Lucene search
K

1072 matches found

Positive Technologies
Positive Technologies
added 2026/03/13 12:0 a.m.9 views

PT-2026-25345

IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to...

6.1CVSS5.5AI score0.00212EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/13 12:0 a.m.12 views

IBM Sterling Partner Engagement Manager 安全漏洞

IBM Sterling Partner Engagement Manager is an automated management tool provided by IBM Corporation. Versions of IBM Sterling Partner Engagement Manager prior to 6.2.3.5 and 6.2.4.2 contain security vulnerabilities. These vulnerabilities stem from the risk that attackers may use expired access...

7.5CVSS7.1AI score0.00166EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/13 12:0 a.m.7 views

IBM Sterling Partner Engagement Manager 安全漏洞

IBM Sterling Partner Engagement Manager is an automated management tool provided by IBM Corporation. Versions of IBM Sterling Partner Engagement Manager prior to 6.2.3.5 and 6.2.4.2 contain security vulnerabilities. These vulnerabilities stem from the possibility of sensitive information being...

7.5CVSS5.8AI score0.00183EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/13 12:0 a.m.8 views

PT-2026-25340

IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow an attacker to obtain sensitive information from the query string of an HTTP GET method to process a request which could be obtained using man in the middle techniques...

3.1CVSS5.8AI score0.00205EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/13 12:0 a.m.10 views

IBM Sterling Partner Engagement Manager 安全漏洞

IBM Sterling Partner Engagement Manager is an automated management tool provided by IBM Corporation. Versions of IBM Sterling Partner Engagement Manager prior to 6.2.3.5 and 6.2.4.2 contain security vulnerabilities. These vulnerabilities stem from the possibility that attackers could extract...

5.9CVSS7.1AI score0.00205EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/13 12:0 a.m.13 views

IBM Sterling Partner Engagement Manager 安全漏洞

IBM Sterling Partner Engagement Manager is an automated management tool provided by IBM Corporation. Versions of IBM Sterling Partner Engagement Manager prior to 6.2.3.5 and 6.2.4.2 contain security vulnerabilities. These vulnerabilities stem from cross-site scripting attacks, which may allow...

6.1CVSS5.8AI score0.00212EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/13 12:0 a.m.5 views

PT-2026-25346

IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow a remote attacker to obtain sensitive information in cleartext in a communication channel that can be sniffed by unauthorized actors...

3.7CVSS5.8AI score0.00183EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/13 12:0 a.m.4 views

PT-2026-25347

IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow an attacker to obtain sensitive user information using an expired access token...

5.3CVSS5.8AI score0.00166EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/13 12:0 a.m.8 views

PT-2026-25348

IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow a remote attacker to obtain sensitive information when detailed technical error messages are returned. This information could be used in further attacks against the system...

5.3CVSS5.8AI score0.00327EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/12 2:42 p.m.9 views

Security Bulletin: Multiple Security Vulnerabilities in IBM Sterling Partner Engagement Manager

Summary Multiple vulnerabilities were addressed in IBM Sterling Partner Engagement Manager versions 6.2.3.6 and 6.2.4.3. Vulnerability Details CVEID:CVE-2016-1000338 DESCRIPTION: In Bouncy Castle JCE Provider version 1.55 and earlier the DSA does not fully validate ASN.1 encoding of signature on...

9.8CVSS7.2AI score0.19442EPSS
Exploits4Affected Software1
Packet Storm News
Packet Storm News
added 2026/03/02 12:0 a.m.16 views

Exploiting PendingIntent Provenance Confusion to Spoof Android SDK Authentication

A single authentication bypass in a partner SDK grants attackers the identity of every partner in the ecosystem -- and millions of apps use SDKs with exactly this vulnerability. OWASP's 2024 Mobile Top 10 ranks Inadequate Supply Chain Security as the second most critical mobile risk, explicitly...

6AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/02/25 12:0 a.m.10 views

PT-2026-22008

Name of the Vulnerable Software and Affected Versions ServiceNow affected versions not specified Description A remote code execution issue exists within the ServiceNow AI platform. An unauthenticated user, under specific conditions, could potentially execute code within the ServiceNow Sandbox...

9.2CVSS6.2AI score0.00619EPSS
Exploits0References8
HackRead
HackRead
added 2026/02/06 2:55 p.m.7 views

Flickr Notifies Users of Data Breach After External Partner Security Flaw

Flickr says a third-party email vendor flaw may have exposed user names, emails, IP data, and activity logs,…...

5.4AI score
Exploits0
OSV
OSV
added 2026/02/05 7:15 p.m.3 views

CVE-2025-15338

Tanium addressed an incorrect default permissions vulnerability in Partner Integration...

6.5CVSS5.8AI score0.00312EPSS
Exploits0References1
NVD
NVD
added 2026/02/05 7:15 p.m.8 views

CVE-2025-15338

Tanium addressed an incorrect default permissions vulnerability in Partner Integration...

6.5CVSS0.00312EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/05 6:16 p.m.24 views

CVE-2025-15338 Tanium addressed an incorrect default permissions vulnerability in Partner Integration.

Tanium addressed an incorrect default permissions vulnerability in Partner Integration...

6.5CVSS0.00312EPSS
Exploits0References1
CVE
CVE
added 2026/02/05 6:16 p.m.14 views

CVE-2025-15338

The CVE-2025-15338 entry concerns Tanium Partner Integration with an incorrect default permissions issue. Affected component: Tanium Partner Integration. Root cause/impact per the sources: the vulnerability is described as an incorrect default permission problem, with a CVSSv3.1 base score of 6.5...

6.5CVSS5.3AI score0.00312EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/02/05 6:16 p.m.7 views

EUVD-2025-206847

Tanium addressed an incorrect default permissions vulnerability in Partner Integration...

6.5CVSS5.3AI score0.00312EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/05 6:16 p.m.2 views

CVE-2025-15338 Tanium addressed an incorrect default permissions vulnerability in Partner Integration.

Tanium addressed an incorrect default permissions vulnerability in Partner Integration...

6.5CVSS5.3AI score0.00312EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/05 6:16 p.m.4 views

CVE-2025-15338

Tanium addressed an incorrect default permissions vulnerability in Partner Integration...

6.5CVSS5.3AI score0.00312EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder