Security Bulletin: IBM Maximo Application Suite - Predict Component component uses urllib3-1.26.18-py2.py3-none-any.whl which is vulnerable to this CVE-2024-37891

Summary IBM Maximo Application Suite - Predict Component component uses urllib3-1.26.18-py2.py3-none-any.whl which is vulnerable to this CVE-202437891 Vulnerability Details CVEID:CVE-2024-37891 DESCRIPTION: urllib3 could allow a remote authenticated attacker to obtain sensitive information, cause...

Security Bulletin: IBM Maximo Application Suite - Predict Component component uses requests-2.31.0-py3-none-any.whl which is vulnerable to this CVE-2024-35195

Summary Security Bulletin: IBM Maximo Application Suite - Predict Component component uses requests-2.31.0-py3-none-any.whl which is vulnerable to this CVE-2024-35195 Vulnerability Details CVEID:CVE-2024-35195 DESCRIPTION: Psf Requests could allow a local authenticated attacker to bypass security...

Security Bulletin: IBM Maximo Application Suite Predict Component includes joblib-1.4.0-py3-none-any.whl which is vulnerable to this CVE-2024-34997

Summary IBM Maximo Application Suite Predict Component includes joblib-1.4.0-py3-none-any.whl which is vulnerable to this CVE-2024-34997. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-34997 DESCRIPTION: joblib could allow a...

Security Bulletin: IBM Maximo Application Suite uses bcprov-jdk18on-1.74.jar which is vulnerable to CVE-2024-30171

Summary IBM Maximo Application Suite uses bcprov-jdk18on-1.74.jar which is vulnerable to CVE-2024-30171.This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-30171 DESCRIPTION: The Bouncy Castle Crypto Package For Java could allow a...

Security Bulletin: IBM Maximo Application Suite Predict Component uses IBM WebSphere Application Server Liberty is vulnerable to a denial of service which is vulnerable to CVE-2024-25026

Summary IBM Maximo Application Suite Predict Component IBM WebSphere Application Server Liberty is vulnerable to a denial of service which is vulnerable toCVE-2024-25026 .This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-25026...

Security Bulletin: IBM Maximo Application Suite Predict Component uses :IBM WebSphere Application Server Liberty is vulnerable to a denial of service due to jose4j which is vulnerable to CVE-2023-51775

Summary IBM Maximo Application Suite Predict Component uses :IBM WebSphere Application Server Liberty is vulnerable to a denial of service due to jose4j which is vulnerable to CVE-2023-51775. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details...

Security Bulletin: IBM Maximo Application Suite Predict Component uses IBM WebSphere Application Server Liberty is vulnerable to a denial of service when using the openidConnectClient-1.0 or socialLogin-1.0 feature which is vulnerable to CVE-2024-22353

Summary IBM Maximo Application Suite Predict Component uses IBM WebSphere Application Server Liberty is vulnerable to a denial of service when using the openidConnectClient-1.0 or socialLogin-1.0 feature which is vulnerable toCVE-2024-22353.This bulletin contains information regarding the...

Security Bulletin: IBM Maximo Application Suite Predict Component uses IBM WebSphere Application Server Liberty is vulnerable to cross-site scripting (CVE-2024-27270).

Summary IBM Maximo Application Suite Predict Component uses IBM WebSphere Application Server Liberty is vulnerable to cross-site scripting CVE-2024-27270. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-27270 DESCRIPTION: IBM...

Security Bulletin: IBM Maximo Application Suite Predict Component uses IBM WebSphere Application Server Liberty could provide weaker than expected security which is vulnerable to CVE-2023-50312

Summary IBM Maximo Application Suite Predict Component uses IBM WebSphere Application Server Liberty which is vulnerable to CVE-2023-50312.This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2023-50312 DESCRIPTION: IBM WebSphere...

Security Bulletin: IBM Maximo Application Suite - Predict Component uses urllib3-1.26.16-py2.py3-none-any.whl which is vulnerable to CVE-2023-45803 This bulletin contains information regarding the vulnerability and its fixture.

Summary IBM Maximo Application Suite - Predict Component :urllib3-1.26.16-py2.py3-none-any.whl is vulnerable to CVE-2023-45803 This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2023-45803 DESCRIPTION: urllib3 could allow a remote...

Security Bulletin: urllib3-1.26.16-py2.py3-none-any.whl (Publicly disclosed vulnerability found by Mend) was vulnerable to this CVE-2023-43804

Summary Security Bulletin: urllib3-1.26.16-py2.py3-none-any.whl Publicly disclosed vulnerability found by Mend was vulnerable to this CVE-2023-43804 : This bulltetin identifies the vulnerability and it's solution. Vulnerability Details CVEID:CVE-2023-43804 DESCRIPTION: urllib3 could allow a remot...

Security Bulletin: requests-2.28.2-py3-none-any.whl (Publicly disclosed vulnerability found by Mend)

Summary Security Bulletin: requests-2.28.2-py3-none-any.whl Publicly disclosed vulnerability found by Mend - This has been fixed in MAS 8.11 in APM-PM-LIB Vulnerability Details CVEID:CVE-2023-32681 DESCRIPTION: python-requests could allow a remote attacker to obtain sensitive information, caused ...

Security Bulletin: IBM Maximo Application Predict Component uses OSS Scan - WebSphere Liberty is vulnerable to weaker than expected security which is vulnerable to CVE-2023-46158.

Summary Security Bulletin: IBM Maximo Application Predict Component uses OSS Scan - WebSphere Liberty is vulnerable to weaker than expected security which is vulnerable to CVE-2023-46158. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details...

Crooks Exploited Satellite Live Feed Delay for Betting Advantage

By Deeba Ahmed The gang used satellite technology to get sports feed and predict match results before bookmakers. This is a post from HackRead.com Read the original post: Crooks Exploited Satellite Live Feed Delay for Betting Advantage...

QNAP QTS / QuTS hero Vulnerability in QTS and QuTS hero (QSA-23-59)

The version of QNAP QTS / QuTS hero installed on the remote host is affected by a vulnerability as referenced in the QSA-23-59 advisory. An insufficient entropy vulnerability has been reported to affect QNAP operating systems. If exploited, the vulnerability possibly allows remote users to predic...

When deploying a contract in PermissionlessNodeRegistry.deployNodeELRewardVault(), an attacker can find out in advance the address of the future deployed contract and deploy his own at this address

Lines of code Vulnerability details Impact The address of the new contract depends solely on the salt parameter, which is calculated from user-provided data. Once a user's create transaction is broadcast, the parameters for calculating salt can be viewed by anyone viewing the public mempool. This...

Multiple command injections in `mlflow models` CLI action

Description The mlflow cli executable is vulnerable to a command injection attack in mlflow models predict and mlflow models serve actions. The aforementioned actions is defined in file mlflow\models\cli.py, and uses a vulnerable predict and serve methods of a dynamically resolved instance of...

K27110515: Open SSL vulnerability CVE-2001-1141

Security Advisory Description The Pseudo-Random Number Generator PRNG in SSLeay and OpenSSL before 0.9.6b allows attackers to use the output of small PRNG requests to determine the internal state information, which could be used by attackers to predict future pseudo-random numbers. CVE-2001-1141...

SUSE CVE-2019-13218

Division by zero in the predictpoint function in stbvorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file...

SUSE CVE-2020-28975

svmpredictvalues in svm.cpp in Libsvm v324, as used in scikit-learn 0.23.2 and other products, allows attackers to cause a denial of service segmentation fault via a crafted model SVM introduced via pickle, json, or any other model permanence standard with a large value in the nsupport array. NOT...