BD Pyxis™ MedBank Security Vulnerabilities
Summary There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVE(s) listed in this document might affect some configurations of IBM WebSphere Application Server...
5.3CVSS
6.8AI Score
0.001EPSS
Insufficient control flow management in AmdCpmGpioInitSmm may allow a privileged attacker to tamper with the SMM handler potentially leading to escalation of...
8.8CVSS
8.6AI Score
0.001EPSS
Insufficient control flow management in AmdCpmOemSmm may allow a privileged attacker to tamper with the SMM handler potentially leading to an escalation of...
8.8CVSS
8.6AI Score
0.001EPSS
Security Bulletin: NVIDIA DCGM - March 2023
NVIDIA has released a software update for NVIDIA® Data Center GPU Manager (DCGM). The update addresses security issues that may lead to denial of service and data tampering. To protect your system, download and install the latest DCGM release from the CUDA repositories. Go to NVIDIA Product...
8.4CVSS
7AI Score
0.0004EPSS
Summary There is a vulnerability in IBM® Runtime Environment Java™ Versions 8 used by IBM Installation Manager and IBM Packaging Utility. The IBM Installation Manager and IBM Packaging Utility have addressed the applicable CVE and we recommend updating to the latest version to remediate....
3.7CVSS
4.2AI Score
0.002EPSS
Security Bulletin: NVIDIA GPU Display Driver - March 2023
NVIDIA has released a software security update for NVIDIA GPU Display Driver. This update addresses issues that may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. To protect your system, download and install this software update...
8.8CVSS
6.6AI Score
0.001EPSS
Summary Vulnerabilities in the IBM® Runtime Environment Java™ Technology Edition affect IBM SAN Volume Controller, IBM Storwize V7000, V5000, V3700 and V3500, IBM Spectrum Virtualize Software, IBM Spectrum Virtualize for Public Cloud and IBM FlashSystem V9000 and 9100 family products. The...
7.4CVSS
0.9AI Score
0.027EPSS
Summary There are vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 6 that is used by IBM SAN Volume Controller and Storwize Family. These issue was disclosed as part of the IBM Java SDK updates in Jan 2015. Vulnerability Details CVEID: CVE-2014-6593 DESCRIPTION: A...
5.2AI Score
0.698EPSS
Summary There is a vulnerability in IBM® Runtime Environment Java™ Technology Edition, Version 6 that is used by IBM SAN Volume Controller and Storwize Family. This issue was disclosed as part of the IBM Java SDK updates in July 2014. Vulnerability Details CVEID: CVE-2014-4263 DESCRIPTION: An...
4.8AI Score
0.009EPSS
Summary There are vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 7 that is used by IBM SAN Volume Controller and Storwize Family. These issues were disclosed as part of the IBM Java SDK updates in October 2015. SAN Volume Controller and Storwize Family has addressed.....
6AI Score
0.008EPSS
Summary There are vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 7 that is used by IBM SAN Volume Controller and Storwize Family. These issues were disclosed as part of the IBM Java SDK updates in January 2016. SAN Volume Controller and Storwize Family has addressed.....
5.5AI Score
0.004EPSS
Summary A vulnerability in the IBM® Runtime Environment Java™ Technology Edition affects IBM SAN Volume Controller, IBM Storwize V7000, V5000, V3700 and V3500, IBM Spectrum Virtualize Software, IBM Spectrum Virtualize for Public Cloud and IBM FlashSystem V9000 and 9100 family products. The...
7.5CVSS
1.2AI Score
0.003EPSS
Summary There are vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 6 that is used by IBM SAN Volume Controller and Storwize Family. These issue was disclosed as part of the IBM Java SDK updates in Apr 2015. Vulnerability Details CVEID:CVE-2015-0488 DESCRIPTION:An...
5.2AI Score
0.948EPSS
Summary Multiple vulnerabilities in the IBM® Runtime Environment Java™ Technology Edition affect IBM SAN Volume Controller, IBM Storwize V7000, V5000, V3700 and V3500, IBM Spectrum Virtualize Software, IBM Spectrum Virtualize for Public Cloud and IBM FlashSystem V9000 and 9100 family products. The....
5.6CVSS
0.9AI Score
0.018EPSS
Summary There are vulnerabilities in IBM® Runtime Environment Java™ Technology Edition that is used by IBM SAN Volume Controller, Storwize Family and FlashSystem V9000 products . These issues were disclosed as part of the IBM Java SDK updates in February 2017. The applicable CVEs are...
7.5CVSS
0.7AI Score
0.005EPSS
Summary A vulnerability in IBM® Runtime Environment Java™ Technology Edition affects the product's management GUI. The Command Line Interface is unaffected. Vulnerability Details ** CVEID: CVE-2022-21626 DESCRIPTION: **An unspecified vulnerability in Java SE related to the Security component...
5.3CVSS
1AI Score
0.002EPSS
Summary Multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition and Apache Tomcat affect the product's management GUI. The Command Line Interface is unaffected. Vulnerability Details CVEID: CVE-2020-2781 DESCRIPTION: An unspecified vulnerability in Java SE related to the Java....
