Lucene search
K

65 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2024/09/06 8:38 a.m.25 views

Security Bulletin: IBM WebSphere Application Server Liberty is vulnerable to a denial of service when using the openidConnectClient-1.0 or socialLogin-1.0 feature.(CVE-2024-22353)

Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Industry Solutions including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas, and Maximo for Utilities, Maximo Adapter for Primavera, and...

7.5CVSS7.7AI score0.00818EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/05/07 8:54 p.m.22 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2023-50313)

Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Industry Solutions including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas, and Maximo for Utilities, Maximo Adapter for Primavera,...

6.5CVSS5.8AI score0.00177EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/27 4:20 p.m.29 views

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Jan 2024 - Includes Oracle January 2024 CPU plus CVE-2023-33850

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 that are used by Maximo Asset Management, Maximo Industry Solutions including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas and Maximo for Utilities a...

7.5CVSS7.3AI score0.01026EPSS
Exploits0Affected Software1
CNVD
CNVD
added 2023/07/13 12:0 a.m.12 views

Command Execution Vulnerabilities in Various Products of Beijing StarNet Ruijie Network Technology Company Limited (CNVD-2023-68249)

Beijing StarNet Ruijie Network Technology Co., Ltd. is an ICT infrastructure and industry solutions provider. A command execution vulnerability exists in various products of Beijing StarNet Ruijie Network Technology Co., Ltd. that can be exploited by attackers to gain server privileges...

7.4AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/22 3:2 a.m.22 views

Security Bulletin: Security Vulnerability in IBM WebSphere Application Server (CVE-2015-1920) affects Asset and Service Management

Summary A vulnerability in WebSphere Application Server could allow a remote attacker to execute arbitrary code by connecting to a management port and executing a specific sequence of instructions. The vulnerability affects Maximo Asset Management, Maximo Asset Management Essentials, Maximo...

10CVSS6.8AI score0.06885EPSS
Exploits0Affected Software15
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/22 3:2 a.m.25 views

Security Bulletin: IBM Maximo Asset Management contains a vulnerability that could allow a remote authenticated user to view ticket worklog entries that they should not have access to (CVE-2015-5016)

Summary IBM Maximo Asset Management contains a vulnerability that could allow a remote authenticated user to view ticket worklog entries that they should not have access to. This vulnerability could allow a local attacker to obtain sensitive information. The vulnerability affects Maximo Asset...

4.3CVSS4.1AI score0.00993EPSS
Exploits0Affected Software15
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/22 3:2 a.m.15 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2017-1380)

Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions including Maximo for Energy Optimization, Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life...

5.4CVSS5.6AI score0.01049EPSS
Exploits0Affected Software15
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/22 3:2 a.m.36 views

Security Bulletin: Security vulnerabilities have been identified in IBM® DB2® shipped with Asset and Service Management (CVE-2013-6747, CVE-2014-0963)

Summary IBM DB2 is shipped as a component of Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions including Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas and Maximo for Utilities, Tivo...

7.1CVSS7.2AI score0.03077EPSS
Exploits1Affected Software7
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/22 3:2 a.m.28 views

Security Bulletin: IBM Maximo Asset Management installs with a default administrator account that a remote intruder could use to gain administrator access to the system. (CVE-2015-4966)

Summary IBM Maximo Asset Management installs with a default administrator account that a remote intruder could use to gain administrator access to the system. Vulnerability Details CVEID: CVE-2015-4966 DESCRIPTION: IBM Maximo Asset Management installs with a default administrator account that a...

6.5CVSS8.6AI score0.01527EPSS
Exploits0Affected Software15
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/22 3:2 a.m.20 views

Security Bulletin: IBM Maximo Asset Management is vulnerable to cross-site scripting, caused by improper validation of user-supplied input (CVE-2016-0399)

Summary IBM Maximo Asset Management is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using the a specially-crafted URL to execute script in a victim's Web browser within the security context of the...

5.4CVSS5.5AI score0.00622EPSS
Exploits0Affected Software14
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/22 3:2 a.m.21 views

Security Bulletin: Potential denial of service may affect IBM HTTP Server on Windows (CVE-2015-1829), impacting Asset and Service Management

Summary There is a potential denial of service that may affect IBM HTTP Server on Windows CVE-2015-1829. To exploit the attack requires local access to the server system. The attack affects Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions including Maximo for...

