Lucene search
K

2905 matches found

Nuclei
Nuclei
added 2 days ago173 views

IBM Maximo Asset Management Information Disclosure - XML External Entity Injection

IBM Maximo Asset Management is vulnerable to an XML external entity injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. id: CVE-2020-4463 info: name: IBM Maximo Asset Management Information...

8.2CVSS7AI score0.3159EPSS
Exploits1References5
IBM Security Bulletins
IBM Security Bulletins
added 2026/07/07 1:50 p.m.3 views

Security Bulletin: IBM Maximo Scheduler Optimizer uses follow-redirects-1.15.11.tgz which is vulnerable to CVE-2026-40895

Summary IBM Maximo Scheduler Optimizer uses follow-redirects-1.15.11.tgz which is vulnerable to CVE-2026-40895. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2026-40895 DESCRIPTION: follow-redirects is an open source, drop-in...

7.5CVSS6AI score0.00486EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/30 7:44 a.m.8 views

Security Bulletin: Maximo AI Service uses cryptography-46.0.6-cp311-abi3-manylinux_2_34_x86_64.whl and tomcat-embed-core-10.1.54.jar which are vulnerable to CVE-2026-39892, CVE-2026-41293, CVE-2026-43512, CVE-2026-43513 and CVE-2026-43515.

Summary Maximo AI Service uses cryptography-46.0.6-cp311-abi3-manylinux234x8664.whl and tomcat-embed-core-10.1.54.jar which are vulnerable to CVE-2026-39892, CVE-2026-41293, CVE-2026-43512, CVE-2026-43513 and CVE-2026-43515. This bulletin contains information regarding the vulnerability and its...

9.8CVSS5.9AI score0.01339EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/30 7:44 a.m.4 views

Security Bulletin: IBM Maximo Application Suite uses ip-address-10.1.0.tgz and fast-xml-builder-1.1.5.tgz which are vulnerable to CVE-2026-44664, CVE-2026-44665 and CVE-2026-42338.

Summary IBM Maximo Application Suite uses ip-address-10.1.0.tgz and fast-xml-builder-1.1.5.tgz which are vulnerable to CVE-2026-44664, CVE-2026-44665 and CVE-2026-42338. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2026-42338...

8.1CVSS5.5AI score0.00471EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/29 3:55 p.m.8 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses ip-address-10.1.0.tgz which is vulnerable to CVE-2026-42338

Summary IBM Maximo Application Suite - Visual Inspection component uses ip-address-10.1.0.tgz which is vulnerable to CVE-2026-42338. This bulletin contains information regarding the vulnerability and its remediation Vulnerability Details CVEID:CVE-2026-42338 DESCRIPTION: ip-address is a library f...

8.1CVSS6.6AI score0.00471EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/29 2:12 p.m.7 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses urllib3-2.6.3-py3-none-any.whl which is vulnerable to CVE-2026-44431, CVE-2026-44432

Summary IBM Maximo Application Suite - Visual Inspection component uses urllib3-2.6.3-py3-none-any.whl which is vulnerable to CVE-2026-44431, CVE-2026-44432, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-44431 DESCRIPTION:...

8.9CVSS6.1AI score0.0068EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/29 1:4 p.m.8 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses cryptography-46.0.5-cp311-abi3-manylinux_2_34_x86_64.whl which is vulnerable to CVE-2026-34073, CVE-2026-39892

Summary IBM Maximo Application Suite - Visual Inspection component uses cryptography-46.0.5-cp311-abi3-manylinux234x8664.whl which is vulnerable to CVE-2026-34073, CVE-2026-39892, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details...

9.8CVSS6.2AI score0.00652EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/26 10:54 a.m.8 views

Security Bulletin: IBM Maximo Application Suite - Manage Component uses ws-8.17.1 in inspections application which is vulnerable to CVE-2026-45736

Summary IBM Maximo Application Suite - Manage Component uses ws-8.17.1 in inspections application which is vulnerable to CVE-2026-45736. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2026-45736 DESCRIPTION: ws is an open source...

7.5CVSS5.8AI score0.00745EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/26 8:1 a.m.3 views

Security Bulletin: There is a vulnerability in urllib3-2.6.3-py3-none-any.whl used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2026-44431)

Summary There is a vulnerability in urllib3-2.6.3-py3-none-any.whl used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2026-44431 DESCRIPTION: urllib3 is an HTTP client library for Python. From 1.23 to before 2.7.0, cross-origin redirects followe...

8.9CVSS5.8AI score0.0068EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/15 10:3 a.m.15 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses pillow-11.3.0 which is vulnerable to CVE-2026-40192

Summary IBM Maximo Application Suite - Visual Inspection component uses pillow-11.3.0 which is vulnerable to CVE-2026-40192, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-40192 DESCRIPTION: Pillow is a Python imaging...