7.5CVSS
0.6AI Score
0.148EPSS
Summary There are vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 6 that is used by IBM SAN Volume Controller and Storwize Family. These issues were disclosed as part of the IBM Java SDK updates in July 2015. Vulnerability Details CVEID: CVE-2015-2613 DESCRIPTION: An.....
5.5CVSS
5.9AI Score
0.008EPSS
Summary Multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition affect the product's management GUI. The Command Line Interface is unaffected. Vulnerability Details CVEID: CVE-2021-35603 DESCRIPTION: An unspecified vulnerability in Java SE related to the JSSE component could.....
5.9CVSS
0.8AI Score
0.002EPSS
Microsoft Secure: Explore innovations transforming the future of security
Building a more secure future requires an end-to-end approach. There is no question that technology plays an essential role, but security will always be human-centered. That’s what Microsoft Secure is all about. It’s about sharing knowledge, best practices, and technology innovations that empower.....
6.9AI Score
Microsoft Secure: Explore innovations transforming the future of security
Building a more secure future requires an end-to-end approach. There is no question that technology plays an essential role, but security will always be human-centered. That’s what Microsoft Secure is all about. It’s about sharing knowledge, best practices, and technology innovations that empower.....
6.9AI Score
What is it? The Short A web application that assists network defenders, analysts, and researchers in the process of mapping adversary behaviors to the MITRE ATT&CK® framework. The Long Decider is a tool to help analysts map adversary behavior to the MITRE ATT&CK framework. Decider makes creating...
6.7AI Score
6.8AI Score
7.4AI Score
6.8AI Score
Imperva recognized as a Strong Performer in Forrester Wave: Data Security Platforms, Q1 2023
The Forrester Wave evaluated the largest end-to-end providers of data security capabilities across a wide range of functionality to enable controls to enforce data security policies for both structured and unstructured data. In this report, Forrester provides an assessment of the top vendors in...
6.4AI Score
Security Bulletin: NVIDIA DGX-2, DGX Station A100, and DGX A100 - March 2023
NVIDIA has released a firmware security update for the NVIDIA DGX-2™ server, DGX A100 server, and DGX Station A100. This update addresses issues that may lead to code execution, denial of service, escalation of privileges, loss of data integrity, information disclosure, or data tampering. To...
8.8CVSS
8.4AI Score
0.001EPSS
Microsoft recognized as a Leader in The Forrester Wave™: Data Security Platforms, Q1 2023
Organizations need to protect their sensitive data including intellectual property, trade secrets, customer data, and personally identifiable information from both insiders and external cyber attackers. In fact, 80 percent of organizations experience more than one data breach in their lifetime.1...
6.5AI Score
Microsoft recognized as a Leader in The Forrester Wave™: Data Security Platforms, Q1 2023
Organizations need to protect their sensitive data including intellectual property, trade secrets, customer data, and personally identifiable information from both insiders and external cyber attackers. In fact, 80 percent of organizations experience more than one data breach in their lifetime.1...
6.5AI Score
Summary Vulnerabilities in IBM® SDK Java™ Technology Edition potentially affect IBM Workload Scheduler. These vulnerabilities have been addressed. Vulnerability Details ** CVEID: CVE-2022-21628 DESCRIPTION: **Java SE is vulnerable to a denial of service, caused by a flaw in the Lightweight HTTP...
5.3CVSS
0.6AI Score
0.002EPSS
Trellix HAX 2023 Capture the Flag Results!
Trellix HAX 2023 Capture the Flag Results! By Mark Bereza · March 17, 2023 This story was also written by Jesse Chick. All good things must come to an end, and our annual CTF is unfortunately no exception. When this competition began, we asked each of you to try your hand at 12 new challenges –...
6.7AI Score
Trellix HAX 2023 Capture the Flag Results!
Trellix HAX 2023 Capture the Flag Results! By Mark Bereza · March 17, 2023 This story was also written by Jesse Chick. All good things must come to an end, and our annual CTF is unfortunately no exception. When this competition began, we asked each of you to try your hand at 12 new challenges –...
7AI Score
Security Bulletin: IBM Cognos Command Center is affected by multiple vulnerabilities
Summary There are vulnerabilities in IBM® Runtime Environment Java™ Version 8 (CVE-2022-21248, CVE-2022-21293, CVE-2022-21294, CVE-2022-21341, CVE-2021-35578, CVE-2021-35603, CVE-2021-35550) and Eclipse Openj9 (CVE-2021-41035) used by IBM Cognos Command Center. IBM Cognos Command Center 10.2.4 Fix....
9.8CVSS
9.5AI Score
0.571EPSS
Rapid7 Threat Command Delivered 311% ROI: 2023 Forrester Consulting Total Economic Impact™ Study
Volume up (and not in a good way) Security teams must continuously contort their efforts to effectively respond to the growing volume of cyberthreats. These constantly shifting methods in the security operations center (SOC) can be difficult to manage in the face of emerging external threats—it...
