Summary There are multiple vulnerabilities in the IBM® SDK Java™ Technology Edition that is shipped with IBM WebSphere Application Server. These may affect some configurations of IBM WebSphere Application Server Traditional, IBM WebSphere Application Server Liberty and IBM WebSphere Application...
8.1CVSS
1.1AI Score
0.003EPSS
Summary There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with Liberty for Java for IBM Cloud. These might affect some configurations of Liberty for Java for IBM Cloud. These products have addressed the applicable CVEs. If you run your own Java code using....
5.9CVSS
1.2AI Score
0.002EPSS
Summary Multiple Vulnerabilities in IBM® SDK, Java™ Technology Edition affect Liberty for Java July 2020 CPU. Vulnerability Details ** CVEID: CVE-2020-14583 DESCRIPTION: **An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause...
8.3CVSS
0.7AI Score
0.003EPSS
Security Bulletin: NVIDIA CUDA Toolkit - October 2022
NVIDIA has released a software update for NVIDIA® CUDA® Toolkit software. This update addresses security issues that may lead to code execution, denial of service, or information disclosure. To protect your system, download and install this software update from the CUDA Toolkit Downloads page. Go.....
4.4CVSS
3.8AI Score
0.001EPSS
Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions. Sterling Connect:Direct Browser User Interface has addressed the applicable CVEs. Vulnerability Details ** CVEID: CVE-2022-21496 DESCRIPTION: **An unspecified vulnerability in Java SE related to the JNDI...
5.3CVSS
1AI Score
0.001EPSS
Security Bulletin: A vulnerability in IBM Java SDK and IBM Java Runtime affects IBM QRadar SIEM
Summary A vulnerability in IBM® SDK Java™ Technology Edition, Version 8 and IBM® Runtime Environment Java™ Version 8 used by IBM QRadar SIEM. IBM QRadar SIEM has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2022-21299 DESCRIPTION: An unspecified vulnerability in Java SE related...
5.3CVSS
1.9AI Score
0.002EPSS
Summary There is a vulnerability in IBM® SDK Java™ Technology Edition, Version 7 and 8 and IBM® Runtime Environment Java™ Version 7 and 8 used by Rational Business Developer. Rational Business Developer has provided a fix for the applicable CVE. This issue was disclosed as part of the IBM Java SDK....
5.3CVSS
0.8AI Score
0.002EPSS
Summary There is a vulnerability in IBM® SDK Java™ Technology Edition, Version 7 and 8 and IBM® Runtime Environment Java™ Version 7 and 8 used by Rational Business Developer. Rational Business Developer has provided a fix for the applicable CVE. This issue was disclosed as part of the IBM Java SDK....
5.3CVSS
1AI Score
0.002EPSS
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 and 8 and IBM® Runtime Environment Java™ Version 7 and 8 used by Rational Business Developer. Rational Business Developer has provided fixes for the applicable CVEs. These issues were disclosed as part of...
5.3CVSS
2.4AI Score
0.001EPSS
Why Imperva is a Cybersecurity Awareness Month Champion
This is our second consecutive year as a champion of Cybersecurity Awareness Month. Nowadays, IT security is everyone’s responsibility, and that’s something we take very seriously. Cybersecurity Awareness Month raises awareness of the core principles behind cybersecurity and highlights the key...
0.3AI Score
Summary IBM Virtualization Engine TS7700 is vulnerable to a data integrity threat (CVE-2022-21496) due to the use of IBM® SDK Java™ Technology Edition, Version 8. The SDK is used by the TS7700 to provide the Management Interface, to perform cache management, and to provide Transparent Cloud...
5.3CVSS
0.9AI Score
0.001EPSS
Summary IBM® SDK, Java™ Technology Edition is shipped as a component of IBM Tivoli Business Service Manager. Information about security vulnerabilities affecting IBM® SDK, Java™ Technology Edition has been published in a security bulletin. Vulnerability Details Refer to the security bulletin(s)...
5.9CVSS
1.9AI Score
0.004EPSS
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 used by IBM Tivoli Business Service Manager. IBM Tivoli Business Service Manager has addressed the applicable CVEs. These issues were disclosed in the Oracle January 2022 Critical Patch Update, minus...
5.3CVSS
2.5AI Score
0.002EPSS
Summary IBM® SDK, Java™ Technology Edition is shipped as a component of IBM Tivoli Business Service Manager. Information about security vulnerabilities affecting IBM® SDK, Java™ Technology Edition has been published in a security bulletin. Vulnerability Details Refer to the security bulletin(s)...
