Lucene search
+L

394 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/03/20 3:46 p.m.6 views

Security Bulletin: IBM Security SOAR is using a component with a known vulnerability (CVE-2026-26996)

Summary IBM Security SOAR uses an older version of the minimatch component that may be identified and exploited. Updates for supported versions have been released which address the issue. It is recommended to upgrade to version 51.0.9.1 Vulnerability Details CVEID:CVE-2026-26996 DESCRIPTION:...

8.7CVSS5.6AI score0.00519EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/10 2:43 p.m.8 views

Security Bulletin: IBM Security SOAR is using a component with a known vulnerability (CVE-2025-13465)

Summary IBM Security SOAR uses an older version of the Lodash component that may be identified and exploited. Updates for supported versions have been released which address the issue. It is recommended to upgrade to version 51.0.9.0 Vulnerability Details CVEID:CVE-2025-13465 DESCRIPTION: Lodash...

8.2CVSS5.7AI score0.01535EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/09 5:14 p.m.6 views

Security Bulletin: IBM Security SOAR is using a component with a known vulnerability (CVE-2026-24001)

Summary IBM Security SOAR uses an older version of the jsdiff component that may be identified and exploited. Updates for supported versions have been released which address the issue. It is recommended to upgrade to version 51.0.9.0 Vulnerability Details CVEID:CVE-2026-24001 DESCRIPTION: jsdiff ...

7.5CVSS5.7AI score0.00562EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/09 3:12 p.m.6 views

Security Bulletin: IBM Security SOAR is using a component with a known vulnerability (CVE-2026-1188)

Summary IBM Security SOAR uses an older version of the OMR component in OpenJ9 JVM that may be identified and exploited. Updates for supported versions have been released which address the issue. It is recommended to upgrade to version 51.0.9.0 Vulnerability Details CVEID:CVE-2026-1188 DESCRIPTIO...

9.8CVSS6AI score0.00491EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/09 12:16 p.m.7 views

CVE-2018-1000203

Soar Labs Soar Coin version up to and including git commit 4a2aa71ee21014e2880a3f7aad11091ed6ad434f latest release as of Sept 2017 contains an intentional backdoor vulnerability in the function zerofeetransaction that can result in theft of Soar Coins by the "onlycentralAccount" Soar Labs after...

7.5CVSS6.9AI score0.00988EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/05 2:41 p.m.7 views

Security Bulletin: IBM Security SOAR is using a component with a known vulnerability (CVE-2025-57352)

Summary IBM Security SOAR uses an older version of min-document that may be identified and exploited. Updates for supported versions have been released which address the issue. It is recommended customers upgrade to version 51.0.8.1 or later. Vulnerability Details CVEID:CVE-2025-57352 DESCRIPTION...

5.3CVSS7.7AI score0.00329EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2025/12/09 6:30 p.m.5 views

EUVD-2025-201881

A vulnerability exists in the SecOps SOAR server. The custom integrations feature allowed an authenticated user with an "IDE role" to achieve Remote Code Execution RCE in the server. The flaw stemmed from weak validation of uploaded Python package code. An attacker could upload a package containi...

8.6CVSS6.9AI score0.00298EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/12/09 6:28 a.m.38 views

CVE-2025-13428 RCE in SecOps SOAR server via user-provided Python packages

A vulnerability exists in the SecOps SOAR server. The custom integrations feature allowed an authenticated user with an "IDE role" to achieve Remote Code Execution RCE in the server. The flaw stemmed from weak validation of uploaded Python package code. An attacker could upload a package containi...

8.6CVSS0.00298EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/20 10:10 a.m.12 views

Security Bulletin: IBM Security SOAR is using a component with a known vulnerability (CVE-2025-9670)

Summary IBM Security SOAR uses an older version of the turndown javascript module that may be identified and exploited. Updates for supported versions have been released which address the issue. It is recommended to upgrade to version 51.0.8.0 Vulnerability Details CVEID:CVE-2025-9670 DESCRIPTION...

6.9CVSS5.2AI score0.00461EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/20 9:58 a.m.17 views

Security Bulletin: Due to the use of Swagger UI, IBM Security SOAR is vulnerable to spoofing attacks..

Summary IBM Security SOAR uses Swagger-UI internally. CVE-2025-25031 Vulnerability Details CVEID:CVE-2018-25031 DESCRIPTION: Swagger UI 4.1.2 and earlier could allow a remote attacker to conduct spoofing attacks. By persuading a victim to open a crafted URL, an attacker could exploit this...

4.3CVSS6.2AI score0.42326EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/19 2:32 p.m.5 views

Security Bulletin: IBM Security SOAR is using a component with a known vulnerability (CVE-2025-7783)

Summary IBM Security SOAR uses an older version of the form-data javascript module that may be identified and exploited. Updates for supported versions have been released which address the issue. It is recommended to upgrade to version 51.0.7.1 Vulnerability Details CVEID:CVE-2025-7783 DESCRIPTIO...

9.4CVSS6.7AI score0.01735EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/19 2:27 p.m.5 views

Security Bulletin: Due to use of Java SE, IBM Security SOAR is affected by unspecified vulnerabilities (CVE-2025-50106, CVE-2025-30749, CVE-2025-30761 & CVE-2025-30754)

Summary IBM Security SOAR uses Java SE library internally. Vulnerability Details CVEID:CVE-2025-50106 DESCRIPTION: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: 2D. Supported versions that are affected are Oracl...

8.1CVSS6.2AI score0.01058EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/19 1:46 p.m.8 views

Security Bulletin: IBM Security SOAR is using a component with a known vulnerability (CVE-2025-5889)

Summary IBM Security SOAR uses an older version of brace-expansion that may be identified and exploited. Updates for supported versions have been released which address the issue. It is recommended customers upgrade to version 51.0.7.1 or later. Vulnerability Details CVEID:CVE-2025-5889...

3.1CVSS5.6AI score0.00459EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/14 2:59 p.m.7 views

Security Bulletin: IBM Security SOAR is using a component with a known vulnerability (CVE-2025-58754)

Summary IBM Security SOAR uses an older version of axios that may be identified and exploited. Updates for supported versions have been released which address this issue. Vulnerability Details CVEID:CVE-2025-58754 DESCRIPTION: Axios is a promise based HTTP client for the browser and Node.js. When...

7.5CVSS6.5AI score0.0106EPSS
Exploits1Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2020-25880

Malware in sbrugna...

9CVSS7AI score0.02747EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-26111

Malware in sbrugna...

4.3CVSS4.8AI score0.00441EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-25882

Malware in sbrugna...

5.3CVSS4.7AI score0.00944EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-1876

Malware in sbrugna...

7.5CVSS7.6AI score0.00988EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-16259

Malware in sbrugna...

5.9CVSS5.9AI score0.01299EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.15 views

EUVD-2025-27633

Malicious code in bioql PyPI...

8.7CVSS6.6AI score0.00575EPSS
Exploits0References3
Rows per page
Query Builder