Lucene search
K

607 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/12/01 7:16 p.m.46 views

Security Bulletin: Apache Tomcat is vulnerable to CVE-2023-41080 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses Apache Tomcat, which is vulnerable to CVE-2023-41080. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-41080 DESCRIPTION: Apache Tomcat could allow a remote attacker to condu...

6.1CVSS6.7AI score0.05972EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/12/01 7:15 p.m.6 views

Security Bulletin: Tornado is vulnerable to 263690 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses tornado, which is vulnerable to 263690. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details IBM X-Force ID: 263690 DESCRIPTION: Tornado Web Server is vulnerable to HTTP request smuggling, caus...

6.1AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/12/01 7:12 p.m.37 views

Security Bulletin: JSON-java is vulnerable to CVE-2023-5072 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses JSON-java, which is vulnerable to CVE-2023-5072. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-5072 DESCRIPTION: JSON-java is vulnerable to a denial of service, caused by ...

7.5CVSS7.4AI score0.01449EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/12/01 5:53 p.m.13 views

Security Bulletin: IBM WebSphere Application Server Liberty is vulnerable to CVE-2023-38737 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses IBM WebSphere Application Server Liberty which is vulnerable to CVE-2023-38737. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-38737 DESCRIPTION: IBM WebSphere Application...

7.5CVSS6.6AI score0.00792EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/12/01 5:52 p.m.23 views

Security Bulletin: Pydash is vulnerable to CVE-2023-26145 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses pydash, which is vulnerable to CVE-2023-26145. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-26145 DESCRIPTION: Python pydash package could allow a remote attacker to...

8.1CVSS8AI score0.02919EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/12/01 5:48 p.m.30 views

Security Bulletin: Urllib3 is vulnerable to CVE-2023-43804 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses urllib3 which is vulnerable to CVE-2023-43804. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-43804 DESCRIPTION: urllib3 could allow a remote authenticated attacker to obta...

8.1CVSS6.9AI score0.01207EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/11/28 8:56 p.m.26 views

Security Bulletin: Systeminformation is vulnerable to CVE-2023-42810 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses systeminformation which is vulnerable to CVE-2023-42810. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID: CVE-2023-42810 DESCRIPTION: systeminformation could allow a remote attacker ...

9.8CVSS8.4AI score0.01837EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/11/21 1:24 p.m.30 views

Security Bulletin: There is a vulnerability in jetty-http-9.4.48.v20220622.jar used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2023-26049)

Summary There is a vulnerability in jetty-http-9.4.48.v20220622.jar used by IBM Maximo Manage application in IBM Maximo Application Suite CVE-2023-26049 Vulnerability Details CVEID:CVE-2023-26049 DESCRIPTION: Eclipse Jetty could allow a remote authenticated attacker to obtain sensitive informatio...

5.3CVSS5.4AI score0.013EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/11/21 1:18 p.m.59 views

Security Bulletin: There is a vulnerability in jetty-server-9.4.48.v20220622.jar used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2023-26049)

Summary There is a vulnerability in jetty-server-9.4.48.v20220622.jar used by IBM Maximo Manage application in IBM Maximo Application Suite CVE-2023-26049 Vulnerability Details CVEID:CVE-2023-26048 DESCRIPTION: Eclipse Jetty is vulnerable to a denial of service, caused by an out of memory flaw in...

5.3CVSS5.5AI score0.0326EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/27 2:32 p.m.73 views

Security Bulletin: There is a vulnerability in snappy-java used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2023-34455, CVE-2023-34454, CVE-2023-34453)

Summary There is a vulnerability in snappy-java used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2023-34455 DESCRIPTION: snappy-java is vulnerable to a denial of service, caused by the use of an unchecked chunk length in the hasNextChunk...

7.5CVSS6.9AI score0.01762EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/26 8:44 p.m.44 views

Security Bulletin: There is a vulnerability in netty used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2023-34462)

Summary There is a vulnerability in netty used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2023-34462 DESCRIPTION: Netty is vulnerable to a denial of service, caused by a flaw with allocating up to 16MB of heap for each channel during the TLS...

