Lucene search
K

886 matches found

OSV
OSV
added 2023/02/03 12:15 a.m.3 views

CVE-2022-38389

IBM Tivoli Workload Scheduler 9.4, 9.5, and 10.1 is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 233975...

9.1CVSS5.8AI score0.01286EPSS
Exploits0References2
NVD
NVD
added 2023/02/03 12:15 a.m.27 views

CVE-2022-38389

IBM Tivoli Workload Scheduler 9.4, 9.5, and 10.1 is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 233975...

9.1CVSS8.1AI score0.01286EPSS
Exploits0References2
OSV
OSV
added 2023/02/03 12:15 a.m.3 views

CVE-2022-22486

IBM Tivoli Workload Scheduler 9.4, 9.5, and 10.1 is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 226328...

9.1CVSS5.8AI score0.01365EPSS
Exploits0References2
NVD
NVD
added 2023/02/03 12:15 a.m.38 views

CVE-2022-22486

IBM Tivoli Workload Scheduler 9.4, 9.5, and 10.1 is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 226328...

10CVSS9.2AI score0.01365EPSS
Exploits0References2
Prion
Prion
added 2023/02/03 12:15 a.m.16 views

Xxe

IBM Tivoli Workload Scheduler 9.4, 9.5, and 10.1 is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 226328...

6.4CVSS8.8AI score0.01365EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2023/02/03 12:15 a.m.19 views

Xxe

IBM Tivoli Workload Scheduler 9.4, 9.5, and 10.1 is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 233975...

6.4CVSS8.8AI score0.01286EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2023/02/03 12:0 a.m.4 views

IBM Tivoli Workload Scheduler 代码问题漏洞

IBM Tivoli Workload Scheduler is a suite of enterprise task scheduling software from International Business Machines IBM. The software supports planning, executing and tracking jobs across multiple platforms and environments. A code issue vulnerability exists in IBM Tivoli Workload Scheduler...

9.1CVSS8.3AI score0.01286EPSS
Exploits0References3
CVE
CVE
added 2023/02/02 6:0 p.m.76 views

CVE-2022-38389

CVE-2022-38389 affects IBM Tivoli Workload Scheduler versions 9.4, 9.5, and 10.1, where XML data processing is vulnerable to XML External Entity (XXE) injection. The root cause is XXE handling during XML processing, exposing potential disclosure of sensitive information and memory resource consum...

9.1CVSS8.1AI score0.01286EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/02/02 6:0 p.m.6 views

CVE-2022-38389 IBM Tivoli Workload Scheduler XML external entity injection

IBM Tivoli Workload Scheduler 9.4, 9.5, and 10.1 is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 233975...

7.1CVSS6.7AI score0.01286EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/02/02 6:0 p.m.29 views

CVE-2022-38389 IBM Tivoli Workload Scheduler XML external entity injection

IBM Tivoli Workload Scheduler 9.4, 9.5, and 10.1 is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 233975...

7.1CVSS8.9AI score0.01286EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/02/02 5:45 p.m.7 views

CVE-2022-22486 IBM Tivoli Workload Scheduler XML external entity injection

IBM Tivoli Workload Scheduler 9.4, 9.5, and 10.1 is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 226328...

10CVSS9AI score0.01365EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/02/02 5:45 p.m.37 views

CVE-2022-22486 IBM Tivoli Workload Scheduler XML external entity injection

IBM Tivoli Workload Scheduler 9.4, 9.5, and 10.1 is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 226328...

10CVSS9.1AI score0.01365EPSS
Exploits0References2
CVE
CVE
added 2023/02/02 5:45 p.m.67 views

CVE-2022-22486

IBM Tivoli Workload Scheduler (versions 9.4, 9.5, 10.1) is vulnerable to an XML External Entity (XXE) injection when processing XML data. Root cause: XXE in XML processing. Impact per sources: potential exposure of sensitive information and resource consumption. Remediation in connected documents...

10CVSS9AI score0.01365EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2023/02/02 12:0 a.m.12 views

PT-2023-12701 · Ibm · Ibm Tivoli Workload Scheduler

Name of the Vulnerable Software and Affected Versions: IBM Tivoli Workload Scheduler versions 9.4 through 10.1 Description: The issue is related to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this to expose sensitive information or consume...

10CVSS9.2AI score0.01365EPSS
Exploits0References4
Fedora
Fedora
added 2023/01/31 1:38 a.m.35 views

[SECURITY] Fedora 36 Update: rust-resctl-bench-2.1.2-8.fc36

resctl-bench is a collection of whole-system benchmarks to evaluate resource control and hardware behaviors using realistic simulated workloads. Comprehensive resource control involves the whole system. Furthermore, testing resource control end-to-end requires scenarios involving realistic...

7.8CVSS7.3AI score0.00782EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/30 5:56 p.m.34 views

Security Bulletin: IBM Workload Scheduler potentially affected by jsoup XSS attacks (CVE-2022-36033)

Summary IBM Workload Scheduler is vulnerable to XSS attacks caused by jsoup, which may incorrectly sanitize HTML including javascript: URL expressions. Vulnerability Details CVEID:CVE-2022-36033 DESCRIPTION: jsoup is vulnerable to cross-site scripting, caused by improper validation of user-suppli...

6.1CVSS6.5AI score0.01208EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/30 5:54 p.m.35 views

Security Bulletin: Due to the use of WebSphere Application Server Liberty, IBM Workload Scheduler is vulnerable to HTTP header injection

Summary WebSphere Application Server Liberty is vulnerable to HTTP header injection CVE-2022-34165. This has been addressed. Vulnerability Details CVEID:CVE-2022-34165 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 throug...

5.4CVSS5.6AI score0.00441EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/30 5:54 p.m.32 views

Security Bulletin: IBM Workload Scheduler potentially affected by vulnerability in Eclipse Openj9 (CVE-2021-41041)

Summary Eclipse Openj9 is vulnerable to attacks bypassing security restrictions that can potentially affect IBM Workload Scheduler 9.5 and IBM Workload Scheduler 10.1 Vulnerability Details CVEID:CVE-2021-41041 DESCRIPTION: Eclipse Openj9 could allow a remote attacker to bypass security...

5.3CVSS5.4AI score0.00985EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/30 5:53 p.m.34 views

Security Bulletin: IBM Workload Scheduler potentially affected by multiple vulnerabilities in jackson-databind (CVE-2022-42003, CVE-2022-42004)

Summary FasterXML jackson-databind is vulnerable to denial of service attacks that can potentially affect IBM Workload Scheduler 9.5 and IBM Workload Scheduler 10.1 Vulnerability Details CVEID:CVE-2022-42003 DESCRIPTION: FasterXML jackson-databind is vulnerable to a denial of service, caused by a...

7.5CVSS7.2AI score0.02824EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/30 5:50 p.m.40 views

Security Bulletin: IBM Workload Scheduler potentially affected by parsing issue with binary data in protobuf-java core (CVE-2022-3171)

Summary A parsing issue with binary data in protobuf-java core can lead to a denial of service attack and potentially affects IBM Workload Scheduler 9.5 and IBM Workload Scheduler 10.1 Vulnerability Details CVEID:CVE-2022-3171 DESCRIPTION: protobuf-java core and lite are vulnerable to a denial of...

7.5CVSS7AI score0.01048EPSS
Exploits0Affected Software1
Rows per page
Query Builder