CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

19 matches found

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2016-4113

Malware in sbrugna...

6.8CVSS6.8AI score0.00113EPSS

Exploits0References3

IBM Security Bulletins•added 2021/09/20 4:51 p.m.•20 views

Security Bulletin: IBM Security Privileged Identity Manager is affected by WebSphere Application Server is vulnerable to a directory traversal vulnerability

Summary IBM Security Privileged Identity Manager has addressed a WebSphere Application Server is vulnerable to a Directory Traversal vulnerability. Vulnerability Details CVEID: CVE-2020-5016 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to...

6.5CVSS1.8AI score0.00208EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2021/08/16 7:1 a.m.•60 views

Security Bulletin: IBM Security Privileged Identity Manager is affected by security vulnerabilities (CVE-2020-1971, CVE-2020-15999, CVE-2017-12652)

Summary IBM Security Privileged Identity Manager has addressed several security issues as follows. Vulnerability Details CVEID: CVE-2020-1971 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference. If the GENERALNAMEcmp function contain an EDIPARTYNAME, an...

9.8CVSS8.2AI score0.93031EPSS

Exploits5Affected Software1

IBM Security Bulletins•added 2021/08/04 5:40 p.m.•30 views

Security Bulletin: IBM Security Privileged Identity Manager is affected by security vulnerabilities (CVE-2020-25684, CVE-2020-25685, CVE-2020-25686)

Summary IBM Security Privileged Identity Manager has addressed issues for dnsmasq as follows. Vulnerability Details CVEID: CVE-2020-25684 DESCRIPTION: dnsmasq is vulnerable to dns cache poisoning, caused by the failure to validate the combination of address/port and the query-id fields of DNS...

4.3CVSS0.7AI score0.00549EPSS

Exploits2Affected Software1

IBM Security Bulletins•added 2021/08/04 7:43 a.m.•16 views

Security Bulletin: IBM Security Privileged Identity Manager is affected by vulnerability in CVE-2020-14782 (deferred from Oracle Oct 2020 CPU for Java 8)

Summary IBM Security Privileged Identity Manager has addressed a command execution vulnerability in Java SE related to the Libraries component Vulnerability Details CVEID: CVE-2020-14782 DESCRIPTION: An unspecified vulnerability in Java SE related to the Libraries component could allow an...

4.3CVSS3.1AI score0.00144EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2021/03/15 6:36 a.m.•42 views

Security Bulletin: IBM Security Privileged Identity Manager is affected by remote code execution (CVE-2020-4450)

Summary IBM Security Privileged Identity Manager has addressed an issue for WebSphere Application Server which is vulnerable to a Remote Command Execution vulnerability. Vulnerability Details CVEID: CVE-2020-4450 DESCRIPTION: IBM WebSphere Application Server 8.5 and 9.0 traditional could allow a...

10CVSS3.9AI score0.71859EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2021/03/09 9:29 a.m.•33 views

Security Bulletin: IBM Security Privileged Identity Manager is affected by an information disclosure (CVE-2020-4329)

Summary IBM Security Privileged Identity Manager has addressed an issue for Information disclosure in WebSphere Application Server - Liberty. Vulnerability Details CVEID: CVE-2020-4329 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0 and Liberty 17.0.0.3 through 20.0.0.4 could all...

4.3CVSS2.1AI score0.00208EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2021/03/09 8:46 a.m.•26 views

Security Bulletin: IBM Security Privileged Identity Manager is affected by an information disclosure vulnerability (CVE-2020-4449)

Summary IBM Security Privileged Identity Manager has addressed an issue for WebSphere Application Server traditional is vulnerable to a Information Disclosure vulnerability. Vulnerability Details CVEID: CVE-2020-4449 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 traditional...

7.5CVSS2.2AI score0.00573EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2021/01/13 12:24 p.m.•35 views

Security Bulletin: IBM Security Privileged Identity Manager is affected by security vulnerabilities

Summary IBM Security Privileged Identity Manager has addressed an issue for ICU as follows. Vulnerability Details CVEID: CVE-2020-10531 DESCRIPTION: International Components for Unicode ICU for C/C++ is vulnerable to a heap-based buffer overflow, caused by an integer overflow in...

