Lucene search
K

58 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2024/04/04 1:25 p.m.30 views

Security Bulletin: Denial of service vulnerability in Johnzon affects IBM Business Automation Workflow - CVE-2023-33008

Summary IBM Business Automation Workflow is vulnerable to a denial of service attack. Vulnerability Details CVEID:CVE-2023-33008 DESCRIPTION: Apache Johnzon is vulnerable to a denial of service, caused by an unsafe deserialization flaw in BigDecimal. By sending a specially crafted JSON input, a...

5.3CVSS5.6AI score0.01454EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
added 2024/03/21 12:20 a.m.40 views

K000138966: Intel Xeon CPU vulnerability CVE-2023-23908

Security Advisory Description Improper access control in some 3rd Generation IntelR XeonR Scalable processors may allow a privileged user to potentially enable information disclosure via local access. CVE-2023-23908 Impact This vulnerability may allow a privileged user to enable information...

6CVSS5.8AI score0.00308EPSS
Exploits0Affected Software1
GoogleProjectZero
GoogleProjectZero
added 2023/08/02 12:0 a.m.21 views

MTE As Implemented, Part 1: Implementation Testing

By Mark Brand, Project Zero Background In 2018, in the v8.5a version of the ARM architecture, ARM proposed a hardware implementation of tagged memory, referred to as MTE Memory Tagging Extensions. Through mid-2022 and early 2023, Project Zero had access to pre-production hardware implementing thi...

7.1AI score
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 7:56 p.m.65 views

K95204515: Intel CPU vulnerability CVE-2022-21151

Security Advisory Description Processor optimization removal or modification of security-critical code for some IntelR Processors may allow an authenticated user to potentially enable information disclosure via local access. CVE-2022-21151 Impact This vulnerability may allow an authenticated user...

5.5CVSS5.6AI score0.00347EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
added 2023/02/21 6:45 p.m.57 views

K43541501: Intel CPU vulnerabilities CVE-2022-21131 and CVE-2022-21136

Security Advisory Description CVE-2022-21131 Improper access control for some IntelR XeonR Processors may allow an authenticated user to potentially enable information disclosure via local access. CVE-2022-21136 Improper input validation for some IntelR XeonR Processors may allow a privileged use...

5.5CVSS4.9AI score0.00288EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/15 1:32 p.m.70 views

Security Bulletin: IBM Application Navigator is vulnerable to an remote attacker exploitation of Apache Log4j (CVE-2021-44228)

Summary The IBM Application Navigator contains a copy of Apache Log4j which is not used by the IBM Application Navigator function. Out of an abundance of caution this update removes the unused copy of Apache Log4j. Vulnerability Details CVEID: CVE-2021-44228 DESCRIPTION: Apache Log4j could allow ...

10CVSS1.7AI score0.99999EPSS
Exploits351Affected Software1
Citrix
Citrix
added 2021/07/19 12:0 a.m.14 views

Outlook is unable to launch after Citrix UPM Hotfix ProfilemgtWX64_1912_3001 installation Error status 0xc0000428

After installing theCitrixHotfixProfilemgtWX6419123001, anerror is generated when opening Outlook: OUTLOOK.EXE : Bad Image C:\Program Files\Citrix\User Profile Manager\upmoutlookhook64.dll is either not designed to run on Windows or it contains an error. Try installing the program again using the...

7.1AI score
Exploits0
OSV
OSV
added 2021/04/21 7:38 p.m.288 views

GHSA-GHHP-997W-QR28 .NET Core Remote Code Execution Vulnerability

.NET Core Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24112. Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 5.0, .NET Core 3.1, and .NET Core 2.1. This advisory also provides guidance on what...

9.8CVSS8.6AI score0.30315EPSS
Exploits0References15
OSV
OSV
added 2020/05/20 2:15 p.m.5 views

CVE-2020-11716

Panasonic P110, Eluga Z1 Pro, Eluga X1, and Eluga X1 Pro devices through 2020-04-10 have Insecure Permissions. NOTE: the vendor states that all affected products are at "End-of-software-support."...

9.8CVSS7.3AI score0.01358EPSS
Exploits0References1
NVD
NVD
added 2020/05/20 2:15 p.m.28 views

CVE-2020-11716

Panasonic P110, Eluga Z1 Pro, Eluga X1, and Eluga X1 Pro devices through 2020-04-10 have Insecure Permissions. NOTE: the vendor states that all affected products are at "End-of-software-support."...

9.8CVSS9.6AI score0.01358EPSS
Exploits0References1
Prion
Prion
added 2020/05/20 2:15 p.m.16 views

Design/Logic Flaw

Panasonic P110, Eluga Z1 Pro, Eluga X1, and Eluga X1 Pro devices through 2020-04-10 have Insecure Permissions. NOTE: the vendor states that all affected products are at "End-of-software-support."...

7.5CVSS9.5AI score0.01358EPSS
Exploits0References1Affected Software6
Cvelist
Cvelist
added 2020/05/20 1:9 p.m.24 views

CVE-2020-11716

Panasonic P110, Eluga Z1 Pro, Eluga X1, and Eluga X1 Pro devices through 2020-04-10 have Insecure Permissions. NOTE: the vendor states that all affected products are at "End-of-software-support."...

9.6AI score0.01358EPSS
Exploits0References1
CVE
CVE
added 2020/05/20 1:9 p.m.48 views

CVE-2020-11716

The CVE-2020-11716 entry concerns Panasonic P110, Eluga Z1 Pro, Eluga X1, and Eluga X1 Pro devices—vulnerability described as Insecure Permissions, with affected products listed as End-of-software-support. Connected sources (Red Hat, NVD, CVE List, PT Security) specify the affected models and ver...

9.8CVSS9.4AI score0.01358EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2020/05/20 12:0 a.m.5 views

PT-2020-12802 · Panasonic · Eluga X1 Pro +2

Name of the Vulnerable Software and Affected Versions: Panasonic P110 versions through 2020-04-10 Eluga Z1 Pro versions through 2020-04-10 Eluga X1 versions through 2020-04-10 Eluga X1 Pro versions through 2020-04-10 Description: The issue is related to Insecure Permissions. The vendor has stated...

9.8CVSS9.2AI score0.01358EPSS
Exploits0References3
OSV
OSV
added 2020/05/19 5:15 p.m.2 views

CVE-2020-11715

Panasonic P99 devices through 2020-04-10 have Incorrect Access Control. NOTE: the vendor states that all affected products are at "End-of-software-support."...

9.8CVSS7.3AI score0.01433EPSS
Exploits0References1
NVD
NVD
added 2020/05/19 5:15 p.m.12 views

CVE-2020-11715

Panasonic P99 devices through 2020-04-10 have Incorrect Access Control. NOTE: the vendor states that all affected products are at "End-of-software-support."...

9.8CVSS9.6AI score0.01433EPSS
Exploits0References1
Prion
Prion
added 2020/05/19 5:15 p.m.16 views

Improper access control

Panasonic P99 devices through 2020-04-10 have Incorrect Access Control. NOTE: the vendor states that all affected products are at "End-of-software-support."...

7.5CVSS9.5AI score0.01433EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/05/19 4:7 p.m.17 views

CVE-2020-11715

Panasonic P99 devices through 2020-04-10 have Incorrect Access Control. NOTE: the vendor states that all affected products are at "End-of-software-support."...

9.6AI score0.01433EPSS
Exploits0References1
CVE
CVE
added 2020/05/19 4:7 p.m.43 views

CVE-2020-11715

CVE-2020-11715 affects Panasonic P99 devices up to 2020-04-10 due to an Incorrect Access Control vulnerability. Root cause: improper access control in the affected component. Impact is significant: CVSS v3.1 shows a base score of 9.8 (CRITICAL) with NETWORK attack vector, no privileges required, ...

9.8CVSS9.4AI score0.01433EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2020/01/30 10:2 a.m.5 views

SUSE-SU-2020:0262-1 Security update for glibc

This update for glibc fixes the following issues: Security issue fixed: - CVE-2019-19126: Fixed to ignore the LDPREFERMAP32BITEXEC environment variable during program execution after a security transition bsc1157292. Bug fixes: - Fixed z15 s390x strstr implementation that can return incorrect...

3.3CVSS5AI score0.00409EPSS
Exploits0References7
Rows per page
Query Builder