5CVSS7.7AI score0.02552EPSS
Exploits0Affected Software15
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/22 3:2 a.m.20 views

Security Bulletin: IBM Maximo Asset Management could disclose sensitive information from a stack trace after submitting incorrect login onto Cognos browser (CVE-2016-5896)

Summary IBM Maximo Asset Management could disclose sensitive information from a stack trace after submitting incorrect login onto Cognos browser. Vulnerability Details CVEID: CVE-2016-5896 DESCRIPTION: IBM Maximo Asset Management could disclose sensitive information from a stack trace after...

5.3CVSS5AI score0.01029EPSS
Exploits0Affected Software8
IBM Security Bulletins
IBM Security Bulletins
added 2022/07/06 8:45 p.m.44 views

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - April 2022 - Includes Oracle April 2022 CPU

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 7, and 8 that are used by Maximo Asset Management, Maximo Industry Solutions including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas and Maximo for...

5.3CVSS2.8AI score0.03458EPSS
Exploits0Affected Software11
IBM Security Bulletins
IBM Security Bulletins
added 2022/06/09 4:37 p.m.50 views

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - January 2022 - Includes Oracle January 2022 CPU

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 7, and 8 that are used by Maximo Asset Management, Maximo Industry Solutions including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas and Maximo for...

7.1CVSS2.9AI score0.06868EPSS
Exploits0Affected Software11
IBM Security Bulletins
IBM Security Bulletins
added 2022/04/12 10:52 p.m.83 views

Security Bulletin: IBM Maximo Asset Management is vulnerable to Security/Authentication Bypass (CVE-2019-4591)

Summary IBM Maximo Asset Management is vulnerable to Security/Authentication Bypass. Vulnerability Details CVEID: CVE-2019-4591 DESCRIPTION: IBM Maximo Asset Management does not invalidate session after logout which could allow a local user to impersonate another user on the system. CVSS Base...

7.8CVSS1.1AI score0.0027EPSS
Exploits0Affected Software19
IBM Security Bulletins
IBM Security Bulletins
added 2022/04/12 10:52 p.m.20 views

Security Bulletin: IBM Maximo Asset Management is vulnerable to cross-site request forgery (CVE-2020-4526)

Summary IBM Maximo Asset Management is vulnerable to cross-site request forgery. Vulnerability Details CVEID: CVE-2020-4526 DESCRIPTION: IBM Maximo Asset Management is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted...

4.3CVSS1.1AI score0.00482EPSS
Exploits0Affected Software19
IBM Security Bulletins
IBM Security Bulletins
added 2022/04/12 10:52 p.m.25 views

Security Bulletin: IBM Maximo Asset Management is vulnerable to reverse tabnabbing (CVE-2020-4409)

Summary IBM Maximo Asset Management is vulnerable to reverse tabnabbing. Vulnerability Details CVEID: CVE-2020-4409 DESCRIPTION: IBM Maximo Asset Management could allow a remote attacker to conduct phishing attacks, using a tabnabbing attack. By persuading a victim to visit a specially-crafted We...

8.2CVSS0.7AI score0.00893EPSS
Exploits0Affected Software19
CNVD
CNVD
added 2022/01/26 12:0 a.m.16 views

Construction Industry Solutions Conis Construction Cloud输入验证错误漏洞

Construction Industry Solutions Conis Construction Cloud is an end-to-end cloud and mobile software solution from Construction Industry Solutions, Inc. Construction Industry Solutions Conis Construction Cloud version 11.12 is vulnerable to an input validation error that could be exploited by an...

6.5CVSS2.6AI score0.01644EPSS
Exploits1
CNVD
CNVD
added 2022/01/26 12:0 a.m.21 views

Construction Industry Solutions Conis Construction Cloud Cross-Site Scripting Vulnerability (CNVD-2022-10776)

Construction Industry Solutions Conis Construction Cloud is an end-to-end cloud and mobile software solution from Construction Industry Solutions, Inc. that helps construction executives drive increased profitability across their business. Construction Industry Solutions Conis Construction Cloud ...

6.1CVSS1.2AI score0.01085EPSS
Exploits1References1
CNVD
CNVD
added 2022/01/26 12:0 a.m.16 views

Construction Industry Solutions Conis Construction Cloud存在未明漏洞

Construction Industry Solutions Conis Construction Cloud is an end-to-end cloud and mobile software solution from Construction Industry Solutions, Inc. A security vulnerability exists in Construction Industry Solutions Conis Construction Cloud due to a design or implementation impropriety in the...

8.8CVSS2.3AI score0.01506EPSS
Exploits1References1
Rows per page
Query Builder