Lucene search
+L

196 matches found

Vulnrichment
Vulnrichment
added 2024/08/14 1:45 p.m.18 views

CVE-2024-27461

Incorrect default permissions in software installer for IntelR MAS GUI may allow an authenticated user to potentially enable denial of service via local access...

5.6CVSS6.6AI score0.00129EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/14 1:45 p.m.30 views

CVE-2024-27461

Incorrect default permissions in software installer for IntelR MAS GUI may allow an authenticated user to potentially enable denial of service via local access...

5.6CVSS0.00129EPSS
Exploits0References1
Intel
Intel
added 2024/08/13 12:0 a.m.16 views

Intel® MAS (GUI) Software Advisory

Summary: A potential security vulnerability in Intel® Memory and Storage Tool GUI Intel® MAS may allow denial of service. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2024-27461 Description: Incorrect default permissions in softwa...

5.6CVSS6.7AI score0.00129EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/07/15 7:19 a.m.24 views

Singapore Banks to Phase Out OTPs for Online Logins Within 3 Months

Retail banking institutions in Singapore have three months to phase out the use of one-time passwords OTPs for authentication purposes when signing into online accounts to mitigate the risk of phishing attacks. The decision was announced by the Monetary Authority of Singapore MAS and the...

7.6AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2024/07/12 8:39 a.m.30 views

Security Bulletin: IBM Maximo Application Suite- Manage component uses Insecure version of netty codec used in mas-data-dictionary-lib which is vulnerable to CVE-2024-29025

Summary IBM Maximo Application Suite- Manage component uses Insecure version of netty codec used in mas-data-dictionary-lib which is vulnerable to CVE-2024-29025. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-29025 DESCRIPTION...

5.3CVSS5.7AI score0.0138EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/07/12 8:39 a.m.21 views

Security Bulletin: IBM Maximo Application Suite - There is a vulnerability in WebSphere Application Server Liberty used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2024-22329)

Summary There is a vulnerability in WebSphere Application Server Liberty used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2024-22329 DESCRIPTION: IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3...

4.3CVSS5.4AI score0.00302EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/12 3:47 p.m.25 views

Security Bulletin: IBM Maximo Manage application in IBM Maximo Application Suite is vulnerable to sensitive information disclosure (CVE-2024-22333)

Summary IBM Maximo Manage application in IBM Maximo Application Suite is vulnerable to sensitive information disclosure. Vulnerability Details CVEID:CVE-2024-22333 DESCRIPTION: IBM Maximo Asset Management allows web pages to be stored locally which can be read by another user on the system. CVSS...

3.3CVSS3.4AI score0.0018EPSS
Exploits0Affected Software1
OSV
OSV
added 2024/05/30 4:15 p.m.2 views

DEBIAN-CVE-2024-36891

In the Linux kernel, the following vulnerability has been resolved: mapletree: fix masemptyarearev null pointer dereference Currently the code calls masstart followed by masdataend if the maple state is MASTART, but masstart may return with the maple state node == NULL. This will lead to a null...

5.5CVSS5.7AI score0.00227EPSS
Exploits0References1
OSV
OSV
added 2024/05/30 4:15 p.m.11 views

AZL-42474 CVE-2024-36891 affecting package kernel for versions less than 6.6.35.1-4

In the Linux kernel, the following vulnerability has been resolved: mapletree: fix masemptyarearev null pointer dereference Currently the code calls masstart followed by masdataend if the maple state is MASTART, but masstart may return with the maple state node == NULL. This will lead to a null...

5.5CVSS6.4AI score0.00227EPSS
Exploits0References1
OSV
OSV
added 2024/05/30 4:15 p.m.4 views

UBUNTU-CVE-2024-36891

In the Linux kernel, the following vulnerability has been resolved: mapletree: fix masemptyarearev null pointer dereference Currently the code calls masstart followed by masdataend if the maple state is MASTART, but masstart may return with the maple state node == NULL. This will lead to a null...

