Trend Vision One™ - A Cybersecurity Consolidation Path
A single-platform approach delivers value greater than the sum of its...
7.1AI Score
7.1AI Score
Cross-Process Information Leak
Bulletin ID:AMD-SB-7008 Potential Impact:Information disclosure Severity:Medium Summary Under specific microarchitectural circumstances, a register in “Zen 2” CPUs may not be written to 0 correctly. This may cause data from another process and/or thread to be stored in the YMM register, which may.....
5.5CVSS
7.1AI Score
0.001EPSS
Security Bulletin: Vulnerability in IBM Java Runtime affects Host On-Demand
Summary There is a vulnerability in IBM® Runtime Environment Java™ Version 8 used by Host On-Demand. Host On-Demand has provided a fix for the applicable CVE. The issue was disclosed as part of the IBM Java SDK and Runtime Environment update from part of Oracle's April 2023 Critical Patch Update......
7.4CVSS
6AI Score
0.002EPSS
Security Bulletin: Vulnerability in IBM Java Runtime affects Host On-Demand
Summary There is a vulnerability in IBM® Runtime Environment Java™ Version 8 used by Host On-Demand. Host On-Demand has provided a fix for the applicable CVEs. This issue was disclosed as part of the IBM Java SDK and Runtime Environment updates in CVE-2023-30441. Vulnerability Details ** CVEID:...
7.5CVSS
5.9AI Score
0.002EPSS
7.1AI Score
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 and IBM® Runtime Environment Java™ Version 8 used by Rational Business Developer. Rational Business Developer has provided fixes for the applicable CVEs. These issues were disclosed as part of the IBM Java...
9.1CVSS
7.2AI Score
0.001EPSS
A potential security vulnerability has been identified in the Enterprise Server Common Web Administration (ESCWA) component used in Enterprise Server, Enterprise Test Server, Enterprise Developer, Visual COBOL, and COBOL Server. An attacker would need to be authenticated into ESCWA to attempt to...
7.1CVSS
6.3AI Score
0.001EPSS
A potential security vulnerability has been identified in the Enterprise Server Common Web Administration (ESCWA) component used in Enterprise Server, Enterprise Test Server, Enterprise Developer, Visual COBOL, and COBOL Server. An attacker would need to be authenticated into ESCWA to attempt to...
6.5CVSS
6.8AI Score
0.001EPSS
A potential security vulnerability has been identified in the Enterprise Server Common Web Administration (ESCWA) component used in Enterprise Server, Enterprise Test Server, Enterprise Developer, Visual COBOL, and COBOL Server. An attacker would need to be authenticated into ESCWA to attempt to...
6.5CVSS
6.3AI Score
0.001EPSS
A potential security vulnerability has been identified in the Enterprise Server Common Web Administration (ESCWA) component used in Enterprise Server, Enterprise Test Server, Enterprise Developer, Visual COBOL, and COBOL Server. An attacker would need to be authenticated into ESCWA to attempt to...
7.1CVSS
7AI Score
0.001EPSS
7.1AI Score
Q2-2023 API ThreatStats™ Report: API Exploits Are Everywhere: from NVIDIA to Reddit and more!
Our Q2-2023 API ThreatStats™ report is out. It provides API builders, defenders, breakers, and decision-makers with a comprehensive look at the API security vulnerabilities, threats and exploits reported this past quarter. This report provides everyone involved in API development, security and...
7AI Score
7.1AI Score
7.1AI Score
7.1AI Score
7.1AI Score
7.1AI Score
7.1AI Score
7.1AI Score
7.1AI Score
7.1AI Score
7.1AI Score
Microsoft Inspire: Partner resources to prepare for the future of security with AI
Cybersecurity is one of the most pressing challenges of our time. With an ever-changing threat landscape and siloed data across multiple security point solutions, defenders have limited visibility. It’s difficult to stay current and find cybersecurity professionals amid the global talent shortage.....
6.7AI Score
Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions 8.0 and Eclipse Openj9. IBM Sterling Connect:Direct Browser User Interface has addressed the applicable CVEs. Vulnerability Details ** CVEID: CVE-2023-21930 DESCRIPTION: **An unspecified vulnerability in Oracle...
9.1CVSS
8.5AI Score
0.002EPSS
6.8CVSS
6.7AI Score
0.001EPSS
7.1AI Score
Summary There are multiple vulnerabilities in the IBM® SDK Java™ Technology Edition, Version 8 that is used by IBM InfoSphere Information Server. These issues were disclosed as part of the IBM Java SDK updates in April 2023. Vulnerability Details ** CVEID: CVE-2023-21967 DESCRIPTION: **An...
5.9CVSS
7.7AI Score
0.001EPSS
The firmware update package for the wireless card is not properly signed and can be...
5.7CVSS
5.7AI Score
0.0004EPSS
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 1.8 and IBM® Runtime Environment Java™ Version 1.8 used by Rational Functional Tester. Rational Functional Tester has addressed the applicable CVEs. Vulnerability Details ** CVEID: CVE-2023-21930 DESCRIPTION:.....