8.8CVSS2.9AI score0.0079EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2020/08/31 2:28 p.m.•34 views

Security Bulletin: IBM Security Privileged Identity Manager is affected by security vulnerabilities

Summary IBM Security Privileged Identity Manager has addressed an issue for nss-softokn as follows. Vulnerability Details CVEID: CVE-2019-11745 DESCRIPTION: Mozilla Network Security Services NSS, as used in Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system,...

8.8CVSS2.7AI score0.00939EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2018/06/16 10:1 p.m.•42 views

Security Bulletin: Multiple Security Vulnerabilities fixed in Java shipped as a component of IBM Security Privileged Identity Manager

Summary There are several Security Vulnerabilities in the Java runtime that are fixed and shipped with IBM Security Privileged Identity Manager. Vulnerability Details CVEID: CVE-2016-5548 DESCRIPTION: An unspecified vulnerability in Oracle Java SE and Java SE Embedded related to the Libraries...

7.5CVSS1.2AI score0.40993EPSS

Exploits7Affected Software1

NVD•added 2016/09/26 4:59 a.m.•8 views

CVE-2016-5957

IBM Security Privileged Identity Manager ISPIM Virtual Appliance 2.x before 2.0.2 FP8 allows remote attackers to defeat cryptographic protection mechanisms and obtain sensitive information by leveraging a weak algorithm...

7.5CVSS7.2AI score0.00267EPSS

Exploits0References2

Prion•added 2016/09/26 4:59 a.m.•10 views

Code injection

IBM Security Privileged Identity Manager ISPIM Virtual Appliance 2.x before 2.0.2 FP8 does not properly validate updates, which allows remote authenticated users to execute arbitrary code via unspecified vectors...

6.5CVSS7.6AI score0.01767EPSS

Exploits0References2Affected Software1

CVE•added 2016/09/26 1:0 a.m.•43 views

CVE-2016-3040

CVE-2016-3040 is an Open Redirect vulnerability in IBM WebSphere Application Server Liberty. IBM bulletins show it can enable phishing by redirecting users to arbitrary sites and note it affects WAS Liberty in various IBM products (e.g., Spectrum Control/Tivoli Storage Productivity Center, Messag...

6.8CVSS6.4AI score0.00113EPSS

Exploits0References2Affected Software1

Cvelist•added 2016/09/26 1:0 a.m.•25 views

CVE-2016-3040

IBM WebSphere Application Server WAS Liberty, as used in IBM Security Privileged Identity Manager ISPIM Virtual Appliance 2.x before 2.0.2 FP8, allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors...

6.1AI score0.00113EPSS

Exploits0References2

CVE•added 2016/09/26 1:0 a.m.•34 views

CVE-2016-5972

CVE-2016-5972 affects IBM Security Privileged Identity Manager Virtual Appliance 2.0.x prior to 2.0.2 FP8, where permissions on a security‑critical resource are configured so that read/modify access can be obtained by unintended actors. Root cause: weak permissions on the resource. Impact per sou...

6.8CVSS6.3AI score0.00117EPSS

Exploits0References2Affected Software1

CVE•added 2016/09/26 1:0 a.m.•39 views

CVE-2016-5963

Summary: CVE-2016-5963 affects IBM Security Privileged Identity Manager Virtual Appliance 2.0.x prior to 2.0.2 FP8. The issue arises because updates, image backups and other patches are not adequately verified for origin/integrity, enabling an authenticated remote user to execute arbitrary code v...

8.8CVSS8.4AI score0.01767EPSS

Exploits0References2Affected Software1

CVE•added 2016/09/26 1:0 a.m.•35 views

CVE-2016-5971

IBM Security Privileged Identity Manager Virtual Appliance 2.x prior to 2.0.2 FP8 is affected by an XXE issue in XML processing that allows a remote authenticated user to read arbitrary files or cause memory exhaustion. The vulnerability is tied to XML External Entity processing in ISPIM Virtual ...

7.1CVSS6.8AI score0.00407EPSS

Exploits0References2Affected Software1

CVE•added 2016/09/26 1:0 a.m.•41 views

CVE-2016-5974

The CVE-2016-5974 entry concerns a cross-site scripting (XSS) vulnerability in the IBM Security Privileged Identity Manager (ISPIM) Virtual Appliance Web UI. According to the provided sources, remote authenticated users could inject arbitrary JavaScript/HTML via an embedded string in the Web UI. ...

5.4CVSS5.3AI score0.00168EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by