Lucene search
K

69 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2 days ago3 views

Security Bulletin: Potential denial of service in X.509 name checks in OpenSSL affect Cloud Pak System [CVE-2024-6119]

Summary Potential denial of service in X.509 name checks in OpenSSL affect Cloud Pak System. Vulnerability was addressed by IBM Cloud Pak System. Vulnerability Details CVEID:CVE-2024-6119 DESCRIPTION: Issue summary: Applications performing certificate name checks e.g., TLS clients checking server...

7.5CVSS6.7AI score0.66594EPSS
Exploits0Affected Software2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 9 : openssl-3.0.7-28.el9_4.ML.1 (AXSA:2024-8829:06)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8829:06 advisory. openssl: Possible denial of service in X.509 name checks CVE-2024-6119 Tenable has extracted the preceding description block directly from the MiracleLinux...

7.5CVSS7.5AI score0.66594EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/08 2:27 p.m.4 views

Security Bulletin: IBM QRadar App SDK for IBM QRadar SIEM includes components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM has addressed the vulnerabilities. This product is only used by IBM QRadar SIEM app developers and external business partners and is not relevant for users o...

7.5CVSS6.9AI score0.66594EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/07/21 1:51 p.m.4 views

Security Bulletin: Vulnerabilities exists in IBM Netezza Performance Server

Summary Vulnerabilities exist in IBM Netezza Performance Server are addressed in 11.2.3.3 Vulnerability Details CVEID:CVE-2024-43591 DESCRIPTION: Azure Command Line Integration CLI Elevation of Privilege Vulnerability CWE:CWE-77: Improper Neutralization of Special Elements used in a Command...

9.1CVSS7.3AI score0.66594EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/06/21 8:35 a.m.9 views

Security Bulletin: Vulnerabilities in Jinja , cryptography & OpenSSL can affect IBM Storage Protect Plus File Systems Agent Backup and Restore

Summary IBM Storage Protect Plus File Systems Agent Backup and Restore can be affected by vulnerabilities in Jinja & cryptography which includes execution of untrusted templates, man-in-middle attacks & a denial of service, as described by the CVEs in the "Vulnerability Details" section. These...

8.8CVSS7.9AI score0.66594EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2025/06/04 12:0 a.m.8 views

SUSE: Security Advisory (SUSE-SU-2024:3106-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.66594EPSS
Exploits0References19
SUSE Linux
SUSE Linux
added 2025/05/08 1:17 p.m.4 views

Security update for openssl-3

This update for openssl-3 fixes the following issues: CVE-2024-6119: Fixed denial of service in X.509 name checks bsc1229465 Other fixes: FIPS: Deny SHA-1 signature verification in FIPS provider bsc1221365. FIPS: RSA keygen PCT requirements. FIPS: Check that the fips provider is available before...

8.2CVSS7.3AI score0.66594EPSS
Exploits0References34
IBM Security Bulletins
IBM Security Bulletins
added 2025/05/06 5:23 p.m.19 views

Security Bulletin: IBM Virtualization Engine TS7700 is susceptible to a Denial of Service (CVE-2024-6119) due to the use of OpenSSL

Summary IBM Virtualization Engine TS7700 is susceptible to a denial of service due to the use of OpenSSL CVE-2024-6119. OpenSSL is used in TS7700 to encrypt data in flight during EKM communications, Secure Data Transfer between clusters, and for TS7700 Advanced Object Store for DS8000...

7.5CVSS7.1AI score0.66594EPSS
Exploits0Affected Software3
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/30 10:37 a.m.22 views

Security Bulletin: Multiple Vulnerabilities in IBM Concert Software.

Summary Multiple vulnerabilities were addressed in IBM Concert Software version 1.1.0 Vulnerability Details CVEID:CVE-2024-55909 DESCRIPTION: IBM Concert Software could allow an authenticated user to cause a denial of service due to the expansion of archive files without controlling resource...

8.8CVSS8.2AI score0.66594EPSS
Exploits0Affected Software1
OSV
OSV
added 2025/04/11 5:10 p.m.6 views

CLSA-2024-1729546540 openssl: Fix of CVE-2024-6119

CVE-2024-6119: avoid type errors in EAI-related name check logic...

