Lucene search
K

590 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2021/07/30 5:2 a.m.35 views

Security Bulletin: CVE-2021-28165 In Eclipse Jetty CPU usage can reach 100% upon receiving a large invalid TLS frame.

Summary CVE-2021-28165 In Eclipse Jetty CPU usage can reach 100% upon receiving a large invalid TLS frame. Vulnerability Details CVEID: CVE-2021-28165 DESCRIPTION: Eclipse Jetty is vulnerable to a denial of service, caused by improper input valistion. By sending a specially-crafted TLS frame, a...

7.8CVSS0.4AI score0.53861EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/07/30 5:2 a.m.42 views

Security Bulletin: CVE-2021-27568 An issue was discovered in netplex json-smart-v1, an exception is thrown from a function

Summary CVE-2021-27568 An issue was discovered in netplex json-smart-v1, an exception is thrown from a function, may cause programs to crash or expose sensitive info Vulnerability Details CVEID: CVE-2021-27568 DESCRIPTION: Netplex json-smart-v1 and json-smart-v2 are vulnerable to a denial of...

5.9CVSS0.8AI score0.02886EPSS
Exploits1Affected Software1
CNVD
CNVD
added 2021/07/09 12:0 a.m.15 views

IBM UrbanCode Deploy has an unspecified vulnerability

IBM UrbanCode Deploy UCD is a set of application automation deployment tools from IBM Corporation in the United States. The tool is based on an application deployment automation management information model and uses remote agent technology to automate the deployment of complex applications in...

4.9CVSS3AI score0.00642EPSS
Exploits0References1
NVD
NVD
added 2021/07/08 4:15 p.m.15 views

CVE-2021-29711

IBM UrbanCode Deploy UCD 6.2.7.3, 6.2.7.4, 6.2.7.8 , 6.2.7.9, 7.0.3.0, 7.0.4.0, 7.0.5.4, 7.1.0.0, 7.1.1.0, 7.1.1.1, and 7.1.1.2 could allow an authenticated user with certain permissions to initiate an agent upgrade through the CLI interface. IBM X-Force ID: 200965...

4.9CVSS0.00642EPSS
Exploits0References2
Prion
Prion
added 2021/07/08 4:15 p.m.17 views

Code injection

IBM UrbanCode Deploy UCD 6.2.7.3, 6.2.7.4, 6.2.7.8 , 6.2.7.9, 7.0.3.0, 7.0.4.0, 7.0.5.4, 7.1.0.0, 7.1.1.0, 7.1.1.1, and 7.1.1.2 could allow an authenticated user with certain permissions to initiate an agent upgrade through the CLI interface. IBM X-Force ID: 200965...

4CVSS4.4AI score0.00642EPSS
Exploits0References2
CVE
CVE
added 2021/07/08 4:10 p.m.48 views

CVE-2021-29711

CVE-2021-29711 affects IBM UrbanCode Deploy (UCD) versions including 6.2.7.3/4/8/9, 7.0.3.0/4.0/5.4, 7.1.0.0/1.0/1.1/1.2, and 7.1.1.x. The IBM security bulletin notes that an authenticated user with certain permissions could initiate an agent upgrade through the CLI interface, due to inconsistent...

4.9CVSS4.3AI score0.00642EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/07/08 4:10 p.m.18 views

CVE-2021-29711

IBM UrbanCode Deploy UCD 6.2.7.3, 6.2.7.4, 6.2.7.8 , 6.2.7.9, 7.0.3.0, 7.0.4.0, 7.0.5.4, 7.1.0.0, 7.1.1.0, 7.1.1.1, and 7.1.1.2 could allow an authenticated user with certain permissions to initiate an agent upgrade through the CLI interface. IBM X-Force ID: 200965...

4.9CVSS4.5AI score0.00642EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/07/07 12:0 a.m.3 views

IBM UrbanCode Deploy 安全漏洞

IBM UrbanCode Deploy UCD is a set of application automation deployment tools from IBM Corporation in the United States. The tool is based on an application deployment automation management information model and uses remote agent technology to automate the deployment of complex applications in...

4.9CVSS5.8AI score0.00642EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2021/06/08 9:47 p.m.77 views

Security Bulletin: IBM UrbanCode Deploy (UCD) stores keystore passwords in plain after a manuel edit, which can be read by a local user.

