CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

92 matches found

RedhatCVE•added 2025/05/23 12:53 a.m.•3 views

CVE-2022-41299

IBM Cloud Transformation Advisor 2.0.1 through 3.3.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force...

5.4CVSS6.1AI score0.0053EPSS

Exploits0References1

IBM Security Bulletins•added 2025/05/06 9:46 a.m.•24 views

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to a vulnerability found in Node.js

Summary There is a vulnerability in Node.js used by IBM Cloud Transformation Advisor CVE-2024-57699. Vulnerability Details CVEID:CVE-2024-57699 DESCRIPTION: A security issue was found in Netplex Json-smart 2.5.0 through 2.5.1. When loading a specially crafted JSON input, containing a large number...

7.5CVSS6.9AI score0.00058EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2025/04/29 2:35 a.m.•83 views

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities

Summary IBM Cloud Transformation Advisor has addressed multiple security vulnerabilities listed herein. Vulnerability Details CVEID:CVE-2023-49569 DESCRIPTION: go-git could allow a remote attacker to traverse directories on the system. By sending a specially crafted request using the ChrootOS...

9.8CVSS10AI score0.04945EPSS

Exploits5Affected Software1

IBM Security Bulletins•added 2025/04/15 2:54 a.m.•47 views

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities found in Java, Node.js and IBM WebSphere Application Server Liberty

Summary There are multiple vulnerabilities in Java, Node.js and IBM WebSphere Application Server Liberty used by IBM Cloud Transformation Advisor. Vulnerability Details CVEID:CVE-2024-22020 DESCRIPTION: Node.js could allow a remote attacker to execute arbitrary code on the system. By embedding...

8CVSS10AI score0.01561EPSS

Exploits6Affected Software1

IBM Security Bulletins•added 2025/03/26 3:52 a.m.•60 views

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities

Summary IBM Cloud Transformation Advisor has addressed several security vulnerabilities including those in Java, Go, Python, OpenSSL and Node.js Vulnerability Details CVEID:CVE-2023-2976 DESCRIPTION: Google Guava could allow a local authenticated attacker to obtain sensitive information, caused b...

9.8CVSS9.8AI score0.03639EPSS

Exploits3Affected Software1

IBM Security Bulletins•added 2025/03/26 2:46 a.m.•44 views

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities

Summary IBM Cloud Transformation Advisor has addressed multiple security vulnerabilities including those in Node.js, IBM WebSphere Application Server Liberty and various other libraries. Vulnerability Details CVEID:CVE-2022-24839 DESCRIPTION: Sparkle Motion Nokogiri is vulnerable to a denial of...

7.5CVSS8.8AI score0.0292EPSS

Exploits4Affected Software1

IBM Security Bulletins•added 2025/03/21 12:56 p.m.•18 views

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities found in Java and Node.js

Summary There are multiple vulnerabilities in Java and Node.js used by IBM Cloud Transformation Advisor CVE-2019-20916, CVE-2021-37714, CVE-2016-2175, CVE-2025-26791, CVE-2025-1470, CVE-2025-1471. Vulnerability Details CVEID:CVE-2019-20916 DESCRIPTION: pypa pip package for python could allow a...

7.8CVSS7.8AI score0.05893EPSS

Exploits2Affected Software1

IBM Security Bulletins•added 2025/03/13 3:39 a.m.•39 views

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities found in Java, Node.js and IBM WebSphere Application Server Liberty

Summary There are multiple vulnerabilities in Java, Node.js and IBM WebSphere Application Server Liberty used by IBM Cloud Transformation Advisor. Vulnerability Details CVEID:CVE-2024-43799 DESCRIPTION: pillarjs send is vulnerable to cross-site scripting, caused by improper validation of...

8.3CVSS9.8AI score0.08235EPSS

Exploits6Affected Software1

IBM Security Bulletins•added 2025/01/22 6:54 p.m.•47 views

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Cloud Transformation Advisor

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8.0.5.35 used by IBM Cloud Transformation Advisor. IBM Cloud Transformation Advisor has addressed the applicable CVEs. These issues were disclosed as part of the IBM Java SDK updates in July 2019. Vulnerability...

9.8CVSS8.6AI score0.01476EPSS

Exploits3Affected Software1

IBM Security Bulletins•added 2024/12/18 9:57 a.m.•34 views

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities found in Java and IBM WebSphere Application Server Liberty

Summary There are multiple vulnerabilities in Java and IBM WebSphere Application Server Liberty used by IBM Cloud Transformation Advisor CVE-2024-7254, CVE-2022-46363, CVE-2015-2156, CVE-2020-11612. Vulnerability Details CVEID:CVE-2024-7254 DESCRIPTION: Any project that parses untrusted Protocol...