7.5CVSS6.9AI score0.66594EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/11 5:18 p.m.8 views

Security Bulletin: Vulnerability inOpenSSL affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component.

Summary Potential vulnerability inOpenSSL has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component.. The vulnerability have been addressed. Refer to details for additional information. Vulnerability...

7.5CVSS6.9AI score0.66594EPSS
Exploits0Affected Software2
Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2024-6119

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: Applications performing certificate name checks e.g., TLS clients checking server certificates may attempt to read an invalid memory address...

7.5CVSS6.5AI score0.66594EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/10 12:58 p.m.13 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to cryptography-42.0.7-cp37-abi3-manylinux_2_28_x86_64.whl CVE-2024-6119

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to cryptography-42.0.7-cp37-abi3-manylinux228x8664.whl CVE-2024-6119. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-6119 DESCRIPTION: OpenSSL is vulnerable to a...

7.5CVSS7.5AI score0.66594EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/05 8:50 p.m.14 views

Security Bulletin: Vulnerability in OpenSSL affects IBM watsonx Assistant for IBM Cloud Pak for Data

Summary A potential denial of service vulnerability in OpenSSL has been identified that affects IBM watsonx Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-6119 DESCRIPTION: OpenSSL is...

7.5CVSS7.7AI score0.66594EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/05 8:47 p.m.14 views

Security Bulletin: Vulnerability in OpenSSL affects IBM watsonx Assistant for IBM Cloud Pak for Data

Summary Potential vulnerability in OpenSSL has been identified that affects IBM watsonx Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-6119 DESCRIPTION: OpenSSL is vulnerable to a denia...

7.5CVSS7.7AI score0.66594EPSS
Exploits0Affected Software1
SUSE Linux
SUSE Linux
added 2025/02/03 8:48 a.m.11 views

Security update for openssl-3, libpulp, ulp-macros

This update for openssl-3, libpulp, ulp-macros fixes the following issues: openssl-3: - CVE-2024-6119: possible denial of service in X.509 name checks bsc1229465 - CVE-2024-5535: SSLselectnextproto buffer overread bsc1227138 - CVE-2024-4741: Fixed a use-after-free with SSLfreebuffers bsc1225551...

8.2CVSS7.5AI score0.66594EPSS
Exploits1References64
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/30 9:27 p.m.8 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a denial of service in OpenSSL [CVE-2024-6119]

Summary IBM Watson Speech Services Cartridge is vulnerable to a denial of service in OpenSSL, caused by an error when performing certificate name checks CVE-2024-6119. OpenSSL is used by our Speech Service runtimes. This vulnerabilitiy has been addressed. Please read the details for remediation...

7.5CVSS6.7AI score0.66594EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.19 views

Security Bulletin: IBM Maximo Application Suite - Predict Component component uses cryptography-43.0.0-cp39-abi3-manylinux_2_28_x86_64.whl which is vulnerable to this CVE-2024-6119

Summary Security Bulletin: IBM Maximo Application Suite - Predict Component component uses cryptography-43.0.0-cp39-abi3-manylinux228x8664.whl which is vulnerable to this CVE-2024-6119. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details...

7.5CVSS6.5AI score0.66594EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.19 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to cryptography-42.0.4-cp37-abi3-manylinux_2_28_x86_64.whl CVE-2024-6119

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to cryptography-42.0.4-cp37-abi3-manylinux228x8664.whl CVE-2024-6119. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-6119 DESCRIPTION: OpenSSL is vulnerable to a...

7.5CVSS6.7AI score0.66594EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.25 views

Security Bulletin: IBM Maximo Application Suite uses serve-static-1.15.0.tgz, send-0.18.0.tgz and cryptography-43.0.0-cp39-abi3-manylinux_2_28_x86_64.whl which is vulnerable to CVE-2024-43800 CVE-2024-43799 CVE-2024-6119.

Summary IBM Maximo Application Suite uses serve-static-1.15.0.tgz, send-0.18.0.tgz and cryptography-43.0.0-cp39-abi3-manylinux228x8664.whl which is vulnerable to CVE-2024-43800, CVE-2024-43799 and CVE-2024-6119. This bulletin contains information regarding the vulnerability and its fixture...

7.5CVSS8.1AI score0.66594EPSS
Exploits0Affected Software1
Rows per page
Query Builder