Lucene search
K

126701 matches found

Vulnrichment
Vulnrichment
added 2026/03/31 5:52 p.m.1 views

CVE-2025-62184 Pega Platform versions 8.1.0 through 25.1.0 are affected by a Stored Cross-site Scripting vulnerability in a user interface component.

Pega Platform versions 8.1.0 through 25.1.0 are affected by a Stored Cross-site Scripting vulnerability in a user interface component. Requires an administrative user and given extensive access rights, impact to Confidentiality is low and Integrity is none...

4.8CVSS5.9AI score0.00258EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/31 5:52 p.m.1 views

CVE-2025-62184

Pega Platform versions 8.1.0 through 25.1.0 are affected by a Stored Cross-site Scripting vulnerability in a user interface component. Requires an administrative user and given extensive access rights, impact to Confidentiality is low and Integrity is none...

4.8CVSS5.9AI score0.00258EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/03/31 5:52 p.m.7 views

CVE-2025-62184

CVE-2025-62184 affects Pega Platform versions 8.1.0 through 25.1.0 with a Stored Cross-site Scripting vulnerability in a UI component. Exploitation requires an administrative user with extensive rights; impact is limited to Confidentiality (LOW) and does not impact Integrity or Availability. The ...

4.8CVSS5.9AI score0.00258EPSS
Exploits0References1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/31 4:56 p.m.11 views

Security Bulletin: Remediation of Multiple Spring Vulnerabilities in IBM Library Support for Spring

Summary Multiple Spring Vulnerabilities have been addressed in IBM Library Support for Spring Vulnerability Details CVEID:CVE-2026-22731 DESCRIPTION: Spring Boot applications with Actuator can be vulnerable to an "Authentication Bypass" vulnerability when an application endpoint that requires...

9.1CVSS5.8AI score0.0122EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/31 4:55 p.m.9 views

Security Bulletin: Remediation of Multiple Spring Vulnerabilities in IBM Library Support for Spring

Summary Multiple Spring Vulnerabilities have been addressed in IBM Library Support for Spring Vulnerability Details CVEID:CVE-2026-22733 DESCRIPTION: Spring Boot applications with Actuator can be vulnerable to an "Authentication Bypass" vulnerability when an application endpoint that requires...

9.1CVSS5.8AI score0.0122EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/31 4:54 p.m.6 views

Security Bulletin: Remediation of Multiple Spring Vulnerabilities in IBM Library Support for Spring

Summary Multiple Spring Vulnerabilities have been addressed in IBM Library Support for Spring Vulnerability Details CVEID:CVE-2026-22733 DESCRIPTION: Spring Boot applications with Actuator can be vulnerable to an "Authentication Bypass" vulnerability when an application endpoint that requires...

9.1CVSS5.8AI score0.0122EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/31 4:18 p.m.7 views

Security Bulletin: IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Summary Multiple components with known vulnerabilities were addressed in IBM QRadar SIEM in UP15 IF01 Vulnerability Details CVEID:CVE-2025-38129 DESCRIPTION: In the Linux kernel, the following vulnerability has been resolved: pagepool: Fix use-after-free in pagepoolrecycleinring syzbot reported a...

7.8CVSS5.9AI score0.00248EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/31 4:18 p.m.11 views

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Process Mining 2.1.1

Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed with IBM Process Mining 2.1.1 Vulnerability Details CVEID:CVE-2026-22732 DESCRIPTION: When applications specify HTTP response headers for servlet applications using Spring...

9.8CVSS6.8AI score0.16903EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/31 3:54 p.m.11 views

Security Bulletin: Security Vulnerabilities affect IBM Voice Gateway

Summary Security Vulnerabilities affect IBM Voice Gateway. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2026-33750 DESCRIPTION: The brace-expansion library generates arbitrary strings containing a common prefix and suffix. Prior to versions 5.0.5, 3.0.2, 2.0.3, and...

