Summary IBM® Db2® is vulnerable to denial of service with a specially crafted RUNSTATS command on an 8TB or larger table. Vulnerability Details ** CVEID: CVE-2023-40687 DESCRIPTION: **IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to denial of service with a...
7.5CVSS
7.6AI Score
0.001EPSS
Summary IBM® Db2® is vulnerable to denial of service under extreme stress conditions. Vulnerability Details ** CVEID: CVE-2023-40692 DESCRIPTION: **IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to denial of service under extreme stress conditions. CVSS Base...
7.5CVSS
7.8AI Score
0.001EPSS
Summary IBM® Db2® is affected by multiple vulnerabilities in the open source zlib library. Vulnerability Details ** CVEID: CVE-2018-25032 DESCRIPTION: **Zlib is vulnerable to a denial of service, caused by a memory corruption in the deflate operation. By using many distant matches, a remote...
9.8CVSS
9.6AI Score
0.473EPSS
Security Bulletin: IBM® Db2® is vulnerable to privilege escalation with DATAACCESS. (CVE-2023-38003)
Summary IBM® Db2® could allow a user with DATAACCESS privileges to execute routines that they should not have access to. Vulnerability Details ** CVEID: CVE-2023-38003 DESCRIPTION: **IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) could allow a user with DATAACCESS privileges to.....
7.2CVSS
7.5AI Score
0.001EPSS
Summary There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped IBM Business Automation Workflow. CVE-2023-22045, CVE-2023-22049) Vulnerability Details ** CVEID: CVE-2023-22045 DESCRIPTION: **An unspecified vulnerability in Java SE related to the VM component...
3.7CVSS
6.6AI Score
0.001EPSS
Product Explained: Memcyco's Real-Time Defense Against Website Spoofing
Hands-On Review: Memcyco's Threat Intelligence Solution Website impersonation, also known as brandjacking or website spoofing, has emerged as a significant threat to online businesses. Malicious actors clone legitimate websites to trick customers, leading to financial scams and data theft causing.....
6.9AI Score
Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions 8, which is used by the desktop version of IBM Process Designer 8.5.7 shipped with IBM Business Automation Workflow. IBM Process Designer has addressed the applicable CVEs. Vulnerability Details ** CVEID:...
5.9CVSS
7.1AI Score
0.001EPSS
Intel BIOS Firmware CVE-2022-30704 (INTEL-SA-00717)
The version of the Intel BIOS on the remote device is affected by a vulnerability as identified in the INTEL-SA-00717 advisory. Improper initialization in the Intel(R) TXT SINIT ACM for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via...
7.2CVSS
7.3AI Score
0.0004EPSS
Intel BIOS Firmware CVE-2022-30539 (INTEL-SA-00717)
The version of the Intel BIOS on the remote device is affected by a vulnerability as identified in the INTEL-SA-00717 advisory. Use after free in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access....
7.5CVSS
8AI Score
0.0004EPSS
Intel BIOS Firmware CVE-2022-32231 (INTEL-SA-00717)
The version of the Intel BIOS on the remote device is affected by a vulnerability as identified in the INTEL-SA-00717 advisory. Improper initialization in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access....
7.5CVSS
7.4AI Score
0.0004EPSS
Intel BIOS Firmware CVE-2021-0187 (INTEL-SA-00717)
The version of the Intel BIOS on the remote device is affected by a vulnerability as identified in the INTEL-SA-00717 advisory. Improper access control in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local...
8.2CVSS
7.5AI Score
0.0004EPSS
Intel BIOS Firmware CVE-2022-26837 (INTEL-SA-00717)
The version of the Intel BIOS on the remote device is affected by a vulnerability as identified in the INTEL-SA-00717 advisory. Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local...
7.5CVSS
7.4AI Score
0.0004EPSS
Intel BIOS Firmware CVE-2022-26343 (INTEL-SA-00717)
The version of the Intel BIOS on the remote device is affected by a vulnerability as identified in the INTEL-SA-00717 advisory. Improper access control in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access....
8.2CVSS
7.4AI Score
0.0004EPSS
Debian DLA-3690-1 : intel-microcode - LTS security update
The remote Debian 10 host has a package installed that is affected by a vulnerability as referenced in the dla-3690 advisory. Sequence of processor instructions leads to unexpected behavior for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of...
