Lucene search
K

454 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/06/08 7:8 a.m.27 views

Security Bulletin: IBM Tivoli Composite Application Manager for Application Diagnostics Installed IBM WebSphere Application Server traditional is vulnerable to spoofing when using Web Server Plug-ins

Summary The security issue described in CVE-2022-39161 has been identified in the WebSphere Application Server traditional included as part of IBM Tivoli Composite Application Manager for Application Diagnostics Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes...

5.3CVSS5.3AI score0.00362EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/08 5:58 a.m.17 views

Security Bulletin: IBM Tivoli Composite Application Manager for Application Diagnostics Installed IBM WebSphere Application Server is vulnerable to cross-site scripting in the Admin Console

Summary The security issue described in CVE-2023-24966 has been identified in the WebSphere Application Server included as part of IBM Tivoli Composite Application Manager for Application Diagnostics Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

6.1CVSS6.3AI score0.00399EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/08 5:52 a.m.23 views

Security Bulletin: IBM Tivoli Composite Application Manager for Application Diagnostics Installed IBM WebSphere Application Server traditional is vulnerable to a denial of service due to Apache Commons FileUpload

Summary The security issue described in CVE-2023-24998 has been identified in the WebSphere Application Server traditional included as part of IBM Tivoli Composite Application Manager for Application Diagnostics Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes...

7.5CVSS7.9AI score0.46836EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/02 3:17 p.m.45 views

Security Bulletin: Multiple vulnerabilities in IBM Java XML affect IBM Tivoli System Automation Application Manager deferred from Oracle Apr 2022 CPU (CVE-2022-21426)

Summary A flaw in the XML component of IBM Java Technology Edition used by IBM Tivoli System Automation Application Manager has been identified. These issues were disclosed as part of the IBM Java SDK updates in Apr 2022. Vulnerability Details Refer to the security bulletins listed in the...

5.3CVSS6.7AI score0.03203EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/02 2:28 p.m.53 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation Application Manager - Includes Oracle January 2023 CPU (CVE-2023-21830, CVE-2023-21843)

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition used by IBM Tivoli System Automation Application Manager. These issues were disclosed as part of the IBM Java SDK updates in January 2023. Vulnerability Details Refer to the security bulletins listed in the...

5.3CVSS6AI score0.01357EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/01 8:27 p.m.27 views

Security Bulletin: IBM Edge Application Manager has a vulnerability listed in CVE 2023-28154. IBM has addressed this vulnerability.

Summary IBM Edge Application Manager 4.5 addresses the security vulnerability listed in CVE 2023-28154. Vulnerability Details CVEID:CVE-2023-28154 DESCRIPTION: Webpack could allow a remote attacker to bypass security restrictions, caused by the mishandling of the magic comment feature by the...

9.8CVSS9.2AI score0.01421EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/31 10:20 p.m.53 views

Security Bulletin: IBM Edge Application Manager 4.5.1 addresses multiple security vulnerabilities

Summary IBM Edge Application Manager 4.5.1 addresses multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details CVEID:CVE-2022-3171 DESCRIPTION: protobuf-java core and lite are vulnerable to a denial of service, caused by a flaw in the parsing procedure for binary and text...

7.8CVSS6.9AI score0.01048EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/31 5:50 a.m.45 views

Security Bulletin: IBM Edge Application Manager 4.5 addresses the security vulnerability listed in the CVE below.

Summary IBM Edge Application Manager 4.5 addresses the security vulnerability listed in the CVE below. Vulnerability Details CVEID:CVE-2022-1996 DESCRIPTION: go-restful could allow a remote attacker to bypass security restrictions, caused by improper regular expression implementation in the CORS...

9.3CVSS9.6AI score0.02737EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/31 5:47 a.m.34 views

Security Bulletin: IBM Edge Application Manager is vulnerable to an Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') due to Node.js ejs

Summary IBM Edge Application Manager 4.5 addresses the vulnerability listed in the CVE below. Vulnerability Details CVEID:CVE-2022-29078 DESCRIPTION: Node.js ejs module could allow a remote attacker to execute arbitrary code on the system, caused by a server-side template injection flaw in...

