Lucene search
K

35 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/02/27 4:53 p.m.6 views

Security Bulletin: IBM Rational Developer for i is affected by a memory exhaustion loop (CVE-2024-4068)

Summary A package included in the Code Coverage functionality of IBM Rational Developer for i is vulnerable to malicious input causing a crash of the program due to memory exhaustion loop as described in the vulnerability details section. Vulnerability Details CVEID:CVE-2024-4068 DESCRIPTION: The...

7.5CVSS6AI score0.01471EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/25 11:56 a.m.4 views

Security Bulletin: A vulnerabilities in NPM package `braces` affect IBM® Db2® Big SQL on IBM Cloud Pak for Data.

Summary A vulnerabilities in NPM package braces affect IBM® Db2® Big SQL 7 on IBM Cloud Pak for Data 4.8 and 5.0 and earlier. Vulnerability Details CVEID:CVE-2024-4068 DESCRIPTION: The NPM package braces, versions prior to 3.0.3, fails to limit the number of characters it can handle, which could...

7.5CVSS5.8AI score0.01471EPSS
Exploits1Affected Software1
Atlassian
Atlassian
added 2025/11/13 11:28 p.m.14 views

DoS (Denial of Service) Third-Party Dependency in Bitbucket Data Center and Server - CVE-2024-4068

This High severity vulnerability known as CVE-2024-4068 was introduced in 3.0.2, 8.19.0, 8.19.1, 8.19.2, 8.19.3, 8.19.4, 8.19.5, 8.19.6, 8.19.7, 8.19.8, 8.19.9, 8.19.10, 8.19.11 of Bitbucket Data Center and Server. This vulnerability with a CVSS Score of 7.5 and a CVSS Vector of...

7.5CVSS6.8AI score0.01471EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2025/06/27 12:7 p.m.4 views

Security Bulletin: IBM Maximo Application Suite - Manage Component uses braces-3.0.2.tgz which is vulnerable to CVE-2024-4068

Summary Security Bulletin: IBM Maximo Application Suite - Manage Component uses braces-3.0.2.tgz which is vulnerable to CVE-2024-4068. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-4068 DESCRIPTION: The NPM package braces,...

7.5CVSS6.4AI score0.01471EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/06/25 4:23 p.m.5 views

Security Bulletin: IBM Storage Fusion Data Foundation is vulnerable to a denial of service via Node.js braces module (CVE-2024-4068)

Summary Node.js braces module is used by IBM Storage Fusion Data Foundation as part of CVE-2024-4068 which may lead denial of services. This bulletin identifies the steps to take to address the vulnerability in IBM Storage Fusion Data Foundation. Vulnerability Details CVEID:CVE-2024-4068...

7.5CVSS6.6AI score0.01471EPSS
Exploits1Affected Software1
OpenVAS
OpenVAS
added 2025/05/26 12:0 a.m.9 views

Fedora: Security Advisory (FEDORA-2025-7d7b644265)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.01471EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2025/05/26 12:0 a.m.8 views

Fedora: Security Advisory (FEDORA-2025-0951177024)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.01471EPSS
Exploits1References3
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 3:24 a.m.27 views

Security Bulletin: IBM Fusion HCI and IBM Fusion are vulnerable to denial of service due to Node.js, isaacs node-tar, ShowdownJS

Summary IBM Fusion HCI and IBM Fusion's graphical user interface are vulnerable to a denial of service due to Node.js, isaacs node-tar, and ShowdownJS. CVE-2024-4068, CVE-2024-28863, CVE-2024-1899. Vulnerability Details CVEID:CVE-2024-4068 DESCRIPTION: Node.js braces module is vulnerable to a...

7.5CVSS6.8AI score0.01471EPSS
Exploits3Affected Software3
OpenVAS
OpenVAS
added 2025/03/31 12:0 a.m.7 views

Fedora: Security Advisory (FEDORA-2025-9a278a7768)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.8AI score0.01471EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/03/28 12:0 a.m.16 views

Fedora 41 : nodejs-nodemon (2025-0951177024)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-0951177024 advisory. Added patch for CVE-2024-4068 rhbz2280624 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...

7.5CVSS6.9AI score0.01471EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/03/28 12:0 a.m.13 views

Fedora 40 : nodejs-nodemon (2025-9a278a7768)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-9a278a7768 advisory. Added patch for CVE-2024-4068 rhbz2280624 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...

7.5CVSS6.9AI score0.01471EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2024-4068

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The NPM package braces, versions prior to 3.0.3, fails to limit the number of characters it can handle, which could lead to Memory Exhaustion. In lib/parse.js, ...

7.5CVSS6.8AI score0.01471EPSS
Exploits1References4
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.18 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to braces-3.0.2.tgz CVE-2024-4068

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to braces-3.0.2.tgz CVE-2024-4068. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-4068 DESCRIPTION: Node.js braces module is vulnerable to a denial of service,...

7.5CVSS6.4AI score0.01471EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.24 views

Security Bulletin: Maximo Application Suite - braces-3.0.2.tgz package is vulnerable to CVE-2024-4068 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses braces-3.0.2.tgz package which is vulnerable to CVE-2024-4068. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-4068 DESCRIPTION: Node.js braces module is vulnerable to a...

7.5CVSS6.4AI score0.01471EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/10/31 12:0 a.m.15 views

SUSE SLED15: pgadmin4 / pgadmin4-cloud / pgadmin4-desktop / pgadmin4-doc / etc (SUSE-SU-2024:3771-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3771-1 advisory. - CVE-2024-38355: Fixed socket.io: unhandled 'error' event bsc1226967 - CVE-2024-38998: Fixed...

10CVSS7AI score0.09685EPSS
Exploits9References29
OpenVAS
OpenVAS
added 2024/10/30 12:0 a.m.31 views

openSUSE Security Advisory (SUSE-SU-2024:3771-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.5AI score0.09685EPSS
Exploits9References13
OSV
OSV
added 2024/10/29 12:55 p.m.33 views

SUSE-SU-2024:3771-1 Security update for pgadmin4

This update for pgadmin4 fixes the following issues: - CVE-2024-38355: Fixed socket.io: unhandled 'error' event bsc1226967 - CVE-2024-38998: Fixed requirejs: prototype pollution via function config bsc1227248 - CVE-2024-38999: Fixed requirejs: prototype pollution via function s.contexts..configur...

10CVSS6.5AI score0.09685EPSS
Exploits9References21
RedHat Linux
RedHat Linux
added 2024/10/14 6:7 p.m.29 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.19 Security update

An update is now available for Red Hat JBoss Enterprise Application Platform 7.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS6.7AI score0.17673EPSS
Exploits4References19
RedHat Linux
RedHat Linux
added 2024/10/14 6:1 p.m.36 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.19 Security update

An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

7.5CVSS6.7AI score0.17673EPSS
Exploits5References20
RedHat Linux
RedHat Linux
added 2024/10/14 6:1 p.m.40 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.19 Security update

An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

7.5CVSS6.7AI score0.17673EPSS
Exploits5References20
Rows per page
Query Builder