8.7CVSS6AI score0.00612EPSS
Exploits9Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/31 3:34 p.m.6 views

Security Bulletin: Vulnerabilities in IBM Semeru SDK (CVE-2026-21945, CVE-2026-21933, CVE-2026-21925, CVE-2026-1188) affect Power HMC.

Summary The IBM Semeru SDK is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2026-21945 DESCRIPTION: Java SE is vulnerable to a denial of service, caused by an easily exploitable vulnerability issue that allows an remote...

9.8CVSS6.3AI score0.00864EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/31 3:34 p.m.11 views

Security Bulletin: Vulnerabilities in httpd library (CVE-2025-58098, CVE-2025-65082, CVE-2025-66200) affect Power HMC.

Summary The httpd library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2025-58098 DESCRIPTION: Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escape...

8.3CVSS5.9AI score0.015EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/31 3:33 p.m.12 views

Security Bulletin: Vulnerability in openssl library (CVE-2025-9230) affects Power HMC.

Summary The openssl library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2025-9230 DESCRIPTION: Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an...

7.5CVSS5.9AI score0.01744EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/31 3:32 p.m.4 views

Security Bulletin: Vulnerability in net-snmp library (CVE-2025-68615) affects Power HMC.

Summary The net-snmp library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2025-68615 DESCRIPTION: net-snmp is a SNMP application library, tools and daemon. Prior to versions 5.9.5 and 5.10.pre2, a specially crafted packet ...

9.8CVSS6AI score0.4269EPSS
Exploits2Affected Software1
EUVD
EUVD
added 2026/03/31 3:31 p.m.2 views

EUVD-2026-17421

InfCode's terminal auto-execution module contains a critical command filtering vulnerability that renders its blacklist security mechanism completely ineffective. The predefined blocklist fails to cover native high-risk commands in Windows PowerShell such as powershell, and the matching algorithm...

7.8CVSS6.5AI score0.00297EPSS
Exploits0References3
Snyk
Snyk
added 2026/03/31 3:31 p.m.4 views

Command Injection

Overview mlflow is a platform to streamline machine learning development, including tracking experiments, packaging code into reproducible runs, and sharing and deploying models. Affected versions of this package are vulnerable to Command Injection when serving models with enablemlserver=True due...

9.6CVSS6.2AI score0.01328EPSS
Exploits2References2
Snyk
Snyk
added 2026/03/31 3:31 p.m.2 views

Command Injection

Overview Affected versions of this package are vulnerable to Command Injection when serving models with enablemlserver=True due to unsanitized input being embedded into a shell command. An attacker can execute arbitrary commands by supplying specially crafted model URIs containing shell...

9.6CVSS6.2AI score0.01328EPSS
Exploits2References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/31 3:31 p.m.4 views

Security Bulletin: Vulnerability in kernel library (CVE-2022-50865) affects Power HMC.

Summary The kernel library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2022-50865 DESCRIPTION: In the Linux kernel, the following vulnerability has been resolved: tcp: fix a signed-integer-overflow bug in tcpaddbacklog Th...

5.8AI score0.00168EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/31 3:30 p.m.12 views

Security Bulletin: Vulnerabilities in openssh library (CVE-2025-61984, CVE-2025-61985) affect Power HMC.

Summary The openssh library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2025-61984 DESCRIPTION: ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources,...

3.6CVSS6.3AI score0.00221EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/31 3:28 p.m.7 views

Security Bulletin: Vulnerabilities in Apache Tomcat Server (CVE-2025-61795, CVE-2025-66614, CVE-2026-24733, CVE-2026-24734) affect Power HMC.

Summary The Apache Tomcat Server is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2025-61795 DESCRIPTION: Improper Resource Shutdown or Release vulnerability in Apache Tomcat. If an error occurred including exceeding limits...

9.1CVSS5.8AI score0.01139EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/31 3:27 p.m.6 views

Security Bulletin: Vulnerability in expat library (CVE-2025-59375) affects Power HMC.

Summary The expat library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2025-59375 DESCRIPTION: libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is...

7.5CVSS5.9AI score0.01279EPSS
Exploits1Affected Software1
Rows per page
Query Builder