Summary Potential Elastic Elasticsearch-Hadoop arbitrary code execution vulnerabilitiy.(CVE-2023-46674)has been identified that may affect IBM Watson CP4D Data Stores. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details ** CVEID:...
7.8CVSS
7.9AI Score
0.0004EPSS
Summary Potential Golang Go Information disclosure vulnerabilitiy.(CVE-2023-39326) has been identified that may affect IBM Watson CP4D Data Stores. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details ** CVEID: CVE-2023-39326 DESCRIPTION:...
5.3CVSS
6.5AI Score
0.001EPSS
Summary Potential Golang Go directory transversal vulnerabilitiy.(CVE-2023-45283) has been identified that may affect IBM Watson CP4D Data Stores. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details ** CVEID: CVE-2023-45283 DESCRIPTION:...
7.5CVSS
7.1AI Score
0.001EPSS
Summary Potential Golang Go Information disclosure vulnerabilitiy.(CVE-2023-39326) has been identified that may affect IBM Watson CP4D Data Stores. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details ** CVEID: CVE-2023-39326 DESCRIPTION:...
5.3CVSS
6.5AI Score
0.001EPSS
Summary Potential Elastic Elasticsearch denial of service vulnerabilitiy.(CVE-2023-31418) has been identified that may affect IBM Watson CP4D Data Stores. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details ** CVEID: CVE-2023-31418 ...
7.5CVSS
7.1AI Score
0.001EPSS
Summary Potential Golang Go arbitrary code execution vulnerabilitiy.( CVE-2023-39323) has been identified that may affect IBM Watson CP4D Data Stores. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details ** CVEID: CVE-2023-39323 DESCRIPTION:...
8.1CVSS
8.1AI Score
0.002EPSS
Summary Potentialcode execution vulnerability in Apache Commons Configuration ( CVE-2024-29131) has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details ** CVEID:...
8.5AI Score
0.0004EPSS
Security Bulletin: IBM Resilient SOAR is vulnerable to command injection (CVE-2024-38319)
Summary It was possible for a privileged user to inject malicious commands that could be executed as another user. This issue has been addressed. Vulnerability Details ** CVEID: CVE-2024-38319 DESCRIPTION: **IBM Security SOAR could allow an authenticated user to execute malicious code loaded...
7.5CVSS
7.1AI Score
0.0004EPSS
Summary Potential vulnerabilities in Node.js related to the VM component ( CVE-2023-44487, CVE-2023-45143 ) has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details.....
7.5CVSS
7.6AI Score
0.732EPSS
In the Linux kernel, the following vulnerability has been resolved: enic: Validate length of nl attributes in enic_set_vf_port enic_set_vf_port assumes that the nl attribute IFLA_PORT_PROFILE is of length PORT_PROFILE_MAX and that the nl attributes IFLA_PORT_INSTANCE_UUID, IFLA_PORT_HOST_UUID are.....
6.9AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: extend minimum interval restriction to entire cycle too It is possible for syzbot to side-step the restriction imposed by the blamed commit in the Fixes: tag, because the taprio UAPI permits a cycle-time...
6.9AI Score
0.0004EPSS
Improper privilege management vulnerability in Parallels Desktop Software, which affects versions earlier than 19.3.0. An attacker could add malicious code in a script and populate the BASH_ENV environment variable with the path to the malicious script, executing on application startup. An...
10CVSS
0.001EPSS
Improper privilege management vulnerability in Parallels Desktop Software, which affects versions earlier than 19.3.0. An attacker could add malicious code in a script and populate the BASH_ENV environment variable with the path to the malicious script, executing on application startup. An...
10CVSS
7.7AI Score
0.001EPSS
Summary Security vulnerabilities may affect IBM WebSphere Liberty shipped with IBM CICS TX Advanced. IBM CICS TX Advanced has addressed the issue. Vulnerability Details ** CVEID: CVE-2024-25026 DESCRIPTION: **IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty...
7.5CVSS
7.5AI Score
0.0004EPSS
CVE-2024-6240 Improper privilege management vulnerability in Parallels Desktop
Improper privilege management vulnerability in Parallels Desktop Software, which affects versions earlier than 19.3.0. An attacker could add malicious code in a script and populate the BASH_ENV environment variable with the path to the malicious script, executing on application startup. An...
7.7CVSS
0.001EPSS
CVE-2024-6240 Improper privilege management vulnerability in Parallels Desktop
Improper privilege management vulnerability in Parallels Desktop Software, which affects versions earlier than 19.3.0. An attacker could add malicious code in a script and populate the BASH_ENV environment variable with the path to the malicious script, executing on application startup. An...
7.7CVSS
7.2AI Score
0.001EPSS
Security Bulletin: Multiple Linux Kernel vulnerabilities affect IBM Storage Scale System.
