Lucene search
K

1007 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/07/02 9:52 a.m.6 views

Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Businsess Automation Workflow (CVE-2026-50645, CVE-2026-9322, CVE-2026-9171,CVE-2026-11712, CVE-2026-11595, CVE-2026-11708)

Summary WebSphere Application Server is shipped as a component of IBM Business Automation Workflow. Information about security vulnerabilities affecting IBM WebSphere Application Server Traditional have been published in a security bulletin. Vulnerability Details Refer to the security bulletins...

9.3CVSS5.8AI score0.00474EPSS
Exploits0Affected Software2
NVD
NVD
added 2026/06/30 8:17 p.m.6 views

CVE-2026-13449

IBM Business Automation Manager Open Editions 9.0.0 through 9.4.2 is vulnerable to an XML external entity injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources...

9.1CVSS0.00406EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/30 7:32 p.m.35 views

CVE-2026-13449 XXE attack in IBM Business Automation Manager Open Editions

IBM Business Automation Manager Open Editions 9.0.0 through 9.4.2 is vulnerable to an XML external entity injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources...

7.6CVSS0.00406EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/30 10:4 a.m.3 views

Security Bulletin: Multiple security vulnerabilities in IBM Business Automation Manager Open Editions

Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed in IBM Business Automation Manager Open Editions 9.5.0 Vulnerability Details CVEID:CVE-2026-13449 DESCRIPTION: IBM Business Automation Manager Open Editions is vulnerable t...

9.1CVSS5.8AI score0.00406EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/30 10:2 a.m.5 views

Security Bulletin: Multiple security vulnerabilities in IBM Business Automation Manager Open Editions

Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed in IBM Business Automation Manager Open Editions 9.5.0 Vulnerability Details CVEID:CVE-2026-33871 DESCRIPTION: Netty is an asynchronous, event-driven network application...

8.7CVSS6.8AI score0.01125EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.14 views

PT-2026-53970

Name of the Vulnerable Software and Affected Versions IBM Business Automation Manager Open Editions versions 9.0.0 through 9.4.2 Description An XML external entity injection XXE occurs when processing XML data. This allows a remote attacker to expose sensitive information or consume memory...

9.1CVSS6AI score0.00406EPSS
Exploits0References6
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/29 1:12 p.m.4 views

Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Buinses Automation Workflow (CVE-2026-11594, CVE-2026-11707, CVE-2026-11383, CVE-2026-11541, CVE-2026-11536)

Summary WebSphere Application Server is shipped as a component of IBM Business Automation Workflow. Information about a security vulnerability affecting IBM WebSphere Application Server Traditional have been published in a security bulletin. Vulnerability Details Refer to the security bulletins...

9.8CVSS6.3AI score0.00418EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/29 10:11 a.m.6 views

Security Bulletin: Multiple security vulnerabilities are addressed with Cloud Pak foundational services 4.18.0 shipped with IBM Cloud Pak for Business Automation iFixes for June 2026

Summary IBM Cloud Pak for Business Automation includes IBM Cloud Pak foundational services. IBM Cloud Pak for Business Automation June 2026 security fixes update this dependency beyond 4.18.0 to address security vulnerabilities. Vulnerability Details CVEID:CVE-2024-45310 DESCRIPTION: runc is a CL...

9.8CVSS8.4AI score0.01945EPSS
Exploits4Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/18 8:12 p.m.5 views

Security Bulletin: Multiple Security vulnerabilities have been identified in IBM WebSphere Application Server traditional, WebSphere Liberty profile, IBM HTTP Server its WebSphere plugins shipped with IBM Business Automation Workflow

Summary WebSphere Application Server traditional and WebSphere Application Server Liberty profile are shipped as a component of IBM Business Automation Workflow. Optional IBM HTTP Server and relating WebSphere plugins are included with WebSphere. Information about security vulnerabilities affecti...

