Lucene search
+L

179 matches found

Microsoft CVE
Microsoft CVE
added 2020/09/25 12:0 a.m.6 views

The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors.

...

7.5CVSS9.3AI score0.05333EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/24 5:7 p.m.59 views

Security Bulletin: Multiple security vulnerabilities have been Identified In Jackson Databind library shipped with IBM Global Mailbox

Summary Multiple security vulnerabilities have been Identified In Jackson Databind library shipped with IBM Global Mailbox Vulnerability Details CVEID: CVE-2020-8840 DESCRIPTION: An unspecified error with the lack of certain xbean-reflect/JNDI blocking in FasterXML jackson-databind has an unknown...

9.8CVSS0.9AI score0.26587EPSS
Exploits6Affected Software1
OSV
OSV
added 2020/06/02 2:15 p.m.5 views

CVE-2020-4367

IBM Planning Analytics Local 2.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 179001...

7.5CVSS6.5AI score0.00792EPSS
Exploits0References2
Cvelist
Cvelist
added 2020/05/27 1:15 p.m.28 views

CVE-2020-4350

IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 178424...

5.9CVSS7.3AI score0.00792EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2020/04/20 2:38 p.m.36 views

Security Bulletin: A Security vulnerability in Apache Tomcat used by Rational Build Forge (CVE-2017-15706)

Summary There is a potential security vulnerability in the Apache Tomcat used by Rational Build Forge. Vulnerability Details CVEID: CVE-2017-15706 DESCRIPTION: Apache Tomcat could provide weaker than expected security, caused by the incorrect documentation of the CGI search algorithm used by the...

5.3CVSS5.7AI score0.06083EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/10/18 3:10 a.m.45 views

Security Bulletin: Multiple Security Vulnerabilities in Expat affect IBM Netezza Analytics

Summary Expat vulnerabilities were disclosed August and September 2016. Expat is used by IBM Netezza Analytics. IBM Netezza Analytics has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2012-6702 DESCRIPTION: Expat, when used in a parser that has not called XMLSetHashSalt or passe...

9.8CVSS0.8AI score0.13802EPSS
Exploits3Affected Software1
OSV
OSV
added 2019/09/25 8:15 p.m.5 views

DEBIAN-CVE-2019-15941

OpenID Connect Issuer in LemonLDAP::NG 2.x through 2.0.5 may allow an attacker to bypass access control rules via a crafted OpenID Connect authorization request. To be vulnerable, there must exist an OIDC Relaying party within the LemonLDAP configuration with weaker access control rules than the...

9.8CVSS7.3AI score0.02197EPSS
Exploits0References1
OSV
OSV
added 2019/09/25 8:15 p.m.4 views

UBUNTU-CVE-2019-15941

OpenID Connect Issuer in LemonLDAP::NG 2.x through 2.0.5 may allow an attacker to bypass access control rules via a crafted OpenID Connect authorization request. To be vulnerable, there must exist an OIDC Relaying party within the LemonLDAP configuration with weaker access control rules than the...

9.8CVSS7.3AI score0.02197EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2019/09/19 12:39 a.m.57 views

Security Bulletin: IBM Security Privileged Identity Manager is affected by multiple vulnerabilities

Summary IBM Security Privileged Identity Manager has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2017-1137 DESCRIPTION: IBM WebSphere Application Server could provide weaker than expected security. A remote attacker could exploit this weakness to obtain sensitive...

10CVSS0.7AI score0.93838EPSS
Exploits45Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/07/02 2:20 a.m.28 views

Security Bulletin: IBM Security Privileged Identity Manager is affected by multiple IBM WebSphere Application Server vulnerabilities(CVE-2017-1137, CVE-2018-1567, CVE-2017-1194)

Summary IBM Security Privileged Identity Manager has addressed the following vulnerabilities related to IBM WebSphere Application Server. Vulnerability Details CVEID: CVE-2018-1567 DESCRIPTION: IBM WebSphere Application Server could allow remote attackers to execute arbitrary Java code through th...

9.8CVSS1.6AI score0.0376EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2019/06/25 12:0 a.m.8 views

PT-2019-16931 · Ibm · Ibm Security Access Manager

Name of the Vulnerable Software and Affected Versions: IBM Security Access Manager versions 9.0.1 through 9.0.6 Description: The issue is related to the use of weaker than expected cryptographic algorithms, which could allow an attacker to decrypt highly sensitive information. Recommendations: Fo...