Summary There are multiple vulnerabilities in the Linux Kernel, used by IBM Storage Scale System, which could allow a local authenticated attacker to gain elevated privileges on the system. Fixes for these vulnerabilities are available. CVE-2023-51043, CVE-2024-1086, CVE-2024-0646, CVE-2023-6932,.....
7.8CVSS
8.4AI Score
0.002EPSS
Summary IBM Security SOAR uses an older version of ElasticSearch that may be identified and exploited. An update has been released which addresses these issues. It is recommended upgrading to Version 51.0.2.1 or later of IBM Security SOAR. Vulnerability Details ** CVEID: CVE-2024-23450 ...
7.5CVSS
6.9AI Score
0.005EPSS
In the Linux kernel, the following vulnerability has been resolved: enic: Validate length of nl attributes in enic_set_vf_port enic_set_vf_port assumes that the nl attribute IFLA_PORT_PROFILE is of length PORT_PROFILE_MAX and that the nl attributes IFLA_PORT_INSTANCE_UUID, IFLA_PORT_HOST_UUID are.....
6.6AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: enic: Validate length of nl attributes in enic_set_vf_port enic_set_vf_port assumes that the nl attribute IFLA_PORT_PROFILE is of length PORT_PROFILE_MAX and that the nl attributes IFLA_PORT_INSTANCE_UUID, IFLA_PORT_HOST_UUID...
6.9AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: enic: Validate length of nl attributes in enic_set_vf_port enic_set_vf_port assumes that the nl attribute IFLA_PORT_PROFILE is of length PORT_PROFILE_MAX and that the nl attributes IFLA_PORT_INSTANCE_UUID, IFLA_PORT_HOST_UUID are.....
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: extend minimum interval restriction to entire cycle too It is possible for syzbot to side-step the restriction imposed by the blamed commit in the Fixes: tag, because the taprio UAPI permits a cycle-time...
6.6AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: extend minimum interval restriction to entire cycle too It is possible for syzbot to side-step the restriction imposed by the blamed commit in the Fixes: tag, because the taprio UAPI permits a cycle-time...
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: extend minimum interval restriction to entire cycle too It is possible for syzbot to side-step the restriction imposed by the blamed commit in the Fixes: tag, because the taprio UAPI permits a cycle-time...
7AI Score
0.0004EPSS
CVE-2024-38659 enic: Validate length of nl attributes in enic_set_vf_port
In the Linux kernel, the following vulnerability has been resolved: enic: Validate length of nl attributes in enic_set_vf_port enic_set_vf_port assumes that the nl attribute IFLA_PORT_PROFILE is of length PORT_PROFILE_MAX and that the nl attributes IFLA_PORT_INSTANCE_UUID, IFLA_PORT_HOST_UUID are.....
0.0004EPSS
CVE-2024-38659 enic: Validate length of nl attributes in enic_set_vf_port
In the Linux kernel, the following vulnerability has been resolved: enic: Validate length of nl attributes in enic_set_vf_port enic_set_vf_port assumes that the nl attribute IFLA_PORT_PROFILE is of length PORT_PROFILE_MAX and that the nl attributes IFLA_PORT_INSTANCE_UUID, IFLA_PORT_HOST_UUID are.....
7AI Score
0.0004EPSS
CVE-2024-36244 net/sched: taprio: extend minimum interval restriction to entire cycle too
In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: extend minimum interval restriction to entire cycle too It is possible for syzbot to side-step the restriction imposed by the blamed commit in the Fixes: tag, because the taprio UAPI permits a cycle-time...
0.0004EPSS
IBM i 7.3, 7.4, and 7.5 product IBM TCP/IP Connectivity Utilities for i contains a local privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges to gain root access to the host operating system. IBM X-Force ID: ...
7.8CVSS
0.0004EPSS
IBM i 7.3, 7.4, and 7.5 product IBM TCP/IP Connectivity Utilities for i contains a local privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges to gain root access to the host operating system. IBM X-Force ID: ...
7.8CVSS
8AI Score
0.0004EPSS
CVE-2024-31890 IBM i privilege escalation
IBM i 7.3, 7.4, and 7.5 product IBM TCP/IP Connectivity Utilities for i contains a local privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges to gain root access to the host operating system. IBM X-Force ID: ...
7.8CVSS
7AI Score
0.0004EPSS
CVE-2024-31890 IBM i privilege escalation
IBM i 7.3, 7.4, and 7.5 product IBM TCP/IP Connectivity Utilities for i contains a local privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges to gain root access to the host operating system. IBM X-Force ID: ...