9.8CVSS5.5AI score0.00409EPSS
Exploits0Affected Software2
RedhatCVE
RedhatCVE
added 2026/06/05 7:48 p.m.11 views

CVE-2026-1248

IBM Business Automation Workflow containers and traditional may leak information about its database structure in error messages...

4.3CVSS5.4AI score0.00219EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/04 4:53 p.m.31 views

Security Bulletin: Vulnerability in jackson-core-2.15.2.jar

Summary Vulnerability in jackson-core-2.15.2.jar Vulnerability Details ID:WS-2026-0003 DESCRIPTION: The non-blocking async JSON parser in jackson-core bypasses the maxNumberLength constraint default: 1000 characters defined in StreamReadConstraints. This allows an attacker to send JSON with...

5.8AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/03 7:0 p.m.15 views

Security Bulletin: Multiple vulnerabilities in IBM HTTP Server used by WebSphere Application Server affect IBM Business Automation Workflow

Summary WebSphere Application Server Traditional is shipped as a component of IBM Business Automation Workflow. WebSphere Application Server Liberty is shipped as part of the optional components Process Federation Server since 8.5.6, and User Management Service since 18.0.0.1 in IBM Business...

5.8AI score
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/03 6:34 p.m.17 views

Security Bulletin: Vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Buinses Automation Workflow (CVE-2026-9311, CVE-2026-9330, CVE-2026-9319, CVE-2026-8644)

Summary WebSphere Application Server is shipped as a component of IBM Business Automation Workflow. Information about security vulnerabilities affecting IBM WebSphere Application Server Traditional have been published in security bulletins. Vulnerability Details Refer to the security bulletins...

9.1CVSS6.5AI score0.00508EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/01 10:46 a.m.18 views

Security Bulletin: security vulnerabilities are addressed with IBM Business Automation Insights iFixes for May 2026.

Summary Security vulnerabilities are addressed with IBM Business Automation Insights 25.0.0-IF005. These vulnerabilities have been also adressed in 24.0.0-IF007, 24.0.1-IF007 and 25.0.1-IF001. Vulnerability Details CVEID:CVE-2025-7962 DESCRIPTION: In Jakarta Mail 2.0.2 it is possible to preform a...

7.6CVSS6.9AI score0.01525EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/29 4:43 p.m.12 views

Security Bulletin: Multiple security vulnerabilities addressed with IBM Business Automation Workflow cumulative fixes May 2026

Summary In addition to updating many operating system level packages, the following security vulnerabilities are addressed with IBM Business Automation Workflow cumulative fixes. Vulnerability Details CVEID:CVE-2025-12183 DESCRIPTION: Out-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and...

9.8CVSS7.3AI score0.87218EPSS
Exploits12Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/28 9:55 p.m.11 views

Security Bulletin: Multiple security vulnerabilities are addressed with Cloud Pak foundational services 4.6.21 shipped with IBM Cloud Pak for Business Automation iFixes for April 2026

Summary IBM Cloud Pak for Business Automation includes IBM Cloud Pak foundational services. IBM Cloud Pak for Business Automation April 2026 security fixes update this dependency beyond 4.6.21 to address security vulnerabilities. Vulnerability Details CVEID:CVE-2024-45310 DESCRIPTION: runc is a C...

9.8CVSS7.9AI score0.47621EPSS
Exploits8Affected Software2
NVD
NVD
added 2026/05/27 3:16 p.m.14 views

CVE-2026-1248

IBM Business Automation Workflow containers and traditional may leak information about its database structure in error messages...

4.3CVSS0.00219EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/27 2:20 p.m.12 views

EUVD-2026-32521

IBM Business Automation Workflow containers and traditional may leak information about its database structure in error messages...

4.3CVSS5.8AI score0.00219EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/27 2:20 p.m.12 views

CVE-2026-1248

IBM Business Automation Workflow containers and traditional may leak information about its database structure in error messages...

5.8AI score0.00219EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.14 views

PT-2026-43995

IBM Business Automation Workflow containers and traditional may leak information about its database structure in error messages...

5.8AI score0.00219EPSS
Exploits0References2
Rows per page
Query Builder