8.8CVSS
7.8AI Score
0.0004EPSS
Summary Vulnerabilities (CVE-2023-22045, CVE-2023-22049) exist in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Storage Protect Server and may be affected by this vulnerabilities. Vulnerability Details ** CVEID: CVE-2023-22045 DESCRIPTION: **An unspecified vulnerability in...
3.7CVSS
6.7AI Score
0.001EPSS
Wordfence CLI 2.1.0 Adds Email Capability and Unattended Configuration
Note: This post refers to Wordfence CLI, the command line tool for operations teams to rapidly scan large numbers of WordPress websites for vulnerabilities and malware, not the Wordfence plugin which is deeply integrated into WordPress and provides additional functionality, like a firewall,...
7.4AI Score
Security Bulletin: Multiple vulnerabilities in IBM Liberty for Java for IBM Cloud
Summary There are vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM Liberty for Java for IBM Cloud. This product has addressed the applicable CVE. If you run your own Java code using the IBM Java Runtime delivered with this product, you should evaluate your code to....
9.8CVSS
7.4AI Score
0.732EPSS
jq is a command-line JSON processor. Version 1.7 is vulnerable to stack-based buffer overflow in builds using decNumber. Version 1.7.1 contains a patch for this...
6.2CVSS
5.5AI Score
0.0004EPSS
jq is a command-line JSON processor. Version 1.7 is vulnerable to stack-based buffer overflow in builds using decNumber. Version 1.7.1 contains a patch for this...
6.2CVSS
5.7AI Score
0.0004EPSS
jq is a command-line JSON processor. Version 1.7 is vulnerable to stack-based buffer overflow in builds using decNumber. Version 1.7.1 contains a patch for this...
6.2CVSS
7.6AI Score
0.0004EPSS
jq is a command-line JSON processor. Version 1.7 is vulnerable to stack-based buffer overflow in builds using decNumber. Version 1.7.1 contains a patch for this...
6.2CVSS
5.7AI Score
0.0004EPSS
jq is a command-line JSON processor. Version 1.7 is vulnerable to stack-based buffer overflow in builds using decNumber. Version 1.7.1 contains a patch for this...
5.5CVSS
0.0004EPSS
jq is a command-line JSON processor. Version 1.7 is vulnerable to heap-based buffer overflow. Version 1.7.1 contains a patch for this...
5.5CVSS
0.0004EPSS
jq is a command-line JSON processor. Version 1.7 is vulnerable to heap-based buffer overflow. Version 1.7.1 contains a patch for this...
6.2CVSS
5.5AI Score
0.0004EPSS
jq is a command-line JSON processor. Version 1.7 is vulnerable to heap-based buffer overflow. Version 1.7.1 contains a patch for this...
6.2CVSS
7.3AI Score
0.0004EPSS
jq is a command-line JSON processor. Version 1.7 is vulnerable to heap-based buffer overflow. Version 1.7.1 contains a patch for this...
6.2CVSS
5.8AI Score
0.0004EPSS
jq is a command-line JSON processor. Version 1.7 is vulnerable to heap-based buffer overflow. Version 1.7.1 contains a patch for this...
6.2CVSS
5.6AI Score
0.0004EPSS
jq is a command-line JSON processor. Version 1.7 is vulnerable to stack-based buffer overflow in builds using decNumber. Version 1.7.1 contains a patch for this...
5.5CVSS
7.4AI Score
0.0004EPSS
jq is a command-line JSON processor. Version 1.7 is vulnerable to heap-based buffer overflow. Version 1.7.1 contains a patch for this...
5.5CVSS
7.5AI Score
0.0004EPSS
CVE-2023-50268 jq has stack-based buffer overflow in decNaNs
jq is a command-line JSON processor. Version 1.7 is vulnerable to stack-based buffer overflow in builds using decNumber. Version 1.7.1 contains a patch for this...
6.2CVSS
6.7AI Score
0.0004EPSS
CVE-2023-50246 jq has heap-buffer-overflow vulnerability in the function decToString in decNumber.c
jq is a command-line JSON processor. Version 1.7 is vulnerable to heap-based buffer overflow. Version 1.7.1 contains a patch for this...