5.3CVSS
1.9AI Score
0.001EPSS
Summary CVE-2021-35561 was disclosed as part of the Oracle October 2021 Critical Patch Update. Vulnerability Details ** CVEID: CVE-2021-35561 DESCRIPTION: **An unspecified vulnerability in Java SE related to the Utility component could allow an unauthenticated attacker to cause a denial of...
5.3CVSS
0.2AI Score
0.002EPSS
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 1.8 used by Content Collector for Email, Content Collector for File Systems, Content Collector for Microsoft SharePoint and Content Collector for IBM Connections. Vulnerability Details ** CVEID:...
5.3CVSS
0.8AI Score
0.001EPSS
Hackers Aid Protests Against Iranian Government with Proxies, Leaks and Hacks
Several hacktivist groups are using Telegram and other tools to aid anti-government protests in Iran to bypass regime censorship restrictions amid ongoing unrest in the country following the death of Mahsa Amini in custody. "Key activities are data leaking and selling, including officials' phone...
1.4AI Score
The secrets of Schneider Electric’s UMAS protocol
UMAS (Unified Messaging Application Services) is a proprietary Schneider Electric (SE) protocol used to configure and monitor Schneider Electric PLCs. Schneider Electric controllers that use UMAS include Modicon M580 CPU (part numbers BMEP and BMEH) and Modicon M340 CPU (part numbers BMXP34*)....
9.8CVSS
1.3AI Score
0.004EPSS
CISA Publishes User Guide to Prepare for Nov. 1 Move to TLP 2.0
CISA has published its Traffic Light Protocol 2.0 User Guide and Traffic Light Protocol: Moving to Version 2.0 fact sheet in preparation for its November 1, 2022 move from Traffic Light Protocol (TLP) Version 1.0 to TLP 2.0. Managed by the Forum of Incident Response and Security Teams (FIRST), TLP....
0.7AI Score
Summary There is a vulnerability in IBM® Runtime Environment Java™ Versions 7 & 8 used by IBM CPLEX Optimization Studio. IBM CPLEX Optimization Studio has addressed the applicable CVE. Vulnerability Details ** CVEID: CVE-2022-21299 DESCRIPTION: **An unspecified vulnerability in Java SE related to.....
5.3CVSS
0.6AI Score
0.002EPSS
Summary There is a vulnerability in IBM® SDK Java™ and IBM® Runtime Environment Java™ Versions 7 & 8 used by IBM Decision Optimization Center. IBM Decision Optimization Center has addressed the applicable CVE. Vulnerability Details ** CVEID: CVE-2021-35561 DESCRIPTION: **An unspecified...
5.3CVSS
1.4AI Score
0.002EPSS
Summary There are multiple vulnerabilities in IBM® SDK Java™ and IBM® Runtime Environment Java™ Versions 7 & 8 used by IBM Decision Optimization Center. IBM Decision Optimization Center has addressed the applicable CVEs. Vulnerability Details ** CVEID: CVE-2022-21496 DESCRIPTION: **An unspecified.....
5.3CVSS
1.6AI Score
0.001EPSS
Summary There is a vulnerability in IBM® Runtime Environment Java™ Version 8 used by SPSS Collaboration and Deployment Services. This issue has been addressed. Vulnerability Details ** CVEID: CVE-2022-21496 DESCRIPTION: **An unspecified vulnerability in Java SE related to the JNDI component could.....
5.3CVSS
0.8AI Score
0.001EPSS
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 1.8 and IBM® Runtime Environment Java™ Version 1.8 used by Rational Functional Tester. Rational Functional Tester has addressed the applicable CVEs. Vulnerability Details ** CVEID: CVE-2022-21541 DESCRIPTION:.....
5.9CVSS
2AI Score
0.002EPSS
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition used by IBM App Connect Enterprise and IBM Integration Bus. These issues were disclosed as part of the IBM SDK, Java Technology Edition Quarterly CPU - Apr 2022 (includes Oracle April 2022 CPU). The fix includes IBM...
5.3CVSS
1.5AI Score
0.002EPSS
Summary There is a vulnerability in IBM® SDK Java™ and IBM® Runtime Environment Java™ Versions 7 & 8 used by IBM Decision Optimization Center. IBM Decision Optimization Center has addressed the applicable CVE. Vulnerability Details ** CVEID: CVE-2022-21299 DESCRIPTION: **An unspecified...
5.3CVSS
1AI Score
0.002EPSS
Abstract The IMS™ Connect API for Java™ component of IMS Enterprise Suite version 2.2 contains a frame injection vulnerability for Javadoc™. Content VULNERABILITY DETAILS CVE ID: CVE-2013-1571 DESCRIPTION HTML documentation generated by the Javadoc tool contains a security vulnerability. The...