Summary IBM UrbanCode Deploy UCD leaves a keystore passwords in plain text after a manual edit, which may be read by a local user. Vulnerability Details CVEID: CVE-2020-4944 DESCRIPTION: IBM UrbanCode Deploy UCD stores keystore passwords in plain in plain text after a manuel edit, which can be re...

5.5CVSS0.3AI score0.00155EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/04/13 9:10 p.m.63 views

Security Bulletin: XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating

Summary XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. Vulnerability Details Refer t...

9.9CVSS4.6AI score0.82136EPSS
Exploits10Affected Software1
CNVD
CNVD
added 2021/03/31 12:0 a.m.8 views

IBM UrbanCode Deploy elevation of privilege vulnerability (CNVD-2021-26382)

IBM UrbanCode Deploy UCD is a set of application automation deployment tools from IBM in the United States. The tool is based on an application deployment automation management information model, and through remote agent technology, to realize the complex application in different environments, su...

5.5CVSS6.2AI score0.00582EPSS
Exploits0References1
CNVD
CNVD
added 2021/03/31 12:0 a.m.8 views

IBM UrbanCode Deploy Information Disclosure Vulnerability (CNVD-2021-24460)

IBM UrbanCode Deploy UCD is a set of application automation deployment tools from IBM in the United States. The tool is based on an application deployment automation management information model, and through remote agent technology, to realize the complex application in different environments, su...

5.5CVSS6.3AI score0.00155EPSS
Exploits0References1
CNVD
CNVD
added 2021/03/31 12:0 a.m.8 views

IBM UrbanCode Deploy Information Disclosure Vulnerability (CNVD-2021-24459)

IBM UrbanCode Deploy UCD is a set of application automation deployment tools from IBM in the United States. The tool is based on an application deployment automation management information model, and through remote agent technology, to realize the complex application in different environments, su...

6.2CVSS6.4AI score0.00172EPSS
Exploits0References1
OSV
OSV
added 2021/03/30 4:15 p.m.4 views

CVE-2020-4944

IBM UrbanCode Deploy UCD 7.0.3.0, 7.0.4.0, 7.0.5.3, 7.0.5.4, 7.1.0.0, 7.1.1.0, 7.1.1.1, and 7.1.1.2, stores keystore passwords in plain text after a manual edit, which can be read by a local user. IBM X-Force ID: 191944...

5.5CVSS6AI score0.00155EPSS
Exploits0References2
NVD
NVD
added 2021/03/30 4:15 p.m.14 views

CVE-2020-4848

IBM UrbanCode Deploy UCD 6.2.7.9, 7.0.5.4, and 7.1.1.1 could allow an authenticated user to initiate a plugin or compare process resources that they should not have access to. IBM X-Force ID: 190293...

5.5CVSS0.00582EPSS
Exploits0References2
NVD
NVD
added 2021/03/30 4:15 p.m.14 views

CVE-2020-4944

IBM UrbanCode Deploy UCD 7.0.3.0, 7.0.4.0, 7.0.5.3, 7.0.5.4, 7.1.0.0, 7.1.1.0, 7.1.1.1, and 7.1.1.2, stores keystore passwords in plain text after a manual edit, which can be read by a local user. IBM X-Force ID: 191944...

5.5CVSS0.00155EPSS
Exploits0References2
NVD
NVD
added 2021/03/30 4:15 p.m.21 views

CVE-2020-4884

IBM UrbanCode Deploy UCD 6.2.7.9, 7.0.5.4, and 7.1.1.1 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 190908...

6.2CVSS0.00172EPSS
Exploits0References2
OSV
OSV
added 2021/03/30 4:15 p.m.9 views

CVE-2020-4848

IBM UrbanCode Deploy UCD 6.2.7.9, 7.0.5.4, and 7.1.1.1 could allow an authenticated user to initiate a plugin or compare process resources that they should not have access to. IBM X-Force ID: 190293...

5.4CVSS6.1AI score
Exploits0References2
OSV
OSV
added 2021/03/30 4:15 p.m.4 views

CVE-2020-4884

IBM UrbanCode Deploy UCD 6.2.7.9, 7.0.5.4, and 7.1.1.1 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 190908...

5.5CVSS6.3AI score0.00172EPSS
Exploits0References2
Prion
Prion
added 2021/03/30 4:15 p.m.19 views

Code injection

IBM UrbanCode Deploy UCD 6.2.7.9, 7.0.5.4, and 7.1.1.1 could allow an authenticated user to initiate a plugin or compare process resources that they should not have access to. IBM X-Force ID: 190293...

5.5CVSS5.2AI score0.00582EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder