Lucene search
K

21251 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 2:47 a.m.41 views

Security Bulletin: Multiple vulnerabilities affect IBM Db2® on Cloud Pak for Data, and Db2 Warehouse on Cloud Pak for Data

Summary IBM has released the below fix for IBM Db2® on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data in response to multiple vulnerabilities found in multiple components. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details...

9.9CVSS10AI score0.8833EPSS
Exploits21Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 2:42 a.m.48 views

Security Bulletin: IBM Security Verify Access is vulnerable to multiple Security Vulnerabilities

Summary The IBM Security Verify Access Appliance and IBM Security Verify Access Container has addressed multiple vulnerabilities in release 10.0.0.8. Vulnerability Details CVEID:CVE-2024-31883 DESCRIPTION: IBM Security Verify Access, under certain configurations, could allow an unauthenticated...

7.5CVSS7.6AI score0.03028EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 2:40 a.m.47 views

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Node.js

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Node.js Vulnerability Details CVEID:CVE-2024-22017 DESCRIPTION: Node.js could allow a local attacker to gain elevated privileges on the system, caused by the failure of setuid to drop all privileges due to...

10CVSS8.4AI score0.01309EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 2:38 a.m.42 views

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation Fixes for May 2024.

Summary In addition to OS level package updates, multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 21.0.3-IF033 and 23.0.2-IF005. Vulnerability Details CVEID:CVE-2024-21501 DESCRIPTION: Node.js sanitize-html module could allow a remote attacker to obtain...

9.8CVSS10AI score0.05276EPSS
Exploits7Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 2:37 a.m.82 views

Security Bulletin: Multiple vulnerabilities in IBM Spectrum Protect Plus Container backup and restore for Kubernetes and OpenShift

Summary IBM Spectrum Protect Plus Container backup and restore for OpenShift can be affected by vulnerabilities in Python, OpenSSH, Golang Go, Redis, urllib3, dnspython and gunicorn. Vulnerabilities include denial of service, cross-site scripting, gain elevated privileges on the system, allow a...

9.8CVSS9.9AI score0.4292EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 2:37 a.m.66 views

Security Bulletin: IBM Operational Decision Manager for April 2024 - Multiple CVEs addressed

Summary IBM Operational Decision Manager is vulnerable to multiple remote code execution and denial of service attacks in third party and open source used in the product for various functions. See full list below. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2014-0114...

9.8CVSS9.9AI score0.95821EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 2:34 a.m.57 views

Security Bulletin: Multiple vulnerabilities affect IBM Db2® on Cloud Pak for Data, and Db2 Warehouse on Cloud Pak for Data

Summary IBM has released the below fix for IBM Db2® on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data in response to multiple vulnerabilities found in multiple components. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details...

9.8CVSS9.7AI score0.17673EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 2:28 a.m.80 views

Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities

Summary IBM QRadar SIEM includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. These have been addressed in the update. Vulnerability Details CVEID:CVE-2024-30203 DESCRIPTION: GNU Emacs could provide weaker than expected security,...

9.8CVSS9.9AI score0.01323EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 2:27 a.m.75 views

Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities

Summary IBM QRadar SIEM includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. These have been addressed in the update. Vulnerability Details CVEID:CVE-2019-13224 DESCRIPTION: oniguruma is vulnerable to a denial of service, caused by ...

9.8CVSS9.6AI score0.27095EPSS
Exploits14Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 2:23 a.m.21 views

Security Bulletin: IBM QRadar Use Case Manager app is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. The update addresses these issues. Vulnerability Details CVEID:CVE-2024-45590 DESCRIPTION: expressjs body-parser is vulnerable to a denial of service, caused by ...

9.8CVSS9.4AI score0.19193EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 2:22 a.m.45 views

Security Bulletin: IBM Maximo Application Suite - IoT Component uses aiohttp-3.8.6-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl which is vulnerable to CVE-2024-23829, CVE-2023-49082, CVE-2024-23334 and CVE-2023-49081

Summary IBM Maximo Application Suite - IoT Component uses aiohttp-3.8.6-cp37-cp37m-manylinux217x8664.manylinux2014x8664.whl which is vulnerable to CVE-2024-23829, CVE-2023-49082, CVE-2024-23334 and CVE-2023-49081. This bulletin contains information regarding the vulnerability and its fixture...

7.5CVSS7.1AI score0.76875EPSS
Exploits18Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 2:20 a.m.72 views

Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities

Summary IBM QRadar SIEM includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. These have been addressed in the update. Vulnerability Details CVEID:CVE-2023-42503 DESCRIPTION: Apache Commons Compress is vulnerable to a denial of...

9.8CVSS9.5AI score0.07269EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 2:18 a.m.74 views

Security Bulletin: IBM Operational Decision Manager for January 2024 - Multiple CVEs addressed

Summary IBM Operational Decision Manager is vulnerable to multiple remote code execution and denial of service attacks in third party and open source used in the product for various functions. See full list below. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2023-34054...

9.8CVSS8.5AI score0.764EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 2:17 a.m.78 views

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for March 2024.

Summary In addition to OS level package updates, multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 21.0.3-IF031 and 23.0.2-IF003. Vulnerability Details CVEID:CVE-2023-44270 DESCRIPTION: PostCSS could allow a remote attacker to bypass security restrictions,...

9.8CVSS9.7AI score0.93305EPSS
Exploits8Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 2:16 a.m.42 views

Security Bulletin: IBM SOAR QRadar Plugin App is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM SOAR QRadar Plugin App has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2023-38263 DESCRIPTION: IBM SOAR QRadar Plugin App could allow an...

9.8CVSS7.6AI score0.01207EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 2:13 a.m.14 views

Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in Plugin Framework for Java (PF4J)

Summary IBM Watson Discovery Cartridge for IBM Cloud Pak for Data contains a vulnerable version of Plugin Framework for Java PF4J. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2023-40828 DESCRIPTION: Plugin Framework for Java PF4J coul...

7.5CVSS7.9AI score0.01492EPSS
Exploits2Affected Software1
Packet Storm News
Packet Storm News
added 2025/04/15 12:0 a.m.5 views

Measuring Computational Universality of Fully Homomorphic Encryption

Many real-world applications, such as machine learning and graph analytics, involve combinations of linear and non-linear operations. As these applications increasingly handle sensitive data, there is a significant demand for privacy-preserving computation techniques capable of efficiently...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/04/15 12:0 a.m.4 views

Making Acoustic Side-Channel Attacks on Noisy Keyboards Viable with LLM-Assisted Spectrograms' "Typo" Correction

The large integration of microphones into devices increases the opportunities for Acoustic Side-Channel Attacks ASCAs, as these can be used to capture keystrokes' audio signals that might reveal sensitive information. However, the current State-Of-The-Art SOTA models for ASCAs, including...

6.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/04/15 12:0 a.m.3 views

The Obvious Invisible Threat: LLM-Powered GUI Agents' Vulnerability to Fine-Print Injections

A Large Language Model LLM powered GUI agent is a specialized autonomous system that performs tasks on the user's behalf according to high-level instructions. It does so by perceiving and interpreting the graphical user interfaces GUIs of relevant apps, often visually, inferring necessary sequenc...

6.8AI score
Exploits0
OSV
OSV
added 2025/04/14 11:3 a.m.7 views

BIT-GIT-2024-52005 The sideband payload is passed unfiltered to the terminal in git

Git is a source code management tool. When cloning from a server or fetching, or pushing, informational or error messages are transported from the remote Git process to the client via the so-called "sideband channel". These messages will be prefixed with "remote:" and printed directly to the...

8.8CVSS8.3AI score0.00494EPSS
Exploits1References3
Rows per page
Query Builder