5.9CVSS5.8AI score0.00869EPSS
Exploits0References3
Schneier on Security
Schneier on Security
added 2019/06/14 9:41 p.m.226 views

Friday Squid Blogging: Climate Change Could be Good for Squid

Basically, they thrive in a high CO2 environment, because it doesn't bother them and makes their prey weaker. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here...

0.3AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2019/05/29 7:35 a.m.25 views

Security Bulletin: Weaker than expected security in WebSphere Application Server (shipped with Jazz for Service Management) with SP800-131 transition mode (CVE-2018-1996)

Summary There is a potential for weaker than expected security in WebSphere Application Server with SP800-131 transition mode and SSLTLSv2. Vulnerability Details CVEID: CVE-2018-1996 DESCRIPTION: IBM WebSphere Application Server could provide weaker than expected security, caused by the improper...

5.3CVSS0.8AI score0.01142EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/03/19 4:40 p.m.24 views

Security Bulletin: Weaker than expected security in WebSphere Application Server with SP800-131 transition mode shipped with IBM Security Key Lifecycle Manager (SKLM) (CVE-2018-1996).

Summary WebSphere Application Server is shipped as a component of IBM Security Key Lifecycle Manager SKLM. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Please consult the Security Bulletin: Weake...

5.3CVSS2.8AI score0.01142EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/03/05 5:10 p.m.25 views

Security Bulletin: Multiple Security Vulnerabilities Affect IBM WebSphere Application Server in IBM Cloud

Summary There are multiple security vulnerabilities that affect the IBM WebSphere Application Server in the IBM Cloud. There is a timing window where there could be a privilege escalation vulnerability in WebSphere Application Server. There is a potential remote code execution vulnerability in...

9.8CVSS0.9AI score0.05119EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/02/07 10:55 p.m.18 views

Security Bulletin: IBM Spectrum Protect (formerly Tivoli Storage Manager) Client and IBM Spectrum Protect for Virtual Environments allow legacy SSL/TLS protocols and ciphers to be used (CVE-2018-1545)

Summary The IBM Spectrum Protect formerly Tivoli Storage Manager Client and IBM Spectrum Protect for Virtual Environments formerly Tivoli Storage Manager for Virtual Environments, allow legacy SSL/TLS protocols and ciphers to be used. This can result in the use of weaker than expected cryptograph...

7.5CVSS0.8AI score0.00966EPSS
Exploits0Affected Software4
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/31 2:25 a.m.118 views

Security Bulletin: Vulnerabilities in OpenSSL affect MegaRAID Storage Manager

Summary OpenSSL vulnerabilities were disclosed on January 8, 2015 by the OpenSSL Project. This includes "FREAK: Factoring Attack on RSA-EXPORT keys" TLS/SSL client and server vulnerability. OpenSSL is used by MegaRAID Storage Manager. MegaRAID Storage Manager has addressed the applicable CVEs...

5CVSS0.7AI score0.98685EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/31 2:25 a.m.80 views

Security Bulletin: Vulnerabilities in OpenSSL affect MegaRAID Storage Manager

Summary OpenSSL vulnerabilities were disclosed on March 19, 2015 by the OpenSSL Project. OpenSSL is used by MegaRAID Storage Manager. MegaRAID Storage Manager has addressed the applicable CVEs. Vulnerability Details Summary OpenSSL vulnerabilities were disclosed on March 19, 2015 by the OpenSSL...

7.5CVSS1AI score0.44503EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/29 9:45 p.m.19 views

Security Bulletin: Multiple Security vulnerabilities have been identified in IBM WebSphere Application Server shipped with Tivoli Access Manager for e-business

Summary IBM WebSphere Application Server is shipped as a component of Tivoli Access Manager for e-business. Information about security vulnerabilities affecting IBM WebSphere Application Server have been published in Security Bulletins. Vulnerability Details Consult the security bulletins listed...

8.8CVSS3.1AI score0.03482EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/28 5:35 p.m.21 views

Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Tivoli Federated Identity Manager and IBM Tivoli Federated Identity Manager Business Gateway

Summary IBM WebSphere Application Server is shipped as a component of IBM Tivoli Federated Identity Manager and IBM Tivoli Federated Identity Manager Business Gateway. Information about multiple security vulnerabilities affecting IBM WebSphere Application Server have been published in security...

9.8CVSS0.5AI score0.09254EPSS
Exploits0Affected Software1
Rows per page
Query Builder