CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

391 matches found

Vulnrichment•added 2024/01/19 1:17 a.m.•14 views

CVE-2023-32337 IBM Maximo Spatial Asset Management server-side request forgery

IBM Maximo Spatial Asset Management 8.10 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 255288...

5.4CVSS6.2AI score0.00042EPSS

Exploits0References2

CNNVD•added 2024/01/19 12:0 a.m.•1 views

IBM Maximo Spatial Asset Management 安全漏洞

IBM Maximo Spatial Asset Management is an asset management lifecycle and workflow process management system from International Business Machines IBM. IBM Maximo Spatial Asset Management suffers from a server-side request forgery vulnerability that can be exploited by a remote attacker to submit a...

5.4CVSS6.5AI score0.00042EPSS

Exploits0References3

Positive Technologies•added 2024/01/18 12:0 a.m.•2 views

PT-2024-12320 · Ibm · Ibm Maximo Spatial Asset Management

Name of the Vulnerable Software and Affected Versions: IBM Maximo Spatial Asset Management version 8.10 Description: The issue allows an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. This is due to a...

5.4CVSS5.2AI score0.00042EPSS

Exploits0References6

NCSC•added 2024/01/18 12:0 a.m.•5 views

Vulnerabilities fixed in Oracle Database products

Oracle has fixed vulnerabilities in several Database Server products. A malicious party can exploit the vulnerabilities to perform attacks that could result in the following categories of damage: Denial-of-Service DoS. Remote code execution User rights Access to sensitive data Access to system da...

9.8CVSS8.2AI score0.83506EPSS

Exploits14

Tenable Nessus•added 2024/01/18 12:0 a.m.•279 views

Oracle Database Server (January 2024 CPU)

The versions of Oracle Database Server installed on the remote host are affected by multiple vulnerabilities as referenced in the January 2024 CPU advisory. - Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.21 and 21.3-21.12. Easi...

9.8CVSS7AI score0.9439EPSS

Exploits32References19

Qualys Blog•added 2024/01/17 3:29 p.m.•88 views

Oracle Patch Update, January 2024 Security Update Review

Oracle has released its first quarterly edition of Critical Patch Update, which contains patches for 389 security vulnerabilities. Some of the vulnerabilities addressed in this update impact more than one product. These patches address vulnerabilities in a wide range of product families, includin...

10CVSS10AI score0.94436EPSS

Exploits69

IBM Security Bulletins•added 2024/01/15 5:15 p.m.•20 views

Security Bulletin: IBM Maximo Manage application in IBM Maximo Application Suite is vulnerable to Blind Server-Side Request Forgery (CVE-2023-32337)

Summary IBM Maximo Manage application in IBM Maximo Application Suite is vulnerable to Blind Server-Side Request Forgery CVE-2023-32337 Vulnerability Details CVEID:CVE-2023-32337 DESCRIPTION: IBM Maximo Spatial Asset Management is vulnerable to server-side request forgery SSRF. This may allow an...

5.4CVSS5.3AI score0.00042EPSS

Exploits0Affected Software1

OSV•added 2023/12/07 8:15 p.m.•1 views

ALPINE-CVE-2023-49465

Libde265 v1.0.14 was discovered to contain a heap-buffer-overflow vulnerability in the derivespatiallumavectorprediction function at motion.cc...

8.8CVSS7.3AI score0.0012EPSS

Exploits1References1

OSV•added 2023/12/07 8:15 p.m.•1 views

UBUNTU-CVE-2023-49465

Libde265 v1.0.14 was discovered to contain a heap-buffer-overflow vulnerability in the derivespatiallumavectorprediction function at motion.cc...

8.8CVSS6.7AI score0.0012EPSS

Exploits1References4

AlpineLinux•added 2023/12/07 12:0 a.m.•37 views

CVE-2023-49465

Libde265 v1.0.14 was discovered to contain a heap-buffer-overflow vulnerability in the derivespatiallumavectorprediction function at motion.cc...

8.8CVSS8.6AI score0.0012EPSS

Exploits1

Positive Technologies•added 2023/11/23 12:0 a.m.•2 views

PT-2023-8338 · Libde265 +4 · Libde265 +4

Name of the Vulnerable Software and Affected Versions: Libde265 version 1.0.14 Description: The issue is related to a heap-buffer-overflow vulnerability in the derive spatial luma vector prediction function. This vulnerability may allow a remote attacker to impact the confidentiality, integrity,...

10CVSS7.4AI score0.0051EPSS

Exploits6References65

Tenable Nessus•added 2023/10/20 12:0 a.m.•148 views

Oracle Database Server (October 2023 CPU)

The versions of Oracle Database Server installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2023 CPU advisory. - Vulnerability in the Oracle Spatial and Graph cURL component of Oracle Database Server. Supported versions that are affected are 19.3-19.2...

7.5CVSS6.4AI score0.14467EPSS

Exploits16References23

NCSC•added 2023/10/19 12:0 a.m.•3 views

Vulnerabilities fixed in Oracle Database Server

Vulnerabilities have been fixed in Oracle Database Server products. A malicious party can exploit the vulnerabilities to perform attacks that can result in the following categories of damage: Denial-of-Service DoS Manipulation of data Bypassing authentication Bypassing security measure Oracle has...

7.5CVSS7.6AI score0.14467EPSS

Exploits7

OSV•added 2023/08/30 2:1 p.m.•5 views

OSV-2023-769 Index-out-of-bounds in derive_spatial_luma_vector_prediction

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61844 Crash type: Index-out-of-bounds Crash state: derivespatiallumavectorprediction filllumamotionvectorpredictors motionvectorsandrefindices...

7.2AI score

Exploits0References1