5.5CVSS6.5AI score0.00227EPSS
Exploits0References11
OSV
OSV
added 2024/05/30 3:15 p.m.5 views

DEBIAN-CVE-2024-36019

In the Linux kernel, the following vulnerability has been resolved: regmap: maple: Fix cache corruption in regcachemapledrop When keeping the upper end of a cache block entry, the entry array must be indexed by the offset from the base register of the block, i.e. max - mas.index. The code was...

7.1CVSS6AI score0.0024EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2024/05/07 8:44 p.m.26 views

Security Bulletin: There is a vulnerability in AntiSamy 1.7.4 used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2024-23635)

Summary There is a vulnerability in AntiSamy 1.7.4 used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2024-23635 DESCRIPTION: AntiSamy is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker...

6.1CVSS6.4AI score0.00368EPSS
Exploits0Affected Software1
Openbugbounty
Openbugbounty
added 2024/04/11 8:15 a.m.9 views

mas-masia.com Cross Site Scripting vulnerability OBB-3914942

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2024/04/09 7:59 p.m.43 views

Security Bulletin: Multiple vulnerabilities may affect IBM® SDK, Java™ Technology Edition used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2023-22036, CVE-2023-22006, CVE-2023-22041, CVE-2023-22049 and CVE-2023-22045)

Summary Multiple vulnerabilities may affect IBM® SDK, Java™ Technology Edition used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2023-22036 DESCRIPTION: An unspecified vulnerability in Java SE related to the Utility component could allow a remo...

5.1CVSS5.5AI score0.01316EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/04/05 3:27 p.m.35 views

Security Bulletin: IBM Maximo Manage application in IBM Maximo Application Suite may be affected by XML External Entity (XXE) attack (CVE-2024-27266)

Summary IBM Maximo Manage application in IBM Maximo Application Suite may be affected by XML External Entity XXE attack. Vulnerability Details CVEID:CVE-2024-27266 DESCRIPTION: IBM Maximo Application Suite is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A...

8.2CVSS8.2AI score0.00847EPSS
Exploits0Affected Software1
Openbugbounty
Openbugbounty
added 2024/04/05 8:58 a.m.3 views

mas-anton.com Cross Site Scripting vulnerability OBB-3904788

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Cvelist
Cvelist
added 2024/03/16 12:0 a.m.19 views

CVE-2023-36483 MAS (a Carrier brand) MASmobile Classic Authorization Bypass

Authorization bypass can be achieved by session ID prediction in MASmobile Classic Android version 1.16.18 and earlier and MASmobile Classic iOS version 1.7.24 and earlier which allows remote attackers to retrieve sensitive data including customer data, security system status, and event history...

6.5CVSS6.5AI score0.00495EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2024/03/12 6:53 p.m.14 views

Security Bulletin: IBM Maximo Manage application in IBM Maximo Application Suite is vulnerable to sensitive information disclosure (CVE-2023-32335)

Summary IBM Maximo Manage application in IBM Maximo Application Suite is vulnerable to sensitive information disclosure. Vulnerability Details CVEID:CVE-2023-32335 DESCRIPTION: IBM Maximo Asset Management stores sensitive information in URL parameters. This may lead to information disclosure if...

7.5CVSS3.4AI score0.00503EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/29 1:40 p.m.43 views

Security Bulletin: There is a vulnerability in Asset Data Dictionary used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2023-34462 and CVE-2023-44487)

Summary There is a vulnerability in Asset Data Dictionary used by IBM Maximo Manage application in IBM Maximo Application Suite Vulnerability Details CVEID:CVE-2023-34462 DESCRIPTION: Netty is vulnerable to a denial of service, caused by a flaw with allocating up to 16MB of heap for each channel...

7.5CVSS7.9AI score0.99999EPSS
Exploits21Affected Software1
NVD
NVD
added 2024/02/14 2:16 p.m.29 views

CVE-2023-41090

Race condition in some IntelR MAS software before version 2.3 may allow a privileged user to potentially enable escalation of privilege via local access...

6.4CVSS4.2AI score0.00126EPSS
Exploits0References1
Rows per page
Query Builder