6.2CVSS
6.7AI Score
0.0004EPSS
Summary There are multiple vulnerabilities in the IBM® SDK Java™ Technology Edition, Version 8 that is used by IBM InfoSphere Information Server. These issues were disclosed as part of the IBM Java SDK updates in October 2023. Vulnerability Details ** CVEID: CVE-2023-22081 DESCRIPTION: **An...
5.9CVSS
7.4AI Score
0.001EPSS
Summary There are multiple vulnerabilities in Java™ Technology Edition used by the Elastic Storage Server. Fixes for all these vulnerabilities are available. Vulnerability Details ** CVEID: CVE-2023-22045 DESCRIPTION: **An unspecified vulnerability in Java SE related to the VM component could...
9.1CVSS
9AI Score
0.002EPSS
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM License Metric Tool v9.
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 used by IBM License Metric Tool. These issues were disclosed as part of the IBM Java SDK updates in Oct 2023. Vulnerability Details ** CVEID: CVE-2023-22081 DESCRIPTION: **An unspecified vulnerability in...
5.9CVSS
7.2AI Score
0.001EPSS
[SECURITY] Fedora 38 Update: libreoffice-7.5.9.2-1.fc38
LibreOffice is an Open Source, community-developed, office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites. ...
8.8CVSS
8.8AI Score
0.001EPSS
Samsung Mobile Processor and Wearable Processor (Exynos 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, and W920) allow Information Disclosure in the...
4.6CVSS
0.001EPSS
A race condition issue discovered in Samsung Mobile Processor Exynos 9820, 980, 1080, 2100, 2200, 1280, and 1380 allows unintended modifications of values within certain...
4.7CVSS
4.8AI Score
0.0004EPSS
Samsung Mobile Processor and Wearable Processor (Exynos 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, and W920) allow Information Disclosure in the...
4.8CVSS
4.7AI Score
0.001EPSS
A race condition issue discovered in Samsung Mobile Processor Exynos 9820, 980, 1080, 2100, 2200, 1280, and 1380 allows unintended modifications of values within certain...
4.7CVSS
0.0004EPSS
A TOCTOU race condition in Samsung Mobile Processor Exynos 9820, Exynos 980, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, and Exynos 1380 can cause unexpected termination of a...
4.7CVSS
0.0004EPSS
A TOCTOU race condition in Samsung Mobile Processor Exynos 9820, Exynos 980, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, and Exynos 1380 can cause unexpected termination of a...
6.3CVSS
4.8AI Score
0.0004EPSS
A race condition issue discovered in Samsung Mobile Processor Exynos 9820, 980, 1080, 2100, 2200, 1280, and 1380 allows unintended modifications of values within certain...
4.7CVSS
7.2AI Score
0.0004EPSS
A TOCTOU race condition in Samsung Mobile Processor Exynos 9820, Exynos 980, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, and Exynos 1380 can cause unexpected termination of a...
4.7CVSS
7.1AI Score
0.0004EPSS
Samsung Mobile Processor and Wearable Processor (Exynos 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, and W920) allow Information Disclosure in the...
4.6CVSS
7.1AI Score
0.001EPSS
jq is a command-line JSON processor. Version 1.7 is vulnerable to stack-based buffer overflow in builds using decNumber. Version 1.7.1 contains a patch for this...
6.2CVSS
7.7AI Score
0.0004EPSS
A race condition issue discovered in Samsung Mobile Processor Exynos 9820, 980, 1080, 2100, 2200, 1280, and 1380 allows unintended modifications of values within certain...
4CVSS
5.2AI Score
0.0004EPSS
Fedora: Security Advisory for libreoffice (FEDORA-2023-0d971cd6aa)
The remote host is missing an update for...
8.8CVSS
8.8AI Score
0.001EPSS
jq is a command-line JSON processor. Version 1.7 is vulnerable to heap-based buffer overflow. Version 1.7.1 contains a patch for this...
6.2CVSS
7.4AI Score
0.0004EPSS
Intel BIOS Firmware CVE-2023-25756 (INTEL-SA-00924)
The version of the Intel BIOS on the remote device is affected by a vulnerability as identified in the INTEL-SA-00924 advisory. Out-of-bounds read in the BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via adjacent...
8CVSS
7.7AI Score
0.0004EPSS
Samsung Mobile Processor and Wearable Processor (Exynos 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, and W920) allow Information Disclosure in the...
4.8CVSS
5.3AI Score
0.001EPSS