Lucene search
K

33 matches found

NVD
NVD
added 2026/03/11 5:18 a.m.5 views

CVE-2026-2413

The Ally – Web Accessibility & Usability plugin for WordPress is vulnerable to SQL Injection via the URL path in all versions up to, and including, 4.0.3. This is due to insufficient escaping on the user-supplied URL parameter in the getglobalremediations method, where it is directly concatenated...

7.5CVSS0.02289EPSS
Exploits1References4
Snyk
Snyk
added 2026/03/03 5:14 a.m.1 views

Malicious Package

Overview fhir.base.template is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.9AI score
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/30 9:12 p.m.4 views

Security Bulletin: IBM InfoSphere Information Server is vulnerable to privilege escalation (CVE-2025-33003)

Summary A privilege escalation vulnerability in InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2025-33003 DESCRIPTION: IBM InfoSphere Information Server could allow a non-root user to gain higher privileges/capabilities within the scope of a container due to executio...

7.8CVSS7.2AI score0.00125EPSS
Exploits0Affected Software1
Snyk
Snyk
added 2025/10/29 10:47 p.m.2 views

Malicious Package

Overview durablefunctionsmonitor.react is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS6.8AI score
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-18856

Malware in sbrugna...

8.8CVSS8.1AI score0.018EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-0036

Malware in sbrugna...

6.1CVSS7.6AI score0.00483EPSS
Exploits1References16
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-18674

Malicious code in bioql PyPI...

6.7CVSS6.6AI score0.00623EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/07/15 7:27 p.m.5 views

CVE-2025-50106

...

8.1CVSS7.6AI score0.00611EPSS
Exploits0References1
IBM AIX
IBM AIX
added 2025/06/10 8:28 a.m.13 views

AIX is vulnerable to arbitrary command execution due to Perl (CVE-2025-33112)

IBM SECURITY ADVISORY First Issued: Tue Jun 10 08:28:43 CDT 2025 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/perladvisory9.asc Security Bulletin: AIX is vulnerable to arbitrary command execution due to Perl CVE-2025-33112...

8.4CVSS7.6AI score0.00191EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2025/06/07 1:5 a.m.16 views

Security Bulletin: A vulnerability in Go affects IBM Robotic Process Automation for Cloud Pak which could lead to a denial of service (CVE-2024-45338).

Summary A vulnerability in Go affects IBM Robotic Process Automation for Cloud Pak which could lead to a denial of service CVE-2024-45338. Go is used by IBM Robotic Process Automation for Cloud Pak as part of its deployment. This bulletin identifies the fix required to resolve the vulnerability...

5.3CVSS8.8AI score0.00856EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/05/28 6:39 a.m.10 views

Security Bulletin: IBM Sterling Secure Proxy is vulnerable to CVE-2024-38341.

Summary IBM Sterling Secure Proxy is vulnerable due to the use of a weak crypographic algorithm during hashing. Vulnerability Details CVEID:CVE-2024-38341 DESCRIPTION: IBM Sterling Secure Proxy uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly...

7.5CVSS6.5AI score0.00192EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/05/08 2:42 p.m.9 views

Security Bulletin: Multiple Vulnerabilities in IBM CloudPak for AIOps

Summary Multiple vulnerabilities were addressed in IBM Cloud Pak for AIOps version 4.9.1 Vulnerability Details undefined Affected Products and Versions Affected Products| Versions ---|--- IBM Cloud Pak for AIOps| 4.1.0 - 4.9.0 Remediation/Fixes IBM strongly suggests that you address the...

7.1AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/05/01 9:38 p.m.25 views

Security Bulletin: IBM Watson Speech Services Cartridge v4.8.8 is vulnerable to multiple Operator package issues

Summary IBM Watson Speech Services Cartridge v4.8.8 is vulnerable to multiple Operator package issues. We have performed updates to the Operators used by our Speech Services. The following vulnerabilities have been addressed in this update. Please read the details for remediation below...

9.8CVSS8.8AI score0.35963EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/25 8:26 p.m.23 views

Security Bulletin: IBM Maximo Asset Management is vulnerable to Server-Side Request Forgery (SSRF) + Information Disclosure (CVE-2025-2987)

Summary IBM Maximo Asset Management is vulnerable to Server-Side Request Forgery SSRF + Information Disclosure. Vulnerability Details CVEID:CVE-2025-2987 DESCRIPTION: IBM Maximo Asset Management is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send...

5.4CVSS6.2AI score0.00178EPSS
Exploits0Affected Software11
Snyk
Snyk
added 2025/04/24 6:14 p.m.2 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the validateUpdateTaskActions function used by the UpdateRunTaskActions GraphQL operation. Due to the lack of limitation on task action uniqueness and quantity, a user can cause an...

7.5CVSS6.9AI score0.00316EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 3:58 a.m.14 views

Security Bulletin: IBM Cloud Pak for Data is vulnerable to cross-site scripting (CVE-2025-0719)

Summary IBM Cloud Pak for Data is vulnerable to cross-site scripting. A reflected cross-site scripting XSS vulnerability has been identified on the /error endpoint, specifically with the 'error' parameter. This vulnerability allows an attacker to inject JavaScript code, which will be executed whe...

6.1CVSS6AI score0.00302EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 3:19 a.m.20 views

Security Bulletin: Improper access restrictions in IBM Jazz for Service Management exposes sensitive information (CVE-2024-47106)

Summary IBM Jazz for Service Management could allow a remote attacker to obtain sensitive information due to improper access restrictions in an unprotected directory CVE-2024-47106. Vulnerability Details CVEID:CVE-2024-47106 DESCRIPTION: IBM Jazz for Service Management could allow a remote attack...

7.5CVSS5.1AI score0.00389EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/10 7:9 p.m.14 views

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in golang.org/x/net

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of golang.org/x/net Vulnerability Details CVEID:CVE-2024-45338 DESCRIPTION: An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in...

5.3CVSS6.8AI score0.00856EPSS
Exploits0Affected Software1
Chainguard
Chainguard
added 2025/02/25 1:11 p.m.7 views

GHSA-GRVC-29P3-99FV vulnerabilities

Vulnerabilities for packages: mysql...

7.3AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/07 10:34 a.m.24 views

Security Bulletin: Vulnerabilities in Apache Solr affect watsonx.data

Summary Apache Solr is vulnerable to upload of arbritrary files attacks and to exposure of sensitive information attacks. This could affect watsonx.data. Vulnerability Details CVEID:CVE-2023-50386 DESCRIPTION: Apache Solr could allow a remote attacker to upload arbitrary files, caused by the...

8.8CVSS7.4AI score0.8384EPSS
Exploits4Affected Software1
Rows per page
Query Builder