7.8CVSS
0.0004EPSS
CVE-2024-26908 affecting package kernel for versions less than 6.6.29.1-4
CVE-2024-26908 affecting package kernel for versions less than 6.6.29.1-4. An upgraded version of the package is available that resolves this...
6.9AI Score
0.0004EPSS
CVE-2024-33873 affecting package hdf5 for versions less than 1.14.4.3-1
CVE-2024-33873 affecting package hdf5 for versions less than 1.14.4.3-1. An upgraded version of the package is available that resolves this...
7AI Score
EPSS
CVE-2024-32615 affecting package hdf5 for versions less than 1.14.4.3-1
CVE-2024-32615 affecting package hdf5 for versions less than 1.14.4.3-1. An upgraded version of the package is available that resolves this...
7AI Score
EPSS
CVE-2023-45288 affecting package cri-o for versions less than 1.30.1-1
CVE-2023-45288 affecting package cri-o for versions less than 1.30.1-1. An upgraded version of the package is available that resolves this...
6.9AI Score
0.0004EPSS
CVE-2023-49568 affecting package cri-o for versions less than 1.30.1-1
CVE-2023-49568 affecting package cri-o for versions less than 1.30.1-1. An upgraded version of the package is available that resolves this...
7.5CVSS
6.9AI Score
0.0005EPSS
CVE-2024-32621 affecting package hdf5 for versions less than 1.14.4.3-1
CVE-2024-32621 affecting package hdf5 for versions less than 1.14.4.3-1. An upgraded version of the package is available that resolves this...
7AI Score
EPSS
CVE-2024-29161 affecting package hdf5 for versions less than 1.14.4.3-1
CVE-2024-29161 affecting package hdf5 for versions less than 1.14.4.3-1. An upgraded version of the package is available that resolves this...
7AI Score
EPSS
CVE-2019-11835 affecting package libglvnd for versions less than 1.7.0-2
CVE-2019-11835 affecting package libglvnd for versions less than 1.7.0-2. A patched version of the package is...
9.8CVSS
7AI Score
0.005EPSS
CVE-2022-23639 affecting package librsvg2 for versions less than 2.58.1-1
CVE-2022-23639 affecting package librsvg2 for versions less than 2.58.1-1. An upgraded version of the package is available that resolves this...
8.1CVSS
6.9AI Score
0.003EPSS
CVE-2022-2879 affecting package cri-o for versions less than 1.30.1-1
CVE-2022-2879 affecting package cri-o for versions less than 1.30.1-1. An upgraded version of the package is available that resolves this...
7.5CVSS
7.8AI Score
0.002EPSS
CVE-2024-32619 affecting package hdf5 for versions less than 1.14.4.3-1
CVE-2024-32619 affecting package hdf5 for versions less than 1.14.4.3-1. An upgraded version of the package is available that resolves this...
7AI Score
EPSS
CVE-2024-32611 affecting package hdf5 for versions less than 1.14.4.3-1
CVE-2024-32611 affecting package hdf5 for versions less than 1.14.4.3-1. An upgraded version of the package is available that resolves this...
7AI Score
EPSS
CVE-2024-32620 affecting package hdf5 for versions less than 1.14.4.3-1
CVE-2024-32620 affecting package hdf5 for versions less than 1.14.4.3-1. An upgraded version of the package is available that resolves this...
7AI Score
EPSS
CVE-2024-29164 affecting package hdf5 for versions less than 1.14.4.3-1
CVE-2024-29164 affecting package hdf5 for versions less than 1.14.4.3-1. An upgraded version of the package is available that resolves this...
7AI Score
EPSS
CVE-2024-29160 affecting package hdf5 for versions less than 1.14.4.3-1
CVE-2024-29160 affecting package hdf5 for versions less than 1.14.4.3-1. An upgraded version of the package is available that resolves this...
7AI Score
EPSS
CVE-2024-28182 affecting package nodejs for versions less than 20.14.0-1
CVE-2024-28182 affecting package nodejs for versions less than 20.14.0-1. An upgraded version of the package is available that resolves this...
5.3CVSS
7.1AI Score
0.0004EPSS
CVE-2024-31852 affecting package llvm for versions less than 18.1.2-3
CVE-2024-31852 affecting package llvm for versions less than 18.1.2-3. A patched version of the package is...
7AI Score
0.0004EPSS
CVE-2023-46853 affecting package memcached for versions less than 1.6.27-1
CVE-2023-46853 affecting package memcached for versions less than 1.6.27-1. An upgraded version of the package is available that resolves this...
9.8CVSS
6.9AI Score
0.001EPSS
CVE-2024-0553 affecting package gnutls for versions less than 3.8.3-1
CVE-2024-0553 affecting package gnutls for versions less than 3.8.3-1. An upgraded version of the package is available that resolves this...
7.5CVSS
7.1AI Score
0.008EPSS