Lucene search
+L

366 matches found

cnnvd
cnnvd
added 2025/07/23 12:0 a.m.5 views

IBM Operations Analytics-Log Analysis 安全漏洞

IBM Operations Analytics-Log Analysis is a suite of semi-structured data analysis solutions from International Business Machines IBM. The product is primarily used for application log analysis and problem diagnosis, among other things. A security vulnerability exists in IBM Operations Analytics-L...

5.5CVSS6.5AI score0.00116EPSS
Exploits0References1
ibm
ibm
added 2025/07/22 6:7 p.m.9 views

Security Bulletin: Host Header Injection Vulnerability in IBM Operations Analytics - Log Analysis (CVE-2024-40686)

Summary Host header vulnerability in IBM Operations Analytics - Log Analysis allows remote attackers to execute scripts within the application context via remote file inclusion. This has been addressed. Vulnerability Details CVEID:CVE-2024-40686 DESCRIPTION: IBM SmartCloud Analytics - Log Analysi...

6.1CVSS6.7AI score0.00179EPSS
Exploits0Affected Software1
ibm
ibm
added 2025/07/22 4:57 p.m.18 views

Security Bulletin: A Function Level Control vulnerability in IBM Operations Analytics - Log Analysis (CVE-2024-41751)

Summary A privilege escalation vulnerability exists in IBM Operations Analytics - Log Analysis. It allows low-privilege users to change the password of high-privilege accounts through intercepting the request. This has been addressed. Vulnerability Details CVEID:CVE-2024-41751 DESCRIPTION: IBM...

5.5CVSS6.9AI score0.00116EPSS
Exploits0Affected Software1
ncsc
ncsc
added 2025/07/18 9:51 a.m.8 views

Vulnerabilities fixed in Citrix NetScaler ADC and NetScaler Gateway

Citrix has fixed vulnerabilities in NetScaler ADC and NetScaler Gateway. The vulnerability with reference CVE-2025-5777 involves an Out-of-Bounds Read. This vulnerability arises from insufficient input validation in systems configured as Gateway services. These include VPN virtual servers, ICA...

9.8CVSS8.9AI score0.9987EPSS
Exploits21References5
githubexploit
githubexploit
added 2025/07/04 9:13 p.m.544 views

Exploit for Out-of-bounds Read in Citrix Netscaler_Application_Delivery_Controller

CVE-2025-5777-CitrixBleed CitrixBleed-2 CVE-2025-5777 – proo...

9.3CVSS8.3AI score0.9987EPSS
Exploits18
packetstormnews
packetstormnews
added 2025/06/18 12:0 a.m.4 views

Trustworthy Artificial Intelligence for Cyber Threat Analysis

Artificial Intelligence brings innovations into the society. However, bias and unethical exist in many algorithms that make the applications less trustworthy. Threats hunting algorithms based on machine learning have shown great advantage over classical methods. Reinforcement learning models are...

6.9AI score
Exploits0
citrix
citrix
added 2025/05/30 12:0 a.m.17 views

NetScaler-13.1-EPA scan failed with "Error while parsing client security configuration"

EPA scan failed with "Error while parsing client security configuration" in EPA log. ---------------------------- 2025-02-19 09:03:50.706 | 21708 | DEBUG | D | PRE AUTH EPA | token: |^M 2025-02-19 09:03:50.706 | 21708 | DEBUG | D | PRE AUTH EPA | Policy MACADDRanyofF8BXXXXXX28A returned 2004 |^M...

7.2AI score
Exploits0
ibm
ibm
added 2025/05/23 7:19 a.m.5 views

Security Bulletin: Multiple Vulnerabilities in WebSphere Application Server Liberty affect IBM Operations Analytics - Log Analysis (CVE-2025-23184, CVE-2025-25193)

Summary Vulnerabilities in the Apache CXF and Netty libraries affect IBM WebSphere Application Server Liberty, which is shipped in IBM Operations Analytics - Log Analysis. Vulnerability Details CVEID:CVE-2025-23184 DESCRIPTION: A potential denial of service vulnerability is present in versions of...

7.5CVSS5.8AI score0.01941EPSS
Exploits0Affected Software1
redhatcve
redhatcve
added 2025/05/22 11:55 p.m.10 views

CVE-2022-4336

In BAOTA linux panel there exists a stored xss vulnerability attackers can use to obtain sensitive information via the log analysis feature...

5.4CVSS6.2AI score0.00334EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 5:11 p.m.9 views

CVE-2020-8446

In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis ossec-analysisd is vulnerable to path traversal with write access via crafted syscheck messages written directly to the analysisd UNIX domain socket by a local user...

