Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

378 matches found

OSV
OSVadded 2023/05/09 2:15 p.m.0 views

DEBIAN-CVE-2023-31137

MaraDNS is open-source software that implements the Domain Name System DNS. In version 3.5.0024 and prior, a remotely exploitable integer underflow vulnerability in the DNS packet decompression function allows an attacker to cause a Denial of Service by triggering an abnormal program termination...

7.5CVSS7.2AI score0.01218EPSS
Exploits0References1
CVE
CVEadded 2023/05/08 6:4 p.m.54 views

CVE-2023-30860

CVE-2023-30860 affects WWBN AVideo prior to version 12.4. A normal user can create a Meeting Schedule and invite others, but input is not properly sanitized when creating a Meeting Room, allowing insertion of malicious scripts. Any user, including admins, can view the meeting room, enabling cooki...

8CVSS6AI score0.04161EPSS
Exploits1References2Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2023/05/02 9:10 p.m.54 views

Security Bulletin: There are several vulnerabilities in jackson-databind used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2022-42003, CVE-2022-42004)

Summary There are several vulnerabilities in jackson-databind used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2022-42003 DESCRIPTION: FasterXML jackson-databind is vulnerable to a denial of service, caused by a lack of a check in the primitiv...

7.5CVSS7.6AI score0.00317EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2023/04/17 1:11 p.m.60 views

Security Bulletin: There is a security vulnerability in Node.js http-cache-semantics module used by IBM Maximo for Civil Infrastructure in Maximo Application Suite (CVE-2022-25881)

Summary There is a security vulnerability in Node.js http-cache-semantics module used by IBM Maximo for Civil Infrastructure in Maximo Application Suite Vulnerability Details CVEID:CVE-2022-25881 DESCRIPTION: Node.js http-cache-semantics module is vulnerable to a denial of service, caused by a...

7.5CVSS6.9AI score0.00175EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2023/04/04 9:55 p.m.38 views

Security Bulletin: There are several vulnerabilities in Apache Batik used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2022-40146, CVE-2022-38648, CVE-2022-38398)

Summary There are several vulnerabilities in Apache Batik used by IBM Maximo Manage application in IBM Maximo Application Suite Vulnerability Details CVEID:CVE-2022-40146 DESCRIPTION: Apache Batik is vulnerable to server-side request forgery, caused by a flaw in the DefaultScriptSecurity function...

7.5CVSS6.4AI score0.47784EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2023/04/04 9:7 p.m.53 views

Security Bulletin: There is a vulnerability in GraphQL used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2022-37734)

Summary There is a vulnerability in GraphQL used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2022-37734 DESCRIPTION: GraphQL Java is vulnerable to a denial of service, caused by an uncontrolled resource consumption flaw. By sending a...

7.5CVSS7.3AI score0.01191EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2023/04/04 8:41 p.m.95 views

Security Bulletin: There is a vulnerability in jsoup used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2022-36033)

Summary There is a vulnerability in jsoup used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2022-36033 DESCRIPTION: jsoup is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could explo...

6.1CVSS6.3AI score0.01777EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2023/03/29 9:35 a.m.27 views

Security Bulletin: There is a security vulnerability in Node.js ua-parser-js module used by IBM Maximo for Civil Infrastructure in Maximo Application Suite (CVE-2022-25927)

Summary There is a security vulnerability in Node.js ua-parser-js module used by IBM Maximo for Civil Infrastructure in Maximo Application Suite Vulnerability Details CVEID:CVE-2022-25927 DESCRIPTION: Node.js ua-parser-js module is vulnerable to a denial of service, caused by a regular expression...

7.5CVSS6.2AI score0.01453EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2023/03/29 9:33 a.m.23 views

Security Bulletin: There is a security vulnerability in Node.js module used by IBM Maximo for Civil Infrastructure in Maximo Application Suite (CVE-2022-33987)

Summary There is a security vulnerability in Node.js module used by IBM Maximo for Civil Infrastructure in Maximo Application Suite Vulnerability Details CVEID:CVE-2022-33987 DESCRIPTION: Node.js got module could allow a remote attacker to bypass security restrictions, caused by an unspecified. B...