9.8CVSS9.7AI score0.32386EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/31 5:45 a.m.47 views

Security Bulletin: IBM Edge Application Manager 4.5 addresses multiple security vulnerabilities

Summary IBM Edge Application Manager 4.5 addresses multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details CVEID:CVE-2021-23436 DESCRIPTION: Node.js immer module could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution flaw...

9.8CVSS8.4AI score0.0178EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/31 5:44 a.m.41 views

Security Bulletin: IBM Edge Application Manager 4.5 addresses the security vulnerability listed in the CVE below.

Summary IBM Edge Application Manager 4.5 addresses the security vulnerability listed in the CVE below. Vulnerability Details CVEID:CVE-2021-3918 DESCRIPTION: Json-schema could allow a remote attacker to execute arbitrary code on the system, caused by an improperly controlled modification of objec...

9.8CVSS9.8AI score0.03563EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/31 5:42 a.m.34 views

Security Bulletin: IBM Edge Application Manager 4.5 addresses the security vulnerability listed in the CVE below.

Summary IBM Edge Application Manager 4.5 addresses the security vulnerability listed in the CVE below. Vulnerability Details CVEID:CVE-2021-42740 DESCRIPTION: Node.js shell-quote module could allow a remote attacker to execute arbitrary commands on the system, caused by a flaw with windows drive...

9.8CVSS9.7AI score0.0434EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/31 5:42 a.m.87 views

Security Bulletin: IBM Edge Application Manager 4.5 addresses multiple security vulnerabilities

Summary IBM Edge Application Manager 4.5 addresses multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details CVEID:CVE-2021-41190 DESCRIPTION: Open Container Initiative Distribution Specification could allow a remote authenticated attacker to bypass security restrictions,...

8.6CVSS9.4AI score0.27392EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/15 7:8 p.m.22 views

Security Bulletin: Open Source Dependency Vulnerability

Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2022-37603 DESCRIPTION: webpack loader-utils is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS flaw in the interpolateName function in...

7.5CVSS8AI score0.02029EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/15 7:7 p.m.49 views

Security Bulletin: Open Source Dependency Vulnerability

Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2022-31030 DESCRIPTION: containerd is vulnerable to a denial of service, caused by a flaw in the CRI implementation. By sending a specially-crafted request using the ExecSync API, a local...

5.5CVSS5.4AI score0.00377EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/15 7:5 p.m.23 views

Security Bulletin: Open Source Dependency Vulnerability

Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2021-33587 DESCRIPTION: An unspecified error related to the failure to ensure that attribute parsing has Linear Time Complexity in Node.js css-what module has an unknown impact and attack...

7.5CVSS7.2AI score0.02267EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/15 7:4 p.m.30 views

Security Bulletin: Open Source Dependency Vulnerability

Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2020-7774 DESCRIPTION: Node.js y18n module could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution flaw. By sending a specially-crafted request, ...

9.8CVSS8.7AI score0.69062EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/15 6:59 p.m.33 views

Security Bulletin: Open Source Dependency Vulnerability

Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2021-33502 DESCRIPTION: Node.js normalize-url module is vulnerable to a denial of service, caused by a ReDoS regular expression denial of service flaw in the data URLs. By using a...

7.5CVSS8AI score0.01705EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/15 6:57 p.m.18 views

Security Bulletin: Open Source Dependency Vulnerability

Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2022-25851 DESCRIPTION: Node.js jpeg-js module is vulnerable to a denial of service, caused by improper input validation. By sending a specially-crafted request, a remote attacker could exploi...

7.5CVSS7.3AI score0.01762EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/15 6:56 p.m.40 views

Security Bulletin: Open Source Dependency Vulnerability

Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2022-36109 DESCRIPTION: Moby could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a flaw with the supplementary groups are not set up properly. By...

6.3CVSS8.2AI score0.02693EPSS
Exploits3Affected Software1
Rows per page
Query Builder