CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

604 matches found

IBM Security Bulletins•added 2026/01/30 6:4 a.m.•10 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses urllib3-2.5.0-py3-none-any.whl which is vulnerable to CVE-2025-66418, CVE-2025-66471.

Summary IBM Maximo Application Suite - Monitor Component uses urllib3-2.5.0-py3-none-any.whl which is vulnerable to CVE-2025-66418, CVE-2025-66471. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-66418 DESCRIPTION: urllib3 is a...

8.9CVSS6.1AI score0.00533EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/01/30 5:39 a.m.•9 views

Security Bulletin: IBM Maximo Application Suite uses node-forge-1.3.1.tgz,aiohttp-3.13.2-cp311-cp311-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl and WebSphere Application Server v.25.0.0.10 which is vulnerable to multiple CVEs.

Summary IBM Maximo Application Suite uses node-forge-1.3.1.tgz,aiohttp-3.13.2-cp311-cp311-manylinux2014x8664.manylinux217x8664.manylinux228x8664.whl and WebSphere Application Server v.25.0.0.10 which is vulnerable to CVE-2025-12816, CVE-2025-69223, CVE-2025-69224, CVE-2025, CVE-2025-66030,...

8.7CVSS5.9AI score0.00677EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2026/01/30 5:39 a.m.•13 views

Security Bulletin: IBM Maximo Application Suite uses werkzeug-3.1.3,fonttools-4.60.0-cp311-cp311-manylinux2014_x86_64.manylinux_2_17_x86_64.whl,lodash.clonedeep-4.5.0.tgz,js-yaml-4.1.0.tgz,mdast-util-towhich is vulnerable to multiple CVEs

Summary IBM Maximo Application Suite uses werkzeug-3.1.3-py3-none-any.whl, fonttools-4.60.0-cp311-cp311-manylinux2014x8664.manylinux217x8664.whl, lodash.clonedeep-4.5.0.tgz, js-yaml-4.1.0.tgz, mdast-util-towhich is vulnerable to CVE-2025-66221, CVE-2025-66034, CVE-2018-16487, CVE-2025-64718,...

9.8CVSS6.2AI score0.01899EPSS

Exploits11Affected Software1

RedhatCVE•added 2026/01/09 9:30 a.m.•6 views

CVE-2023-43043

IBM Maximo Application Suite - Maximo Mobile for EAM 8.10 and 8.11 could disclose sensitive information to a local user. IBM X-Force ID: 266875...

5.5CVSS5.8AI score0.00152EPSS

Exploits0References1

IBM Security Bulletins•added 2026/01/05 6:15 a.m.•6 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses keras-2.14.0-py3-none-any.whl which is vulnerable to CVE-2025-1550.

Summary IBM Maximo Application Suite - Monitor Component uses keras-2.14.0-py3-none-any.whl which is vulnerable to CVE-2025-1550. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2025-1550 DESCRIPTION: The Keras Model.loadmodel function permits...

9.8CVSS7.4AI score0.02803EPSS

Exploits3Affected Software1

IBM Security Bulletins•added 2025/12/29 5:43 a.m.•12 views

Security Bulletin: IBM Maximo Application Suite uses multiple third party dependencies which are vulnerable to CVEs.

Summary IBM Maximo Application Suite uses "torch-2.8.0-cp310-none-macosx110arm64.whl, starlette-0.48.0-py3-none-any.whl, keras-2.14.0-py3-none-any.whl, urllib3-1.26.19-py2.py3-none-any.whl, urllib3-1.26.20-py2.py3-none-any.whl, urllib3-2.5.0-py3-none-any.whl", which are vulnerable to...

8.9CVSS7.4AI score0.00597EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2025/11/28 6:13 a.m.•6 views

Security Bulletin: IBM Maximo Application Suite uses IBM WebSphere Application Server Liberty 25.0.0.8 which is vulnerable to CVE-2025-36000, CVE-2020-36732 and CVE-2025-36124

Summary IBM Maximo Application Suite uses IBM WebSphere Application Server Liberty 25.0.0.8 which is vulnerable to CVE-2025-36000, CVE-2020-36732 and CVE-2025-36124. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-36000...

7.5CVSS6.1AI score0.01075EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2025/11/10 7:11 a.m.•4 views

Security Bulletin: There is a vulnerability in netty-codec-http-4.1.115.Final.jar used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2025-58056)

Summary There is a vulnerability in netty-codec-http-4.1.115.Final.jar used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2025-58056 DESCRIPTION: Netty is an asynchronous event-driven network application framework for development of maintainable...

7.5CVSS6.4AI score0.00631EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2025/11/10 7:10 a.m.•6 views

Security Bulletin: There is a vulnerability in reactor-netty-http-1.2.1.jar (used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2025-22227)

Summary There is a vulnerability inreactor-netty-http-1.2.1.jar used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2025-22227 DESCRIPTION: In some specific scenarios with chained redirects, Reactor Netty HTTP client leaks credentials. In order f...

6.1CVSS6.6AI score0.0034EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2025/11/03 9:6 a.m.•34 views

Security Bulletin: IBM Maximo Application Suite uses multiple third party dependencies which are vulnerable to CVEs.

Summary IBM Maximo Application Suite uses "form-data 4.0.0, org.apache.cxfcxf-core 3.6.7 , net/http/internal v1.24.1, braces 3.0.2 , cross-spawn 7.0.3 , crypto/x509 1.24.1 1.24.3 , github.com/golang-jwt/jwt/v4 github.com/golang-jwt/jwt/v5 v4.5.0 v5.2.1 , httpd 2.4.37 , setuptools 78.0.2 75.8.0 ,...

9.8CVSS8.2AI score0.91327EPSS

Exploits10Affected Software1

RedhatCVE•added 2025/10/29 4:4 p.m.•4 views

CVE-2025-36386