8.7CVSS7.9AI score0.04327EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2024/07/08 8:30 p.m.•16 views

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities found in Java

Summary There are multiple vulnerabilities in Java used by IBM Cloud Transformation Advisor CVE-2021-46877, CVE-2021-0341, CVE-2021-35515, CVE-2021-35516, CVE-2024-30172. Vulnerability Details CVEID:CVE-2021-46877 DESCRIPTION: FasterXML jackson-databind is vulnerable to a denial of service, cause...

7.5CVSS7.9AI score0.0174EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2024/06/26 2:14 p.m.•28 views

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities found in Node.js and IBM WebSphere Application Server Liberty

Summary There are multiple vulnerabilities in Node.js and IBM WebSphere Application Server Liberty used by IBM Cloud Transformation Advisor CVE-2024-27983, CVE-2024-27980, CVE-2024-22329, CVE-2024-27982, CVE-2024-22354, CVE-2024-4068. Vulnerability Details CVEID:CVE-2024-27983 DESCRIPTION: Node.j...

8.2CVSS8.9AI score0.75933EPSS

Exploits2Affected Software1

IBM Security Bulletins•added 2024/06/26 11:49 a.m.•15 views

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to a denial of service due to a module used in node

Summary There is a vulnerability in IBM WebSphere Application Server Liberty used by IBM Cloud Transformation Advisor IBM X-Force ID: 294242. Vulnerability Details IBM X-Force ID: 294242 DESCRIPTION: Node.js Axios module is vulnerable to a denial of service, caused by a prototype pollution in the...

7.9AI score

Exploits0Affected Software1

IBM Security Bulletins•added 2024/06/26 11:45 a.m.•17 views

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to weaker than expected security for outbound TLS connections due to WebSphere Application Server Liberty

Summary There is a vulnerability in IBM WebSphere Application Server Liberty used by IBM Cloud Transformation Advisor CVE-2023-50312. Vulnerability Details CVEID:CVE-2023-50312 DESCRIPTION: IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.2 could provide weaker than expected...

6.5CVSS5.9AI score0.00032EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2024/06/26 11:42 a.m.•29 views

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to conduction of phishing attacks due to a web framework used in node

Summary There is a vulnerability in IBM WebSphere Application Server Liberty used by IBM Cloud Transformation Advisor CVE-2024-29041. Vulnerability Details CVEID:CVE-2024-29041 DESCRIPTION: Express.js Express could allow a remote attacker to conduct phishing attacks, caused by an open redirect...

6.1CVSS6.6AI score0.00154EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2024/03/19 5:46 p.m.•43 views

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities

Summary IBM Cloud Transformation Advisor has addressed multiple security vulnerabilities listed herein. Vulnerability Details CVEID:CVE-2024-21891 DESCRIPTION: Node.js could allow a remote attacker to bypass security restrictions, caused by improper path traversal sequence sanitization. By using ...

9.8CVSS8.3AI score0.01642EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2024/02/20 11:21 a.m.•43 views

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities

Summary IBM Cloud Transformation Advisor has addressed multiple security vulnerabilities listed herein. Vulnerability Details CVEID:CVE-2023-51074 DESCRIPTION: json-path is vulnerable to a denial of service, caused by a stack-based buffer overflow in the Criteria.parse method. By sending a...

7.8CVSS9.9AI score0.00319EPSS

Exploits3Affected Software1

IBM Security Bulletins•added 2024/01/22 9:51 a.m.•17 views

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities

Summary IBM Cloud Transformation Advisor has addressed multiple Java security vulnerabilities listed herein. Vulnerability Details CVEID:CVE-2023-22081 DESCRIPTION: An unspecified vulnerability in Java SE related to the JSSE component could allow a remote attacker to cause no confidentiality...

5.9CVSS6.2AI score0.00172EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2023/12/06 4:18 p.m.•52 views

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities

Summary IBM Cloud Transformation Advisor has addressed multiple Java and Node.js security vulnerabilities listed herein. Vulnerability Details CVEID:CVE-2023-22045 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow a remote attacker to cause low...

9.8CVSS8.3AI score0.944EPSS

Exploits19Affected Software1

IBM Security Bulletins•added 2023/10/27 4:13 p.m.•36 views

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities

Summary IBM Cloud Transformation Advisor has addressed multiple Java security vulnerabilities listed herein Vulnerability Details CVEID: CVE-2023-4759 DESCRIPTION: Eclipse JGit could allow a remote attacker to execute arbitrary code on the system, caused by improper handling of case insensitive...

8.8CVSS8.4AI score0.01216EPSS

Exploits5Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by