CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2897 matches found

IBM Security Bulletins•added 2025/01/28 10:8 p.m.•17 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses idna-3.6-py3-none-any.whl which is vulnerable to this CVE-2024-3651

Summary Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses idna-3.6-py3-none-any.whl which is vulnerable to this CVE-2024-3651 Vulnerability Details CVEID:CVE-2024-3651 DESCRIPTION: idna could allow a local user to cause a denial of service using a specially crafte...

7.5CVSS6.6AI score0.0107EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2025/01/28 10:8 p.m.•18 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to axios-1.7.2.tgz CVE-2024-39338

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to axios-1.7.2.tgz CVE-2024-39338. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-39338 DESCRIPTION: Axios is vulnerable to server-side request forgery, caused b...

7.5CVSS7.5AI score0.01414EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2025/01/28 10:8 p.m.•14 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to ws-7.5.9.tgz CVE-2024-37890

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to ws-7.5.9.tgz CVE-2024-37890. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-37890 DESCRIPTION: Node.js ws module is vulnerable to a denial of service, caused ...

7.5CVSS6.7AI score0.01357EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2025/01/28 10:8 p.m.•20 views

Security Bulletin: IBM Maximo Application Suite uses grpc-js-1.8.21.tgz which is vulnerable to CVE-2024-37168

Summary IBM Maximo Application Suite uses grpc-js-1.8.21.tgz which is vulnerable to CVE-2024-37168. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-37168 DESCRIPTION: gRPC on Node.js is vulnerable to a denial of service, caused ...

5.3CVSS6.7AI score0.00671EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2025/01/28 10:8 p.m.•17 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to serve-static-1.15.0.tgz CVE-2024-43800

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to serve-static-1.15.0.tgz CVE-2024-43800. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-43800 DESCRIPTION: expressjs serve-static is vulnerable to cross-site...

5CVSS6.6AI score0.00595EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2025/01/28 10:8 p.m.•23 views

Security Bulletin: IBM Maximo Application Suite - AI Broker Component component uses spring-webmvc-6.1.12.jar which is vulnerable to this CVE-2024-38816

Summary Security Bulletin:IBM Maximo Application Suite - AI Broker Component component uses spring-webmvc-6.1.12.jar which is vulnerable to this CVE-2024-38816. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-38816 DESCRIPTION:...

7.5CVSS6.1AI score0.14718EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2025/01/28 10:8 p.m.•13 views

Security Bulletin: IBM Maximo Asset Management - A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2024-22354)

Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Industry Solutions including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas, and Maximo for Utilities, Maximo Adapter for Primavera, and...

7.5CVSS7.2AI score0.00649EPSS

Exploits0Affected Software11

IBM Security Bulletins•added 2025/01/28 10:8 p.m.•12 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to joblib-1.1.1-py2.py3-none-any.whl CVE-2024-34997

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to joblib-1.1.1-py2.py3-none-any.whl CVE-2024-34997. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-34997 DESCRIPTION: joblib could allow a local authenticated...

7.5CVSS7.2AI score0.00664EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2025/01/28 10:8 p.m.•21 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to spring-webmvc-6.1.12.jar CVE-2024-38816

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to spring-webmvc-6.1.12.jar CVE-2024-38816. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-38816 DESCRIPTION: VMware Tanzu Spring Security could allow a remote...

7.5CVSS6.3AI score0.14718EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2025/01/28 10:8 p.m.•23 views

Security Bulletin: IBM Maximo Application Suite: certifi-2023.7.22-py3-none-any.whl is vulnerable to CVE-2024-39689 used in IBM Maximo Application Suite - Edge Data Collector

Summary IBM Maximo Application Suite - Edge Data Collector is vulnerable to certifi-2023.7.22-py3-none-any.whl CVE-2024-39689. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-39689 DESCRIPTION: Certifi python-certifi could provide...

7.5CVSS6.2AI score0.01049EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2025/01/28 10:8 p.m.•19 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to cryptography-42.0.4-cp37-abi3-manylinux_2_28_x86_64.whl CVE-2024-6119

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to cryptography-42.0.4-cp37-abi3-manylinux228x8664.whl CVE-2024-6119. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-6119 DESCRIPTION: OpenSSL is vulnerable to a...

