Security Bulletin: IBM Maximo Application Suite Predict Component uses Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability.

Summary Security Bulletin: IBM Maximo Application Suite Predict Component uses Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability.This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details...

Security Bulletin: IBM Maximo Application Suite - Manage Component uses cross-spawn-6.0.5.tgz which is vulnerable to CVE-2024-21538

Summary Security Bulletin: IBM Maximo Application Suite - Manage Component uses cross-spawn-6.0.5.tgz which is vulnerable to CVE-2024-21538. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-21538 DESCRIPTION: Versions of the...

Security Bulletin: IBM Maximo Application Suite Ai-Service Component uses Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc.

Summary Security Bulletin: IBM Maximo Application Suite Ai-Service Component uses Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc.This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details...

Security Bulletin: IBM Maximo Application Suite Ai-Service Component uses Spring Framework MVC applications can be vulnerable to Traversal Vulnerability.

Summary Security Bulletin: IBM Maximo Application Suite Ai-Service Component uses Spring Framework MVC applications can be vulnerable to Traversal Vulnerability.This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-41242 DESCRIPTION:...

Security Bulletin: IBM Maximo Application Suite Ai-Service Component uses Improper Resource Shutdown or Release vulnerability to the made you reset the attack.

Summary Security Bulletin: IBM Maximo Application Suite Ai-Service Component uses Improper Resource Shutdown or Release vulnerability to the made you reset the attack.This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-48989...

IBM Maximo Application Suite 安全漏洞

IBM Maximo Application Suite is a single platform for intelligent asset management, monitoring, maintenance, computer vision, security and reliability from International Business Machines IBM. A security vulnerability exists in IBM Maximo Application Suite versions 9.0.15 and earlier and 9.1.4 an...

PT-2025-44191

Name of the Vulnerable Software and Affected Versions IBM Maximo Application Suite versions 9.0.0 through 9.0.15 and 9.1.0 through 9.1.4 Description The software contains a flaw that allows a remote attacker to bypass authentication mechanisms and gain unauthorized access to the application...

Security Bulletin: IBM Maximo Application Suite - Manage Component uses multer-1.4.5-lts.2.tgz which is vulnerable to CVE-2025-47935.

Summary Security Bulletin: IBM Maximo Application Suite - Manage Component uses multer-1.4.5-lts.2.tgz which is vulnerable to CVE-2025-47935. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-47935 DESCRIPTION: Multer is a node.js...

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses axios which is vulnerable to this CVE-2025-58754

Summary Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses axios which is vulnerable to this CVE-2025-58754 Vulnerability Details CVEID:CVE-2025-58754 DESCRIPTION: Axios is a promise based HTTP client for the browser and Node.js. When Axios prior to versions 0.30.2...

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses xmldom-0.8.10.tgz which is vulnerable to this CVE-2021-32796

Summary Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses xmldom-0.8.10.tgz which is vulnerable to this CVE-2021-32796 Vulnerability Details CVEID:CVE-2021-32796 DESCRIPTION: xmldom is an open source pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParse...

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses golang.org/x/net-v0.21.0, golang.org/x/net-v0.33.0, golang.org/x/net-v0.34.0 which is vulnerable to this CVE-2025-22870

Summary Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses golang.org/x/net-v0.21.0, golang.org/x/net-v0.33.0, golang.org/x/net-v0.34.0 which is vulnerable to this CVE-2025-22870 Vulnerability Details CVEID:CVE-2025-22870 DESCRIPTION: Matching of hosts against prox...

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses flask-3.1.0-py3-none-any.whl which is vulnerable to this CVE-2025-47278

Summary Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses flask-3.1.0-py3-none-any.whl which is vulnerable to this CVE-2025-47278 Vulnerability Details CVEID:CVE-2025-47278 DESCRIPTION: Flask is a web server gateway interface WSGI web application framework. In Fla...

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses golang.org/x/net-v0.21.0 which is vulnerable to CVE-2024-45338, CVE-2023-45288, CVE-2025-22870

Summary Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses golang.org/x/net-v0.21.0 which is vulnerable to CVE-2024-45338, CVE-2023-45288, CVE-2025-22870 Vulnerability Details CVEID:CVE-2024-45338 DESCRIPTION: An attacker can craft an input to the Parse functions...

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses brace-expansion-2.0.1.tgz which is vulnerable to this CVE-2025-5889

Summary Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses brace-expansion-2.0.1.tgz which is vulnerable to this CVE-2025-5889 Vulnerability Details CVEID:CVE-2025-5889 DESCRIPTION: A vulnerability was found in juliangruber brace-expansion up to...

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to Django-4.2.20-py3-none-any.whl CVE-2025-32873

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to Django-4.2.20-py3-none-any.whl CVE-2025-32873. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2025-32873 DESCRIPTION: An issue was discovered in Django 4.2 before...

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to Django-4.2.20-py3-none-any.whl CVE-2025-48432

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to Django-4.2.20-py3-none-any.whl CVE-2025-48432. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2025-48432 DESCRIPTION: An issue was discovered in Django 5.2 before...

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses commons-lang3-3.17.0.jar which is vulnerable to this CVE-2025-48924

Summary Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses commons-lang3-3.17.0.jar which is vulnerable to this CVE-2025-48924 Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects...

Security Bulletin: WebSphere Application Server Liberty could allow a remote attacker to bypass security restrictions (CVE-2024-56339)

Summary WebSphere Application Server Liberty could allow a remote attacker to bypass security restrictions Vulnerability Details CVEID:CVE-2024-56339 DESCRIPTION: IBM WebSphere Application Server 9.0 and WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.7 could allow a remote attacker ...

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses golang.org/x/crypto which is vulnerable to CVE-2024-45337 and CVE-2025-22869

Summary Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses golang.org/x/crypto which is vulnerable to CVE-2024-45337 and CVE-2025-22869 Vulnerability Details CVEID:CVE-2024-45337 DESCRIPTION: Applications and libraries which misuse connection.serverAuthenticate via...

Security Bulletin: IBM Maximo Application Suite - Predict Component uses Requests is a HTTP library. Due to a URL parsing issue to third parties for specific urls.

Summary Security Bulletin: IBM Maximo Application Suite - Predict Component uses Requests is a HTTP library. Due to a URL parsing issue to third parties for specific urls. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-47081...