-0.1AI Score
0.904EPSS
Abstract IBM InfoSphere Streams makes use of IBM Java SE Version 6 SR12 SDK. Potential security exposures exist in IBM InfoSphere Streams due to vulnerabilities in IBM Java SE Version 6 SDK. Content VULNERABILITY DETAILS: CVE-2013-0440, CVE-2013-0443 **DESCRIPTION: ** Vulnerabilities in the...
AI Score
0.067EPSS
Security Bulletin: IBM DB2 Java API Documentation Frame Injection Vulnerability (CVE-2013-1571)
Abstract Java API Documentation contains a frame injection vulnerability. Content **VULNERABILITY DETAILS: ** **CVEID: ** CVE-2013-1571 DESCRIPTION: HTML documentation generated by the Javadoc tool contains a security vulnerability. The vulnerability allows an attacker to craft a malicious...
AI Score
0.904EPSS
Abstract Vulnerability in IBM DB2 could allow an authenticated user to cause a stack-based buffer overflow and possibly attain remote code execution. Content VULNERABILITY DETAILS CVE ID: CVE-2012-4826 DESCRIPTION: The IBM DB2 products listed below contain a security vulnerability that...
-0.4AI Score
0.121EPSS
Security Bulletin: IBM DB2 is impacted by a vulnerability in the IBM GSKit library (CVE-2013-0169).
Abstract GSKit is used by IBM DB2 for SSL support. The version of GSKit iused by DB2 is vulnerable to the “Lucky Thirteen” security vulnerability. By default, DB2 does not use SSL for client-server communication and therefore DB2 is vulnerable only if SSL is enabled. Content VULNERABILITY...
0.4AI Score
0.005EPSS
Abstract Issues disclosed in the Oracle October 2013 Java SE Critical Patch Update, plus 6 additional vulnerabilities Content VULNERABILITY DETAILS: CVE IDs: CVE-2013-5456 CVE-2013-5457 CVE-2013-5458 CVE-2013-4041 CVE-2013-5375 CVE-2013-5372 CVE-2013-5843 CVE-2013-5789 CVE-2013-5830 CVE-2013-5829.....
0.8AI Score
0.143EPSS
Abstract The SOAP Gateway component of IMS™ Enterprise Suite versions 1.1, 2.1, and 2.2 is affected by multiple vulnerabilities in IBM® Java™ and could allow remote, arbitrary command execution. Content VULNERABILITY DETAILS: CVE ID: CVE-2013-0440 DESCRIPTION: An unspecified vulnerability...
1.5AI Score
0.067EPSS
Security Bulletin: Privilege escalation vulnerability in IBM DB2's Audit Facility (CVE-2013-3475).
Abstract Vulnerability in IBM DB2's Audit Facility could allow an escalation of privilege attack. Content VULNERABILITY DETAILS CVE ID: CVE-2013-3475 Description: The IBM DB2 products listed below contain a security vulnerability in the DB2 Audit Facility which allows an attacker to gain DB2...
0.2AI Score
0.0004EPSS
Security Bulletin: IBM DB2 Security Vulnerability in the UTL_FILE module (CVE-2012-3324).
Abstract Vulnerability in IBM DB2 could allow an authenticated user, without proper authorization, to view, modify and delete any file. Content VULNERABILITY DETAILS CVE ID: CVE-2012-3324 DESCRIPTION: The IBM DB2 products listed below contain a security vulnerability that could allow an...
-0.1AI Score
0.002EPSS
Security Bulletin: Denial of Service Security Vulnerability in DB2’s XML Feature. (CVE-2012-0712)
Abstract Vulnerability in IBM DB2’s XML Feature could allow a remote attacker to cause the database server to crash. Content VULNERABILITY DETAILS CVE ID: CVE-2012-0712 DESCRIPTION: The IBM DB2 products listed below contain a security vulnerability in DB2’s XML Feature which could allow a...
-0.2AI Score
0.007EPSS
Abstract Vulnerability in IBM DB2 Administrator Server could allow an escalation of privilege attack. Content VULNERABILITY DETAILS CVE ID: CVE-2012-0711 DESCRIPTION: The IBM DB2 products listed below contain a security vulnerability in the DB2 Administration Server (DAS) which would allow...
AI Score
0.139EPSS
Security Bulletin: DB2 Denial of Service Vulnerability in DRDA (CVE-2012-0710)
Abstract Vulnerability in IBM DB2 server products could allow a specially-crafted DRDA request to crash the server. Content VULNERABILITY DETAILS CVE ID: CVE-2012-0710 DESCRIPTION: A vulnerability in the IBM DB2 products listed below could allow an unauthenticated, remote attacker to sent a...