5.3CVSS6.2AI score0.0078EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2023/03/28 1:29 p.m.50 views

Security Bulletin: There is a security vulnerability in snakeYAML used by IBM Maximo Data Loader (CVE-2022-41854)

Summary There is a security vulnerability in snakeYAML used by IBM Maximo Data Loader Vulnerability Details CVEID:CVE-2022-41854 DESCRIPTION: snakeYAML is vulnerable to a denial of service, caused by improper input validation. By persuading a victim to open a specially-crafted YAML content, a...

6.5CVSS6.4AI score0.00123EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2023/03/27 8:34 p.m.33 views

Security Bulletin: There is a vulnerability in jQuery UI used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2022-31160)

Summary There is a vulnerability in jQuery UI used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2022-31160 DESCRIPTION: jQuery UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the check-box-radio...

6.1CVSS6.4AI score0.07763EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2023/03/10 8:35 p.m.81 views

Security Bulletin: There is a vulnerability in Apache Commons BCEL used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2022-42920)

Summary There is a vulnerability in Apache Commons BCEL used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2022-42920 DESCRIPTION: Apache Commons BCEL could allow a remote attacker to bypass security restrictions, caused by an out-of-bounds writ...

9.8CVSS9.7AI score0.03797EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2023/03/02 8:43 p.m.32 views

Security Bulletin: IBM Maximo Manage application in IBM Maximo Application Suite is vulnerable to information disclosure (CVE-2022-43923)

Summary IBM Maximo Manage application in IBM Maximo Application Suite is vulnerable to information disclosure. Vulnerability Details CVEID:CVE-2022-43923 DESCRIPTION: IBM Maximo Application Suite stores potentially sensitive information that could be read by a local user. CVSS Base score: 6.2 CVS...

6.2CVSS5.3AI score0.00049EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2023/03/02 8:39 p.m.69 views

Security Bulletin: There is a security vulnerability in Apache SOAP used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2022-40705)

Summary There is a security vulnerability in Apache SOAP used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2022-40705 DESCRIPTION: Apache SOAP is vulnerable to an XML external entity injection XXE attack when processing XML data, caused by a...

7.5CVSS7.6AI score0.00399EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2023/03/02 8:33 p.m.46 views

Security Bulletin: There is a vulnerability in Eclipse Jetty used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2022-2047)

Summary There is a vulnerability in Eclipse Jetty used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2022-2047 DESCRIPTION: Eclipse Jetty could allow a remote authenticated attacker to bypass security restrictions, caused by a flaw in the HttpUR...

4CVSS5.3AI score0.00401EPSS
Exploits0Affected Software1
SUSE CVE
SUSE CVEadded 2023/02/15 4:27 a.m.2 views

SUSE CVE-2018-11356

In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the DNS dissector could crash. This was addressed in epan/dissectors/packet-dns.c by avoiding a NULL pointer dereference for an empty name in an SRV record...

5.3CVSS7.5AI score0.01183EPSS
Exploits0References10
SUSE CVE
SUSE CVEadded 2023/02/15 3:24 a.m.0 views

SUSE CVE-2022-35979

TensorFlow is an open source platform for machine learning. If QuantizedRelu or QuantizedRelu6 are given nonscalar inputs for minfeatures or maxfeatures, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit...

7.5CVSS8.1AI score0.00064EPSS
Exploits0References3
Ivanti
Ivantiadded 2023/02/14 7:22 a.m.8 views

SA44712 - 2021-02: Out-of-Cycle Advisory: Pulse Secure response to BIOS Trickboot Vulnerability

Ivanti 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. A vulnerability in the BIOS of Pulse Secure PSA-Series Hardware could allow an attacker to compromise BIOS firmware. This vulnerability can be exploited only as part of an attack chain...

2.3CVSS6.8AI score0.00136EPSS
Exploits0
Positive Technologies
Positive Technologiesadded 2023/01/03 12:0 a.m.1 views

PT-2023-9448 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The vulnerability is related to a panic condition in the Linux kernel when the extent tree is not created. This issue can lead to a denial of service. The vulnerability is associated...

7.8CVSS6.6AI score0.00022EPSS
Exploits0References55
OSV
OSVadded 2022/12/05 8:48 p.m.22 views

CVE-2022-46169 Unauthenticated Command Injection

Cacti is an open source platform which provides a robust and extensible operational monitoring and fault management framework for users. In affected versions a command injection vulnerability allows an unauthenticated user to execute arbitrary code on a server running Cacti, if a specific data...

9.8CVSS10AI score0.94469EPSS
Exploits48References7
Rows per page
Query Builder