7.5CVSS6.7AI score0.66594EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2025/01/28 10:8 p.m.•22 views

Security Bulletin: IBM Maximo Application Suite uses axios-1.7.2.tgz and fast-xml-parser-4.2.5.tgz which is vulnerable to CVE-2024-39338 and CVE-2024-41818.

Summary IBM Maximo Application Suite uses axios-1.7.2.tgz and fast-xml-parser-4.2.5.tgz which is vulnerable to CVE-2024-39338 and CVE-2024-41818. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-39338 DESCRIPTION: Axios is...

7.5CVSS7.4AI score0.01414EPSS

Exploits2Affected Software1

IBM Security Bulletins•added 2025/01/28 10:8 p.m.•42 views

Security Bulletin: IBM Maximo Application Suite - MVI Component uses tar-6.2.0.tgz, Flask_Cors-3.0.10-py2.py3-none-any.whl, bcprov-jdk18on-1.72.jar which are vulnerable to CVE-2024-28863, CVE-2024-1681 and CVE-2024-30171

Summary Security Bulletin: IBM Maximo Application Suite - MVI Component uses tar-6.2.0.tgz, FlaskCors-3.0.10-py2.py3-none-any.whl, bcprov-jdk18on-1.72.jar which are vulnerable to CVE-2024-28863, CVE-2024-1681 and CVE-2024-30171 Vulnerability Details CVEID:CVE-2024-28863 DESCRIPTION: isaacs node-t...

6.5CVSS7.4AI score0.00929EPSS

Exploits2Affected Software1

IBM Security Bulletins•added 2025/01/28 10:8 p.m.•28 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to urllib3-2.0.7-py3-none-any.whl CVE-2024-37891

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to urllib3-2.0.7-py3-none-any.whl CVE-2024-37891. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-37891 DESCRIPTION: urllib3 could allow a remote authenticated...

6.5CVSS6.3AI score0.00965EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2025/01/28 10:8 p.m.•11 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to Jinja2-3.1.3-py3-none-any.whl CVE-2024-34064

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to Jinja2-3.1.3-py3-none-any.whl CVE-2024-34064. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-34064 DESCRIPTION: Jinja is vulnerable to cross-site scripting,...

5.4CVSS6.5AI score0.00979EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2025/01/28 10:8 p.m.•13 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to spring-webmvc-6.1.11.jar CVE-2024-38819

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to spring-webmvc-6.1.11.jar CVE-2024-38819. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-38819 DESCRIPTION: Applications serving static resources through the...

7.5CVSS6.5AI score0.54862EPSS

Exploits6Affected Software1

IBM Security Bulletins•added 2025/01/28 10:8 p.m.•20 views

Security Bulletin: Maximo Application Suite - spring-security-config-6.3.1.jar package is vulnerable to CVE-2024-38810 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses spring-security-config-6.3.1.jar package which is vulnerable to CVE-2024-38810. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-38810 DESCRIPTION: VMware Tanzu Spring...

7.5CVSS6.5AI score0.00432EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2025/01/28 10:8 p.m.•19 views

Security Bulletin: IBM Maximo Application Suite - Ai-Broker Component component uses nltk-3.8.1-py3-none-any.whl which is vulnerable to this CVE-2024-39705

Summary Security Bulletin: IBM Maximo Application Suite - Ai-Broker Component component uses nltk-3.8.1-py3-none-any.whl which is vulnerable to this CVE-2024-39705 Vulnerability Details CVEID:CVE-2024-39705 DESCRIPTION: Natural Language Toolkit NLTK could allow a remote attacker to execute...

9.8CVSS7.5AI score0.01346EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2025/01/28 10:8 p.m.•17 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses starlette-0.38.6-py3-none-any.whl which is vulnerable to this CVE-2024-47874

Summary Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses starlette-0.38.6-py3-none-any.whl which is vulnerable to this CVE-2024-47874 Vulnerability Details CVEID:CVE-2024-47874 DESCRIPTION: Starlette is an Asynchronous Server Gateway Interface ASGI...

8.7CVSS6.1AI score0.00652EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2025/01/28 10:8 p.m.•21 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to send-0.18.0.tgz CVE-2024-43799

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to send-0.18.0.tgz CVE-2024-43799. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-43799 DESCRIPTION: pillarjs send is vulnerable to cross-site scripting, caused ...

5CVSS6.6AI score0.00511EPSS

Exploits0Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by