9.1CVSS
8AI Score
0.002EPSS
Summary IBM® Db2® with Federated configuration is vulnerable to arbitrary code execution as Db2 instance owner. Vulnerability Details ** CVEID: CVE-2023-35012 DESCRIPTION: **IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) with a Federated configuration is vulnerable to a...
6.7CVSS
7.7AI Score
0.0004EPSS
Summary IBM® Db2® federated server is vulnerable to a denial of service as the server may crash when using a specially crafted wrapper using certain options. Vulnerability Details ** CVEID: CVE-2023-30442 DESCRIPTION: **IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) federated...
7.5CVSS
6.2AI Score
0.001EPSS
Summary IBM® Db2® JDBC driver is vulnerable to multiple remote code execution issues. These vulnerabilties are addressed. Vulnerability Details ** CVEID: CVE-2023-27869 DESCRIPTION: **IBM Db2 JDBC Driver could allow a remote authenticated attacker to execute arbitrary code on the system, caused...
8.8CVSS
8.2AI Score
0.002EPSS
A potential power side-channel vulnerability in some AMD processors may allow an authenticated attacker to use the power reporting functionality to monitor a program’s execution inside an AMD SEV VM potentially resulting in a leak of sensitive...
6.5CVSS
6.3AI Score
0.001EPSS
AMD SEV VM Power Side Channel Security Bulletin
Bulletin ID:AMD-SB-3004 Potential Impact:Information disclosure Severity:Low Summary Researchers have reported a potential power side-channel attack using the Running Average Power Limit (RAPL) interface on AMD SEV VMs. The researchers focused only on the first generation of AMD SEV technology and....
6.5CVSS
6.6AI Score
0.001EPSS
Summary There are multiple vulnerabilities in IBM Runtime Environment Java Version 8 used by WebSphere eXtreme Scale. Vulnerability Details ** CVEID: CVE-2022-21426 DESCRIPTION: **An unspecified vulnerability in Java SE related to the JAXP component could allow an unauthenticated attacker to...
5.9CVSS
6.4AI Score
0.001EPSS
Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions. IBM Sterling Connect:Direct Web Services has addressed the applicable CVEs. Vulnerability Details ** CVEID: CVE-2023-21930 DESCRIPTION: **An unspecified vulnerability in Oracle Java SE, Oracle GraalVM...
9.1CVSS
8AI Score
0.002EPSS
Summary: Potential security vulnerabilities in BIOS firmware for some Intel® Processors may allow escalation of privilege and information disclosure. Intel is releasing firmware updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2022-33894 Description: Improper.....
6.1AI Score
0.0004EPSS
Summary There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with Liberty for Java for IBM Cloud. The CVE(s) listed in this document might affect some configurations of Liberty for Java for IBM Cloud. These products have addressed the applicable CVE(s). If...
9.1CVSS
7.9AI Score
0.002EPSS
7.1AI Score
Summary CVE-2023-21930, CVE-2023-21967, CVE-2023-21954, CVE-2023-21939, CVE-2023-21968, CVE-2023-21937, CVE-2023-21938 and CVE-2023-2597 may affect IBM® SDK, Java™ Technology Edition shipped with IBM CICS TX Advanced. IBM CICS TX Advanced has addressed the applicable CVEs. Vulnerability Details...
9.1CVSS
7.8AI Score
0.002EPSS
Summary CVE-2023-21930, CVE-2023-21967, CVE-2023-21954, CVE-2023-21939, CVE-2023-21968, CVE-2023-21937, CVE-2023-21938 and CVE-2023-2597 may affect IBM® SDK, Java™ Technology Edition shipped with IBM CICS TX Standard. IBM CICS TX Standard has addressed the applicable CVEs. Vulnerability Details...
9.1CVSS
7.8AI Score
0.002EPSS
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM License Metric Tool v9.
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 used by IBM License Metric Tool. These issues were disclosed as part of the IBM Java SDK updates in Apr 2023. Vulnerability Details ** CVEID: CVE-2023-21930 DESCRIPTION: **An unspecified vulnerability in...
9.1CVSS
8.1AI Score
0.002EPSS
7.1AI Score
7.1AI Score
7.1AI Score
Summary IBM WebSphere Application Server is shipped as a component of IBM WebSphere Application Server Patterns. There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server. These issues were disclosed in the IBM® Java SDK...
6.6AI Score
Summary APM JBoss, APM WebLogic and APM SAP NetWeaver Java™ Stack Agents are vulnerable to Apache Ant(ant-1.7.0.jar, ant-1.8.4.jar) CVE-2021-36373, CVE-2020-1945, CVE-2012-2098, CVE-2020-11979, CVE-2021-36374. The fix includes ant jar upgraded to ant-1.10.13.jar. Vulnerability Details ** CVEID:...
7.5CVSS
6.5AI Score
0.026EPSS
7.1AI Score
7.1AI Score