Lucene search
K

72 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-27476

Malicious code in bioql PyPI...

5.3CVSS4.8AI score0.00726EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-7977

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.00495EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-27475

Malicious code in bioql PyPI...

4.3CVSS4.9AI score0.00545EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/26 2:16 a.m.41 views

Security Bulletin: Provision to add https and Secure Flag to bayeux_browser cookie for IBM Control Desk.

Summary BAYEUXBROWSER cookie is generated from Cometd Server and it remains live with the session. In older versions of cometd server, BAYEUXBROWSER cookie was neither true for https nor for secure. But in the current version ie. 5.0.3, there is a provision to make the cookie true for https and...

5.3CVSS4.1AI score0.00726EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/05/31 2:39 p.m.40 views

Security Bulletin: Maximo Asset Management: IBM SDK, Java Technology Edition Quarterly CPU - Apr 2024 - Includes Oracle April 2024 CPU plus CVE-2023-38264

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 that are used by Maximo Asset Management, Maximo Industry Solutions including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas and Maximo for Utilities a...

7.5CVSS6.2AI score0.00848EPSS
Exploits0Affected Software11
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/27 4:20 p.m.29 views

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Jan 2024 - Includes Oracle January 2024 CPU plus CVE-2023-33850

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 that are used by Maximo Asset Management, Maximo Industry Solutions including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas and Maximo for Utilities a...

7.5CVSS7.3AI score0.01026EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/12/21 4:58 p.m.19 views

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - April 2023 - Includes Oracle October 2023 CPU

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 that are used by Maximo Asset Management, Maximo Industry Solutions including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas and Maximo for Utilities a...

6.7AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/04 6:29 a.m.26 views

Security Bulletin: Cross-Site Scripting Attacks (XSS) on Service Portal

Summary The Service Portal web application delivers data to its users along with other trusted dynamic content, without validating it. The regex-based input HTML replacement may turn sanitized code into un-sanitized code. Vulnerability Details Refer to the security bulletins listed in the...

6.5AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/21 7:47 p.m.21 views

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - April 2023 - Includes Oracle April 2023 CPU

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 that are used by Maximo Asset Management, Maximo Industry Solutions including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas and Maximo for Utilities a...

6.7AI score
Exploits0Affected Software11
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/12 1:21 p.m.70 views

Security Bulletin: Apache POI up to 4.1.0 allows an attacker while converting user-provided document to XML

Summary In Apache POI up to 4.1.0, when using the tool XSSFExportToXml to convert user-provided Microsoft Excel documents, a specially crafted document can allow an attacker​​. Vulnerability Details CVEID:CVE-2019-12415 DESCRIPTION: Apache POI could allow a remote attacker to obtain sensitive...

5.5CVSS7.6AI score0.0099EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/12 1:16 p.m.65 views

Security Bulletin: Apache Commons HttpClient 3.x (and few others) allow Man-In-The-Middle (MITM) attack

Summary Apache Commons HttpClient 3.x and few others used do not verify the server hostname in the subject Common Name CN and allows Man-In-The-Middle MITM attack Vulnerability Details CVEID:CVE-2012-5783 DESCRIPTION: Apache Commons HttpClient, as used in Amazon Flexible Payments Service FPS...

5.8CVSS6.5AI score0.19312EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/22 3:2 a.m.25 views

Security Bulletin: IBM Maximo Asset Management contains a vulnerability that could allow a remote authenticated user to view ticket worklog entries that they should not have access to (CVE-2015-5016)

Summary IBM Maximo Asset Management contains a vulnerability that could allow a remote authenticated user to view ticket worklog entries that they should not have access to. This vulnerability could allow a local attacker to obtain sensitive information. The vulnerability affects Maximo Asset...

4.3CVSS4.1AI score0.00993EPSS
Exploits0Affected Software15
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/22 3:2 a.m.21 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2015-2017)

Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions including Maximo for Aviation, Maximo for Energy Optimization, Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation,...

4.3CVSS7.4AI score0.01876EPSS
Exploits0Affected Software15
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/22 3:2 a.m.17 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2017-1501)

Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions including Maximo for Energy Optimization, Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life...

5.9CVSS5.8AI score0.02033EPSS
Exploits0Affected Software15
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/22 3:2 a.m.19 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2017-1121)

Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions including Maximo for Energy Optimization, Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life...

5.4CVSS5.5AI score0.00879EPSS
Exploits0Affected Software15
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/22 3:2 a.m.23 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2017-1151)

Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions including Maximo for Energy Optimization, Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life...

8.1CVSS8AI score0.02237EPSS
Exploits0Affected Software14
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/22 3:2 a.m.33 views

Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2016-3426, CVE-2016-3427)

Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions including Maximo for Energy Optimization, Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life...

10CVSS7.9AI score0.92334EPSS
Exploits1Affected Software15
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/22 3:2 a.m.18 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2017-1137)

Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions including Maximo for Energy Optimization, Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life...

8.1CVSS7.9AI score0.01881EPSS
Exploits0Affected Software15
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/22 3:2 a.m.20 views

Security Bulletin: IBM Maximo Asset Management is vulnerable to cross-site scripting, caused by improper validation of user-supplied input (CVE-2016-0399)

Summary IBM Maximo Asset Management is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using the a specially-crafted URL to execute script in a victim's Web browser within the security context of the...

5.4CVSS5.5AI score0.00622EPSS
Exploits0Affected Software14
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/22 3:2 a.m.18 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2017-1504)

Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions including Maximo for Energy Optimization, Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life...

6.5CVSS6.6AI score0.00944EPSS
Exploits0Affected Software15
Rows per page
Query Builder