0.3AI Score
0.073EPSS
Abstract Vulnerability in IBM DB2 XML Feature could allow a remote attacker to view XML files owned by the DB2 instance owner. Content VULNERABILITY DETAILS CVE ID: CVE-2012-0713 DESCRIPTION: The IBM DB2 products listed below contain a security vulnerability in the DB2 XML Feature which...
-0.2AI Score
0.001EPSS
Security Bulletin: DB2 Denial of Service Vulnerability in DRDA (CVE-2012-2180)
Abstract Vulnerability in IBM DB2 server products could allow a specially-crafted DRDA request to cause disruption to the server. Content VULNERABILITY DETAILS CVE ID: CVE-2012-2180 DESCRIPTION: A vulnerability in the IBM DB2 products listed below could allow an unauthenticated, remote...
-0.1AI Score
0.007EPSS
Security Bulletin: Unauthorized Access to Table Vulnerability in DB2 (CVE-2012-0709)
Abstract Vulnerability in IBM DB2 could allow an authenticated user to view data from a table to which they do not have privilege. Content VULNERABILITY DETAILS CVE ID: CVE-2012-0709 DESCRIPTION: The IBM DB2 products listed below contain a security vulnerability which would allow an...
AI Score
0.008EPSS
Security Bulletin: Vulnerability in SSLv3 affects IBM Data Studio Web Console (CVE-2014-3566)
Abstract SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption (POODLE) attack. SSLv3 is enabled in IBM Data Studio Web Console. Content Vulnerability Details CVE-ID: CVE-2014-3566 DESCRIPTION: IBM Data Studio Web Console could allow a...
3.4CVSS
4AI Score
0.975EPSS
Abstract There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, IBM SDK, Java Technology Edition, Version 7 Service Refresh 8 that is used the following IMS™ Enterprise Suite components: Connect API for Java, SOAP Gateway, and Explorer for Development. These issues were disclosed....
5.3AI Score
0.698EPSS
Abstract Java™ API Documentation contains a frame injection vulnerability. Content **VULNERABILITY DETAILS: ** CVEID: CVE-2013-1571 DESCRIPTION: HTML documentation generated by the Javadoc tool contains a security vulnerability. The vulnerability allows an attacker to craft a malicious link to...
0.2AI Score
0.904EPSS
Abstract Multiple security vulnerabilities exist in the IBM SDK for Java that is shipped with IBM WebSphere Application Server and is included in IBM WebSphere Lombardi Edition. Content **VULNERABILITY DETAILS: ** **DESCRIPTION: ** This Security Bulletin addresses the security vulnerabilities...
-0.2AI Score
0.904EPSS
Abstract Java™ API Documentation contains a frame injection vulnerability. Content **VULNERABILITY DETAILS: ** CVEID: CVE-2013-1571 DESCRIPTION: HTML documentation generated by the Javadoc tool contains a security vulnerability. The vulnerability allows an attacker to craft a malicious link...
-0.1AI Score
0.904EPSS
Abstract Java™ API Documentation contains a frame injection vulnerability. Content **VULNERABILITY DETAILS: ** CVEID: CVE-2013-1571 DESCRIPTION: HTML documentation generated by the Javadoc tool contains a security vulnerability. The vulnerability allows an attacker to craft a malicious link to...
0.2AI Score
0.904EPSS
Abstract IMS™ Enterprise Suite SOAP Gateway V1.1, V2.1, and V2.2 security vulnerabilities in SSL connections and login processes. Content Security Bulletin: Multiple vulnerabilities exist in IMS Enterprise Suite SOAP Gateway (CVE-2012-5785, CVE-2013-0483) SUMMARY: IMS™ Enterprise Suite SOAP...
0.4AI Score
0.002EPSS
Abstract Java™ API Documentation contains a frame injection vulnerability. Content VULNERABILITY DETAILS CVEID CVE-2013-1571 DESCRIPTION HTML documentation generated by the Javadoc tool contains a security vulnerability. The vulnerability allows an attacker to craft a malicious link to the...
AI Score
0.904EPSS
Abstract Java™ API Documentation contains a frame injection vulnerability. Content **VULNERABILITY DETAILS: ** CVEID: CVE-2013-1571 DESCRIPTION: HTML documentation generated by the Javadoc tool contains a security vulnerability. The vulnerability allows an attacker to craft a malicious link to...
0.1AI Score
0.904EPSS