6.6AI Score
Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8 used by WebSphere eXtreme Scale. Vulnerability Details ** CVEID: CVE-2022-21628 DESCRIPTION: **Java SE is vulnerable to a denial of service, caused by a flaw in the Lightweight HTTP Server. By sending a...
5.3CVSS
1.1AI Score
0.002EPSS
Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions 7.0, 7.1, 8.0 and 11.0 used by CICS Transaction Gateway for Multiplatforms and CICS Transaction Gateway Desktop Edition. CICS Transaction Gateway has addressed a CVE that could allow an unauthenticated attacker...
5.3CVSS
1AI Score
0.001EPSS
Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions 7.0, 7.1, 8.0 and 11.0.13 used by CICS Transaction Gateway for Multiplatforms and CICS Transaction Gateway Desktop Edition. CICS Transaction Gateway has addressed seven CVEs that can allow denial of service and...
5.3CVSS
0.8AI Score
0.002EPSS
Summary IBM® Runtime Environment Java™ Versions 7.0, 7.1 and 8.0 is used by CICS Transaction Gateway for Multiplatforms and CICS Transaction Gateway Desktop Edition. The fix removes vulnerability CVE-2022-21299 that could allow an unauthenticated attacker to cause a denial of service....
5.3CVSS
1.2AI Score
0.002EPSS
Summary IBM® Runtime Environment Java™ is used by CICS Transaction Gateway for Multiplatforms and CICS Transaction Gateway Desktop Edition. The fix removes vulnerabilities CVE-2022-21628, CVE-2022-21626, CVE-2022-21624 and CVE-2022-21619 that can allow an unauthenticated attacker to obtain...
5.3CVSS
0.7AI Score
0.002EPSS
Security Bulletin: IBM SDK, Java Technology Edition, Security Update February 2023
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, 8* that is used by Rational Application Developer®. These issues were disclosed as part of the IBM Java SDK updates up to February 2023. IBM 8 SR7 FP20 (1.8.0_351). Vulnerability Details ** CVEID: CVE-2022-3676 ...
6.5CVSS
1.6AI Score
0.002EPSS
Intel® Optane™ DC Persistent Memory for Windows Advisory
Summary: A potential security vulnerability in the Intel® Optane™ DC Persistent Memory for Windows software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2021-0106 Description: Incorrect default...
2.8AI Score
0.0004EPSS
OpenVINO™ Toolkit for Windows* Permissions Issue Advisory
Summary: A potential security vulnerability in OpenVINO™ Toolkit for Windows may allow escalation of privilege. Intel is releasing OpenVINO™ Toolkit for Windows updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2018-12162**** Description: Directory permissions in.....
1.3AI Score
0.0004EPSS
Intel® RealSense™ DCM Advisory
Summary: A potential security vulnerability in the Intel® RealSense™ Depth Camera Manager (DCM) software may allow information disclosure. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2021-33119 Description: Improper access control....
4.9AI Score
0.0004EPSS
Intel® Optane™ DC Persistent Memory Module Management Software Advisory
Summary: A potential security vulnerability in Intel® Optane™ DC Persistent Memory Module Management Software may allow escalation of privilege and denial of service. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2020-0546...
2.6AI Score
0.0004EPSS
Predictions for 2023 from Latest API Threat Research | API Security Newsletter
March has arrived and is roaring like a very confused lion, at least in the northern hemisphere. And much like in the wild, brood production is increasing. We've already seen some fruits of that labor, such as the Q4-2022 and 2022 Year-End ThreatStats™ Report, and some very tasty product upgrades.....
9.6CVSS
10AI Score
0.972EPSS
2022 Year-End API ThreatStats™ Report
In 2022, the Wallarm Threat Research team went through almost 350,000 reports to find 650 API-specific vulnerabilities, and tracked 115 published exploits impacting these vulnerabilities – all of which could negatively impact your business risk posture. The 2022 Year-End API ThreatStats™ Report...
-0.1AI Score
Intel® XMM™ 7560 Modem Software Advisory
Summary: Potential security vulnerabilities in some Intel® XMM™ 7560 Modem software may allow escalation of privilege. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2022-26513 Description: Out-of-bounds write in some Intel(R)...
4.2AI Score
0.001EPSS
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8. that is used by IBM Workflow for Bluemix. These issues were disclosed as part of the IBM® SDK, Java™ Technology Edition updates in October 2015. Vulnerability Details CVEID: CVE-2015-4872 DESCRIPTION: An...
5.7AI Score
0.074EPSS
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 that is used by IBM Workflow for Bluemix. These issues were disclosed as part of the IBM® SDK, Java™ Technology Edition updates in April 2016. Vulnerability Details CVEID: CVE-2016-3426 DESCRIPTION: An...
3.1CVSS
1AI Score
0.007EPSS
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Bluemix Workflow
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7.1 that is used by Bluemix Workflow. These issues were disclosed as part of the IBM Java SDK updates in January 2015. This bulletin also addresses the “FREAK: Factoring Attack on RSA-EXPORT keys" TLS/SSL...
3.4CVSS
4.9AI Score
0.975EPSS