8.7CVSS7.3AI score0.00671EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/11 3:44 p.m.5 views

Security Bulletin: IBM Maximo Scheduler Optimizer uses axios-1.15.0.tgz which is vulnerable to CVE-2026-42033

Summary IBM Maximo Scheduler Optimizer uses axios-1.15.0.tgz which is vulnerable to CVE-2026-42033. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2026-42033 DESCRIPTION: Axios is a promise based HTTP client for the browser and...

7.5CVSS7.7AI score0.00808EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/10 2:8 p.m.6 views

Security Bulletin: IBM Maximo Scheduler Optimizer uses path-to-regexp-0.1.12.tgz which is vulnerable to CVE-2026-4867

Summary IBM Maximo Scheduler Optimizer uses path-to-regexp-0.1.12.tgz which is vulnerable to CVE-2026-4867 This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2026-4867 DESCRIPTION: Impact: A bad regular expression is generated any time...

7.5CVSS5.5AI score0.00496EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/10 12:21 p.m.9 views

Security Bulletin: IBM Maximo Scheduler Optimizer uses dompurify-3.2.4.tgz which is vulnerable to CVE-2025-15599, CVE-2026-0540

Summary IBM Maximo Scheduler Optimizer uses dompurify-3.2.4.tgz which is vulnerable to CVE-2025-15599, CVE-2026-0540. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-15599 DESCRIPTION: DOMPurify 3.1.3 through 3.2.6 and 2.5.3...

6.1CVSS7.4AI score0.0034EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/03 2:54 p.m.9 views

Security Bulletin: IBM Maximo Application Suite uses WebSphere Application Server Liberty which is vulnerable to CVE-2026-3621.

Summary IBM Maximo Application Suite uses WebSphere Application Server Liberty which is vulnerable to CVE-2026-3621. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2026-3621 DESCRIPTION: IBM WebSphere Application Server - Liberty...

7.5CVSS5.8AI score0.00276EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/03 7:21 a.m.15 views

Security Bulletin: IBM Maximo Application Suite uses once-2.0.0.tgz which is vulnerable to CVE-2026-3449

Summary IBM Maximo Application Suite uses once-2.0.0.tgz which is vulnerable to CVE-2026-3449. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2026-3449 DESCRIPTION: Versions of the package @tootallnate/once before 3.0.1 are vulnerab...

4.8CVSS5.8AI score0.00112EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/03 7:19 a.m.19 views

Security Bulletin: IBM Maximo Application Suite uses multiple third party dependencies which is vulnerable to multiple CVEs.

Summary IBM Maximo Application Suite uses pytest-9.0.2-py3-none-any.whl, WebSphere Application Server Liberty, dompurify-3.2.7.tgz, requests-2.32.5-py3-none-any.whl, yaml-1.10.2.tgz, brace-expansion-1.1.12.tgz and dompurify-3.3.2.tgz which are vulnerable to CVE-2025-71176, CVE-2025-14923,...

9.8CVSS6.9AI score0.0047EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/03 7:18 a.m.24 views

Security Bulletin: IBM Maximo Application Suite uses multiple third party dependencies which is vulnerable to multiple CVEs.

Summary IBM Maximo Application Suite uses minimatch-3.0.5.tgz, OpenTelemetry Go SDK, jaraco.context, IBM WebSphere Application Server Liberty, picomatch-2.3.1.tgz, path-to-regexp-0.1.12.tgz, lodash-4.17.23.tgz, pillow-12.1.1-cp311-cp311-manylinux227x8664.manylinux228x8664.whl,...

9.8CVSS7.5AI score0.01735EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/02 2:59 p.m.10 views

Security Bulletin: IBM WebSphere Application Server Liberty is affected by a prototype pollution vulnerability used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2026-29063)

Summary There is a vulnerability in IBM WebSphere Application Server Liberty i used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2026-29063 DESCRIPTION: Immutable.js provides many Persistent Immutable data structures. Prior to versions 3.8.3,...

9.8CVSS5.7AI score0.00978EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/02 12:17 p.m.12 views

Security Bulletin: IBM Maximo Application Suite uses multiple third party dependencies which is vulnerable to multiple CVEs.

Summary IBM Maximo Application Suite uses cryptography-46.0.5-cp311-abi3-manylinux234x8664.whl, axios-1.13.5.tgz, protobufjs-7.3.2.tgz and axios-1.15.0.tgz which are vulnerable to CVE-2026-34073, CVE-2026-39892, CVE-2025-62718, CVE-2026-40175, PSIRT-WS-2026-0004, CVE-2026-41242, CVE-2026-42033,...

7.5CVSS6.2AI score0.00808EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/02 9:1 a.m.10 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses WebSphere Application Server Liberty was affected by a prototype pollution vulnerability due to immutable (CVE-2026-29063)

Summary Security Bulletin: IBM Maximo Application Suite - Monitor Component uses WebSphere Application Server Liberty was affected by prototype pollution vulnerability due to immutable CVE-2026-29063. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability...

9.8CVSS6.8AI score0.00978EPSS
Exploits1Affected Software1
Rows per page
Query Builder