📦 Maximo Application Suite

CVE-2025-36386 is an authentication bypass vulnerability in IBM Maximo Application Suite that allows remote attackers to gain unauthorized access without valid credentials. This affects IBM Maximo App...

This vulnerability in IBM Maximo Application Suite 9.0 allows authenticated attackers to escalate their privileges due to misconfigured Role-Based Access Control (RBAC) settings. Attackers with some i...

This vulnerability allows remote attackers to perform directory traversal attacks on IBM Maximo Application Suite systems. By sending specially crafted URL requests containing 'dot dot' sequences (/.....

IBM Maximo Application Suite 7.6.1.3 contains an XML External Entity (XXE) vulnerability that allows attackers to read sensitive files from the server or cause denial of service through resource exhau...

This vulnerability in IBM Maximo Application Suite allows authenticated users to perform unauthorized actions due to improper input validation. It affects Maximo Application Suite versions 8.11 and 9....

This vulnerability in IBM Maximo Application Suite 9.0 allows authenticated users to upload files with dangerous extensions that could be executed by other users. Attackers could potentially execute m...

This SQL injection vulnerability in IBM Maximo Application Suite's Monitor Component allows remote attackers to execute arbitrary SQL commands. Successful exploitation could enable attackers to read, ...

IBM Maximo Application Suite's Monitor Component stores source code files on the web server that could be accessed by attackers. This information disclosure vulnerability could help attackers understa...

IBM Maximo Application Suite Monitor Component versions 8.10, 8.11, and 9.0 contain a hard-coded cryptographic key vulnerability. This allows attackers who have already compromised the environment to ...