5.5CVSS6.7AI score0.00504EPSS
Exploits2References1
redhatcve
redhatcve
added 2025/05/22 5:3 p.m.7 views

CVE-2020-8442

In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis ossec-analysisd is vulnerable to a heap-based buffer overflow in the rootcheck decoder component via an authenticated client...

8.8CVSS7.2AI score0.02385EPSS
Exploits2References1
redhatcve
redhatcve
added 2025/05/22 3:42 p.m.9 views

CVE-2020-8447

In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis ossec-analysisd is vulnerable to a use-after-free during processing of syscheck formatted msgs received from authenticated remote agents and delivered to the analysisd processing queue by ossec-remoted...

9.8CVSS6.8AI score0.01939EPSS
Exploits2References1
redhatcve
redhatcve
added 2025/05/22 3:42 p.m.7 views

CVE-2020-8444

In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis ossec-analysisd is vulnerable to a use-after-free during processing of ossec-alert formatted msgs received from authenticated remote agents and delivered to the analysisd processing queue by ossec-remoted...

9.8CVSS6.8AI score0.02489EPSS
Exploits2References1
redhatcve
redhatcve
added 2025/05/22 3:42 p.m.8 views

CVE-2020-8443

In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis ossec-analysisd is vulnerable to an off-by-one heap-based buffer overflow during the cleaning of crafted syslog msgs received from authenticated remote agents and delivered to the analysisd processing queue by...

9.8CVSS7.3AI score0.02685EPSS
Exploits2References1
nvd
nvd
added 2025/05/01 1:15 p.m.15 views

CVE-2025-23145

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix NULL pointer in canacceptnewsubflow When testing valkey benchmark tool with MPTCP, the kernel panics in 'mptcpcanacceptnewsubflow' because subflowreq-msk is NULL. Call trace: mptcpcanacceptnewsubflow...

5.5CVSS0.00176EPSS
Exploits0References10
ibm
ibm
added 2025/04/28 10:59 a.m.27 views

Security Bulletin: Denial of Service in Logback used by Apache Zookeeper affect IBM Operations Analytics - Log Analysis (CVE-2023-6481)

Summary There is a potential denial of service in Logback that is used by Apache Zookeeper. This is caused by serialization vulnerability in Logback. Vulnerability Details CVEID:CVE-2023-6481 DESCRIPTION: QOS.ch Sarl Logback is vulnerable to a denial of service, caused by a serialization flaw in...

7.5CVSS7.3AI score0.00682EPSS
Exploits0Affected Software1
ibm
ibm
added 2025/04/28 9:21 a.m.31 views

Security Bulletin: Denial of Service in Apache Commons Compress used by Apache Solr affect IBM Operations Analytics - Log Analysis (CVE-2024-25710, CVE-2024-26308)

Summary There is a potential denial of service in Apache Commons Compress that is used by Apache Solr and IBM Operations Analytics - Log Analysis. This is caused by loop with unreachable exit condition and allocation of resources without limits. Vulnerability Details CVEID:CVE-2024-25710...

8.1CVSS6.9AI score0.00898EPSS
Exploits0Affected Software1
ibm
ibm
added 2025/04/14 10:22 a.m.25 views

Security Bulletin: Vulnerability in Apache Solr (lucene), Apache ZooKeeper and Logstash affect IBM Operations Analytics - Log Analysis (CVE-2024-9823, CVE-2024-47554)

Summary There is a potential denial of service with Apache Commons IO, Eclipse Jetty that affect Apache Solr lucene, Apache ZooKeeper and Logstash used by IBM Operations Analytics - Log Analysis Vulnerability Details CVEID:CVE-2024-9823 DESCRIPTION: There exists a security vulnerability in Jetty'...

7.5CVSS6.8AI score0.01241EPSS
Exploits0Affected Software1
ibm
ibm
added 2025/04/14 8:13 a.m.24 views

Security Bulletin: Multiple vulnerabilities in Apache Solr (lucene) affects IBM Operations Analytics - Log Analysis (CVE-2023-50386, CVE-2023-50298, CVE-2023-50292, CVE-2023-50291)

Summary There are vulnerabilities in backup/restore APIs, Solr streaming expressions, and Apache Solr schema designer that affect Apache Solr used by IBM Operations Analytics - Log Analysis. Vulnerability Details CVEID:CVE-2023-50386 DESCRIPTION: Improper Control of Dynamically-Managed Code...

8.8CVSS7.5AI score0.8384EPSS
Exploits4Affected Software1
nessus
nessus
added 2025/03/05 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2023-52761

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - riscv: VMAPSTACK overflow detection thread-safe commit 31da94c25aea riscv: add VMAPSTACK overflow detection added support for CONFIGVMAPSTACK. If overflow is...

5.5CVSS6.2AI score0.00254EPSS
Exploits0References3
Rows per page
Query Builder