6.5CVSS7AI score0.02459EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/27 2:14 p.m.45 views

Security Bulletin: The Bouncy Castle Crypto Package For Java (bc-java) component is vulnerable to CVE-2023-33201 is used by IBM Maximo Application Suite

Summary IBM Maximo Application Suite uses The Bouncy Castle Crypto Package For Java bc-java package which is vulnerable to CVE-2023-33201. Vulnerability Details CVEID:CVE-2023-33201 DESCRIPTION: The Bouncy Castle Crypto Package For Java bc-java could allow a remote attacker to obtain sensitive...

5.3CVSS6.3AI score0.00772EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/26 6:33 p.m.46 views

Security Bulletin: VMware Tanzu Spring for Apache Kafka is vulnerable to CVE-2023-34040 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses VMware Tanzu Spring for Apache Kafka which is vulnerable to CVE-2023-34040. Vulnerability Details CVEID:CVE-2023-34040 DESCRIPTION: VMware Tanzu Spring for Apache Kafka could allow a local authenticated attacker to execute arbitrary co...

7.8CVSS7AI score0.02162EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/26 6:31 p.m.43 views

Security Bulletin: Certifi is vulnerable to CVE-2023-37920 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses Certifi which is vulnerable to CVE-2023-37920. Vulnerability Details CVEID:CVE-2023-37920 DESCRIPTION: An unspecified error with the removal of e-Tugra root certificate in Certifi has an unknown impact and attack vector. CVSS Base scor...

9.8CVSS8.5AI score0.00468EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/26 6:26 p.m.51 views

Security Bulletin: Okio GzipSource is vulnerable to CVE-2023-3635 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses Okio GzipSource which is vulnerable to CVE-2023-3635. Vulnerability Details CVEID:CVE-2023-3635 DESCRIPTION: Okio GzipSource is vulnerable to a denial of service, caused by unhandled exception. By sending a specially crafted gzip buffe...

7.5CVSS6.4AI score0.01077EPSS
Exploits1Affected Software1
CNNVD
CNNVD
added 2023/09/08 12:0 a.m.5 views

IBM Maximo Application Suite Cross-Site Scripting Vulnerability

IBM Maximo Application Suite is a single platform for intelligent asset management, monitoring, maintenance, computer vision, security and reliability from International Business Machines IBM. A security vulnerability exists in IBM Maximo Application Suite version 8.9, version 8.10, and IBM Maxim...

5.4CVSS6.9AI score0.00493EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/09/08 12:0 a.m.5 views

PT-2023-23733 · Ibm · Ibm Maximo Application Suite +1

Name of the Vulnerable Software and Affected Versions: IBM Maximo Application Suite versions 8.9 through 8.10 IBM Maximo Asset Management versions 7.6.1.2 through 7.6.1.3 Description: A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web...

5.4CVSS5.3AI score0.00493EPSS
Exploits0References8
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/07 6:21 p.m.45 views

Security Bulletin: There is a vulnerability in SQLite JDBC used by IBM Maximo Manage application in IBM Maximo Application Suite ( CVE-2023-32697)

Summary There is a vulnerability in SQLite JDBC used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2023-32697 DESCRIPTION: SQLite JDBC could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a flaw when JDB...

9.8CVSS9.2AI score0.01592EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/06 5:51 p.m.48 views

Security Bulletin: Jettison component is vulnerable to CVE-2022-45685 and CVE-2022-45693 is used by IBM Maximo Application Suite

Summary IBM Maximo Application Suite uses Jettison package which is vulnerable to CVE-2022-45685 and CVE-2022-45693. Vulnerability Details CVEID:CVE-2022-45685 DESCRIPTION: Jettison is vulnerable to a denial of service, caused by a stack-based buffer overflow. By sending an overly long string usi...

7.5CVSS7.6AI score0.01395EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/01 9:1 p.m.33 views

Security Bulletin: Google Guava component is vulnerable to CVE-2023-2976 is used by IBM Maximo Application Suite

Summary IBM Maximo Application Suite uses Google Guava package which is vulnerable to CVE-2023-2976. Vulnerability Details CVEID:CVE-2023-2976 DESCRIPTION: Google Guava could allow a local authenticated attacker to obtain sensitive information, caused by a flaw with using Java's default temporary...

7.1CVSS6.1AI score0.00248EPSS
Exploits0Affected Software1
Rows per page
Query Builder