Lucene search
K

607 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/05/26 11:13 a.m.42 views

Security Bulletin: There is a vulnerability in AWS SDK for Java used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2022-31159)

Summary There is a vulnerability in AWS SDK for Java used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2022-31159 DESCRIPTION: AWS SDK for Java could allow a remote authenticated attacker to traverse directories on the system, caused by a flaw ...

7.9CVSS6.7AI score0.01193EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/17 7:0 p.m.43 views

Security Bulletin: PyTorch is vulnerable to CVE-2022-45907 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses PyTorch which is vulnerable to CVE-2022-21271. Vulnerability Details CVEID:CVE-2022-45907 DESCRIPTION: PyTorch could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the...

9.8CVSS6.3AI score0.02789EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/09 6:16 p.m.41 views

Security Bulletin: Setuptools is vulnerable to CVE-2022-40897 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses setuptools which is vulnerable to CVE-2022-40897. Vulnerability Details CVEID:CVE-2022-40897 DESCRIPTION: Pypa Setuptools is vulnerable to a denial of service, caused by improper input validation. By sending request with a specially...

5.9CVSS6.3AI score0.02617EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/09 6:14 p.m.63 views

Security Bulletin: Loader-utils is vulnerable to CVE-2022-37603 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses loader-utils which is vulnerable to CVE-2022-37603. Vulnerability Details CVEID:CVE-2022-37603 DESCRIPTION: webpack loader-utils is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS flaw in the...

7.5CVSS8.2AI score0.02029EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/09 2:37 p.m.31 views

Security Bulletin: WebSphere Application Server Liberty is vulnerable to CVE-2022-3509 and CVE-2022-3171 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses WebSphere Application Server Liberty which is vulnerable to CVE-2022-3509 and CVE-2022-3171. Vulnerability Details CVEID:CVE-2022-3509 DESCRIPTION: protobuf-java core and lite are vulnerable to a denial of service, caused by a flaw in...

7.5CVSS6.3AI score0.01048EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/09 2:35 p.m.23 views

Security Bulletin: IBM WebSphere Application Server Liberty and Open Liberty is vulnerable to CVE-2022-22475 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses IBM WebSphere Application Server Liberty and Open Liberty which is vulnerable to CVE-2022-22475. Vulnerability Details CVEID:CVE-2022-22475 DESCRIPTION: IBM WebSphere Application Server Liberty and Open Liberty 17.0.0.3 through 22.0.0....

6.5CVSS5.7AI score0.00564EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/08 8:38 p.m.22 views

Security Bulletin: Ansi-html is vulnerable to CVE-2021-23424 used in IBM Maximo Application Suite

Summary IBM Maximo Application Suite - Monitor Component uses the package ansi-html which is vulnerable to CVE-2021-23424. Vulnerability Details CVEID:CVE-2021-23424 DESCRIPTION: Node.js ansi-html module is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS...

7.5CVSS7.4AI score0.01981EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/08 8:27 p.m.52 views

Security Bulletin: Apache Log4j is vulnerable to CVE-2021-45105 and CVE-2021-45046 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses Apache Log4j which is vulnerable to CVE-2021-45105 and CVE-2021-45046. Vulnerability Details CVEID:CVE-2021-45105 DESCRIPTION: Apache Log4j is vulnerable to a denial of service, caused by the failure to protect from uncontrolled...

10CVSS9.5AI score0.99999EPSS
Exploits351Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/08 8:20 p.m.33 views

Security Bulletin: Node-forge is vulnerable to security CVEs used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses node-forge which is vulnerable to security CVEs. Vulnerability Details CVEID:CVE-2022-24773 DESCRIPTION: Node.js node-forge module could allow a remote attacker to bypass security restrictions, caused by improper signature verification...

7.5CVSS6.3AI score0.01015EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/04 6:54 p.m.41 views

Security Bulletin: Oracle Java SE is vulnerable to CVE-2022-21271 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses Oracle Java SE which is vulnerable to CVE-2022-21271. Vulnerability Details CVEID:CVE-2022-21271 DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the Libraries component could allow an unauthenticated attacker to...

5.3CVSS5.2AI score0.02789EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/02 9:10 p.m.54 views

Security Bulletin: There are several vulnerabilities in jackson-databind used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2022-42003, CVE-2022-42004)

Summary There are several vulnerabilities in jackson-databind used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2022-42003 DESCRIPTION: FasterXML jackson-databind is vulnerable to a denial of service, caused by a lack of a check in the primitiv...

