Lucene search
K

607 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/03/29 9:32 a.m.32 views

Security Bulletin: There is a security vulnerability in Node.js create-choo-electron module used by IBM Maximo for Civil Infrastructure in Maximo Application Suite (CVE-2022-25908)

Summary There is a security vulnerability in Node.js create-choo-electron module used by IBM Maximo for Civil Infrastructure in Maximo Application Suite. Vulnerability Details CVEID:CVE-2022-25908 DESCRIPTION: Node.js create-choo-electron module could allow a remote attacker to execute arbitrary...

9.8CVSS8.8AI score0.01547EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/28 9:19 p.m.23 views

Security Bulletin: There are several vulnerabilities in TinyMCE used by IBM Maximo Manage application in IBM Maximo Application Suite

Summary There are several vulnerabilities in TinyMCE used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2022-23494 DESCRIPTION: TinyMCE is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote...

6.1CVSS6.3AI score0.00939EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/27 8:34 p.m.33 views

Security Bulletin: There is a vulnerability in jQuery UI used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2022-31160)

Summary There is a vulnerability in jQuery UI used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2022-31160 DESCRIPTION: jQuery UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the check-box-radio...

6.1CVSS6.4AI score0.01933EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/27 8:8 p.m.57 views

Security Bulletin: Maximo Application Suite uses jsonwebtoken package which is vulnerable to CVE-2022-23541, CVE-2022-23539, CVE-2022-23529 and CVE-2022-23540

Summary There are four vulnerabilities in jsonwebtoken-8.5.1.tgz used by IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2022-23541 DESCRIPTION: Auth0 jsonwebtoken could allow a remote authenticated attacker to bypass security restrictions, caused by an insecure implementation of ke...

8.1CVSS7.5AI score0.00753EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/27 8:3 p.m.39 views

Security Bulletin: Maximo Application Suite is vulnerable to CVE-2022-40897 per setuptools dependency

Summary There is one vulnerability in setuptools-65.3.0-py3-none-any.whl used by IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2022-40897 DESCRIPTION: Pypa Setuptools is vulnerable to a denial of service, caused by improper input validation. By sending request with a specially...

5.9CVSS6.3AI score0.02617EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/24 9:44 p.m.42 views

Security Bulletin: Maximo Application Suite is vulnerable to CVE-2022-42003 and CVE-2022-42004 per jackson-databind dependency

Summary There are two vulnerabilities in jackson-databind used by IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2022-42003 DESCRIPTION: FasterXML jackson-databind is vulnerable to a denial of service, caused by a lack of a check in the primitive value deserializers when the...

7.5CVSS7.6AI score0.02824EPSS
Exploits3Affected Software1
OSV
OSV
added 2023/03/15 7:15 p.m.3 views

CVE-2022-46774

IBM Manage Application 8.8.0 and 8.9.0 in the IBM Maximo Application Suite is vulnerable to incorrect default permissions which could give access to a user to actions that they should not have access to. IBM X-Force ID: 242953...

6.5CVSS5.8AI score0.00334EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/03/15 6:21 p.m.19 views

CVE-2022-46774 IBM Manage Application security bypass

IBM Manage Application 8.8.0 and 8.9.0 in the IBM Maximo Application Suite is vulnerable to incorrect default permissions which could give access to a user to actions that they should not have access to. IBM X-Force ID: 242953...

5.4CVSS6.3AI score0.00334EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/03/15 6:21 p.m.8 views

CVE-2022-46774 IBM Manage Application security bypass

IBM Manage Application 8.8.0 and 8.9.0 in the IBM Maximo Application Suite is vulnerable to incorrect default permissions which could give access to a user to actions that they should not have access to. IBM X-Force ID: 242953...

5.4CVSS6.2AI score0.00334EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/03/15 12:0 a.m.7 views

IBM Maximo Application Suite 授权问题漏洞

IBM Maximo Application Suite is a single platform for intelligent asset management, monitoring, maintenance, computer vision, security and reliability from International Business Machines IBM. an authorization issue vulnerability exists in IBM Maximo Application Suite versions 8.8.0 and 8.9.0,...

