS
Exploits0References2
CVE
CVE
added 2021/12/13 6:35 p.m.57 views

CVE-2021-39050

The CVE-2021-39050 entry affects IBM i2 Analyst’s Notebook versions 9.2.0, 9.2.1, and 9.2.2, describing a stack-based buffer overflow caused by improper bounds checking that could allow a local attacker to escalate privileges. The IBM security bulletin (9.3.1 update) and related IBM X-Force refer...

7.8CVSS7.6AI score0.00299EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/12/13 6:35 p.m.23 views

CVE-2021-39049

IBM i2 Analyst's Notebook 9.2.0, 9.2.1, and 9.2.2 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and gain lower level privileges. IBM X-Force ID: 214439...

5.3CVSS7.7AI score0.00299EPSS
Exploits0References2
CVE
CVE
added 2021/12/13 6:35 p.m.51 views

CVE-2021-39049

CVE-2021-39049 affects IBM i2 Analyst’s Notebook 9.2.0, 9.2.1, and 9.2.2, with a stack-based buffer overflow caused by improper bounds checking. A local attacker could overflow a buffer and gain lower-privilege access. IBM’s security bulletin notes a memory-corruption vulnerability and directs re...

7.8CVSS7.6AI score0.00299EPSS
Exploits0References2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/13 4:47 p.m.23 views

Security Bulletin: DB2 bundled with IBM i2 Analyze is affected by multiple vulnerabilities (CVE-2021-38931, CVE-2021-29678, CVE-2021-20373, CVE-2021-39002, CVE-2021-38926)

Summary IBM i2 Analyze bundles DB2. IBM DB2 has issued fixes for multiple security vulnerabilities. Vulnerability Details CVEID: CVE-2021-38931 DESCRIPTION: IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server 11.1, and 11.5 is vulnerable to an information disclosure as a result of a...

8.7CVSS6.1AI score0.01482EPSS
Exploits0Affected Software1
CNVD
CNVD
added 2021/10/29 12:0 a.m.27 views

IBM i2 iBase Information Disclosure Vulnerability (CNVD-2021-94902)

IBM i2 iBase is an intuitive intelligence data management application that enables collaborative teams of analysts to capture, control and analyze data from multiple sources in a highly secure workgroup environment. An information disclosure vulnerability exists in IBM i2 iBase versions 8.9.13 an...

5.5CVSS5AI score0.00212EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2021/10/28 9:39 a.m.13 views

Security Bulletin: Multiple vulnerabilities in IBM HTP server optionally used by i2 Analyze

Summary There are multiple vulnerabilities in the IBM HTTP Server bundled and optionally deployed with IBM i2 Analyze. The referenced bulletin points to fixes for the issues. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versio...

1.1AI score
Exploits0Affected Software1
Rows per page
Query Builder