7.5CVSS7.6AI score0.02824EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/02 5:57 p.m.23 views

Security Bulletin: OAuthlib is vulnerable to CVE-2022-36087 used in IBM Maximo Application Suite

Summary IBM Maximo Application Suite uses OAuthlib which is vulnerable to CVE-2022-36087. Vulnerability Details CVEID:CVE-2022-36087 DESCRIPTION: OAuthlib is vulnerable to a denial of service, caused by improper input validation. By sending a specially-crafted request using IPV6 URI, a remote...

6.5CVSS5.9AI score0.01258EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/02 5:56 p.m.35 views

Security Bulletin: FasterXML jackson-databind is vulnerable to CVE-2022-42003 and CVE-2022-42004 used in IBM Maximo Application Suite

Summary IBM Maximo Application Suite uses FasterXML jackson-databind which is vulnerable to CVE-2022-42003 and CVE-2022-42004. Vulnerability Details CVEID:CVE-2022-42003 DESCRIPTION: FasterXML jackson-databind is vulnerable to a denial of service, caused by a lack of a check in the primitive valu...

7.5CVSS7.4AI score0.02824EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/02 5:53 p.m.95 views

Security Bulletin: Python Packaging Authority (PyPA) Wheel is vulnerable to CVE-2022-40898 used in IBM Maximo Application Suite

Summary IBM Maximo Application Suite uses Python Packaging Authority PyPA Wheel which is vulnerable to CVE-2022-40898. Vulnerability Details CVEID:CVE-2022-40898 DESCRIPTION: Python Packaging Authority PyPA Wheel is vulnerable to a denial of service. A remote attacker could exploit this...

7.5CVSS7.3AI score0.02659EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/04/20 7:53 p.m.27 views

Security Bulletin: Python is vulnerable to CVE-2022-26488 used in IBM Maximo Application Suite

Summary IBM Maximo Application Suite uses Python which is vulnerable to CVE-2022-26488 Vulnerability Details CVEID:CVE-2022-26488 DESCRIPTION: Python could allow a local authenticated attacker to gain elevated privileges on the system, caused by an issue when the search path is inadequately...

7CVSS6.9AI score0.01365EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/04/19 7:44 p.m.32 views

Security Bulletin: Multiple Vulnerabilities in Apache Commons Compress affect WebSphere Application Server used by IBM Maximo Application Suite

Summary Multiple Vulnerabilities in Apache Commons Compress affect WebSphere Application Server used by IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2021-35517 DESCRIPTION: Apache Commons Compress is vulnerable to a denial of service, caused by an out of memory error when...

7.5CVSS7.6AI score0.13292EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/04/17 1:11 p.m.62 views

Security Bulletin: There is a security vulnerability in Node.js http-cache-semantics module used by IBM Maximo for Civil Infrastructure in Maximo Application Suite (CVE-2022-25881)

Summary There is a security vulnerability in Node.js http-cache-semantics module used by IBM Maximo for Civil Infrastructure in Maximo Application Suite Vulnerability Details CVEID:CVE-2022-25881 DESCRIPTION: Node.js http-cache-semantics module is vulnerable to a denial of service, caused by a...

7.5CVSS6.9AI score0.01613EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/04/05 8:33 p.m.43 views

Security Bulletin: decode-uri-component is vulnerable to CVE-2022-38900 used in IBM Maximo Application Suite

Summary IBM Maximo Application Suite uses decode-uri-component which is vulnerable to CVE-2022-38900. Vulnerability Details CVEID:CVE-2022-38900 DESCRIPTION: decode-uri-component is vulnerable to a denial of service, caused by improper input validation by the decodeComponents function. By sending...

7.5CVSS6.8AI score0.24928EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/04/04 9:7 p.m.54 views

Security Bulletin: There is a vulnerability in GraphQL used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2022-37734)

Summary There is a vulnerability in GraphQL used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2022-37734 DESCRIPTION: GraphQL Java is vulnerable to a denial of service, caused by an uncontrolled resource consumption flaw. By sending a...

7.5CVSS7.3AI score0.02121EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/29 9:35 a.m.28 views

Security Bulletin: There is a security vulnerability in Node.js ua-parser-js module used by IBM Maximo for Civil Infrastructure in Maximo Application Suite (CVE-2022-25927)

Summary There is a security vulnerability in Node.js ua-parser-js module used by IBM Maximo for Civil Infrastructure in Maximo Application Suite Vulnerability Details CVEID:CVE-2022-25927 DESCRIPTION: Node.js ua-parser-js module is vulnerable to a denial of service, caused by a regular expression...

7.5CVSS6.2AI score0.01725EPSS
Exploits2Affected Software1
Rows per page
Query Builder