6.5CVSS6.6AI score0.00334EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/10 8:35 p.m.82 views

Security Bulletin: There is a vulnerability in Apache Commons BCEL used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2022-42920)

Summary There is a vulnerability in Apache Commons BCEL used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2022-42920 DESCRIPTION: Apache Commons BCEL could allow a remote attacker to bypass security restrictions, caused by an out-of-bounds writ...

9.8CVSS9.7AI score0.02836EPSS
Exploits0Affected Software1
OSV
OSV
added 2023/03/02 9:15 p.m.5 views

CVE-2022-35645

IBM Maximo Asset Management 7.6.1.1, 7.6.1.2, 7.6.1.3 and IBM Maximo Application Suite 8.8 and 8.9 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to...

5.4CVSS5.5AI score
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/02 8:47 p.m.48 views

Security Bulletin: There is a vulnerability in Node.js used IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2022-21681, CVE-2022-21680)

Summary There is a vulnerability in Node.js used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2022-21681 DESCRIPTION: Node.js marked module is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS flaw in...

7.5CVSS7.3AI score0.02828EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/02 8:43 p.m.34 views

Security Bulletin: IBM Maximo Manage application in IBM Maximo Application Suite is vulnerable to information disclosure (CVE-2022-43923)

Summary IBM Maximo Manage application in IBM Maximo Application Suite is vulnerable to information disclosure. Vulnerability Details CVEID:CVE-2022-43923 DESCRIPTION: IBM Maximo Application Suite stores potentially sensitive information that could be read by a local user. CVSS Base score: 6.2 CVS...

6.2CVSS5.3AI score0.00189EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/02 8:39 p.m.72 views

Security Bulletin: There is a security vulnerability in Apache SOAP used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2022-40705)

Summary There is a security vulnerability in Apache SOAP used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2022-40705 DESCRIPTION: Apache SOAP is vulnerable to an XML external entity injection XXE attack when processing XML data, caused by a...

7.5CVSS7.6AI score0.01414EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2023/03/02 12:0 a.m.6 views

IBM Maximo Asset Management 跨站脚本漏洞

IBM Maximo Asset Management is a comprehensive asset lifecycle and maintenance management solution from International Business Machines IBM. The solution is capable of managing all types of assets, such as facilities, transportation, etc., on a single platform with a single point of control over...

6.4CVSS5.7AI score0.00493EPSS
Exploits0References4
OSV
OSV
added 2023/02/24 3:15 p.m.2 views

CVE-2022-43923

IBM Maximo Application Suite 8.8.0 and 8.9.0 stores potentially sensitive information that could be read by a local user. IBM X-Force ID: 241584...

5.5CVSS5.8AI score
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/02/24 2:13 p.m.7 views

CVE-2022-43923

IBM Maximo Application Suite 8.8.0 and 8.9.0 stores potentially sensitive information that could be read by a local user. IBM X-Force ID: 241584...

6.2CVSS5.8AI score0.00189EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/02/24 12:0 a.m.5 views

PT-2023-14402 · Ibm · Ibm Maximo Application Suite

Name of the Vulnerable Software and Affected Versions: IBM Maximo Application Suite versions 8.8.0 through 8.9.0 Description: The issue concerns the storage of potentially sensitive information by the IBM Maximo Application Suite, which could be accessed by a local user. Recommendations: For IBM...

6.2CVSS5.2AI score0.00189EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/02/24 12:0 a.m.7 views

IBM Maximo Application Suite 日志信息泄露漏洞

IBM Maximo Application Suite is a single platform for intelligent asset management, monitoring, maintenance, computer vision, security and reliability from International Business Machines IBM. A log information disclosure vulnerability exists in IBM Maximo Application Suite versions 8.8.0 and...

6.2CVSS5.7AI score0.00189EPSS
Exploits0References3
Rows per page
Query Builder