Security Bulletin: IBM Maximo Application Suite - Monitor Component uses WebSphere Application Server Liberty which is affected by a denial of service due to Apache Commons FileUpload and vulnerable to CVE-2025-48976.

Summary IBM Maximo Application Suite - Monitor Component uses WebSphere Application Server Liberty which is affected by a denial of service due to Apache Commons FileUpload and vulnerable to CVE-2025-48976. This bulletin contains information regarding the vulnerability and its fixture...

Security Bulletin: IBM Spectrum Control is vulnerable to weakness related to Apache Commons FileUpload (CVE-2025-48976)

Summary Vulnerability in Apache Commons FileUpload allows denial of service may affect IBM Spectrum Control. Vulnerability Details CVEID:CVE-2025-48976 DESCRIPTION: Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Commons FileUpload. Thi...

Security Bulletin: Apache commons-fileupload CVE-2025-48976 security vulnerability in FileNet Content Manager (FNCM) component Administration Console for Content Platform Engine (ACCE)

Summary Apache commons-fileupload CVE-2025-48976 security vulnerability in FileNet Content Manager FNCM component Administration Console for Content Platform Engine ACCE Vulnerability Details CVEID:CVE-2025-48976 DESCRIPTION: Allocation of resources for multipart headers with insufficient limits...

TencentOS Server 4: tomcat (TSSA-2025:0623)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0623 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

Mageia: Security Advisory (MGASA-2025-0296)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2025-0296 Updated apache-commons-fileupload packages fix security vulnerability

Apache Commons FileUpload: FileUpload DoS via part headers. CVE-2025-48976...

DoS (Denial of Service) Third-Party Dependency in Jira Service Management Data Center and Server

This High severity Third-Party Dependency vulnerability was introduced in versions 5.10.0, 5.11.0, 5.12.0, 5.13.0, 5.14.0, 5.15.2, 5.16.0, 5.17.0, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.0, 11.0.0 and and 11.1.0 of Jira Service Management Data Center and Server. This...

Security Bulletin: WebSphere Application Server Liberty is affected by a denial of service due to Apache Commons FileUpload ( CVE-2025-48976)

Summary WebSphere Application Server Liberty is affected by a denial of service due to Apache Commons FileUpload CVE-2025-48976 Vulnerability Details CVEID:CVE-2025-48976 DESCRIPTION: Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache...

Security Bulletin: Multiple vulnerabilities in IBM WebSphere Application Server Liberty affect IBM InfoSphere Information Server

Summary There are multiple vulnerabilities in IBM® WebSphere Application Server Liberty that is used by IBM InfoSphere Information Server. These are addressed. Vulnerability Details CVEID:CVE-2025-36047 DESCRIPTION: IBM WebSphere Application Server Liberty 18.0.0.2 through 25.0.0.8 is vulnerable ...

Security Bulletin: IBM Maximo Application Suite Predict Component uses Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability.

Summary Security Bulletin: IBM Maximo Application Suite Predict Component uses Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability.This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details...

Security Bulletin: IBM Maximo Application Suite Predict Component uses Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability.

Summary Security Bulletin: IBM Maximo Application Suite Predict Component uses Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability.This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details...

Security Bulletin: Vulnerability Werkzeug, Twisted-22.10.0-py3, requests-2.32.2-py3, commons-lang-2.6, commons-fileupload-1.5, urllib3-2.2.2, jetty-server-9.4.56.v20240826 affect IBM Cloud Object Storage Systems (Oct 2025)

Summary Vulnerability with Werkzeug CVE-2024-34069, CVE-2023-46136 ,CVE-2024-49767, CVE-2024-49766 Twisted-22.10.0-py3 CVE-2024-41810, CVE-2023-46137, CVE-2024-41671, requests-2.32.2-py3 CVE-2024-47081, urllib3-2.2.2 CVE-2025-50182,CVE-2025-501810 commons-lang-2.6CVE-2025-48924,...

Security Bulletin: DoS vulnerability in Apache Commons FileUpload library affect Tivoli Netcool/OMNIbus WebGUI (CVE-2025-48976)

Summary Apache Commons FileUpload library is used by Tivoli Netcool/OMNIbus WebGUI as part of Map Resources admin component. Vulnerability Details CVEID:CVE-2025-48976 DESCRIPTION: Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Commons...

IBM MQ DoS (7248944)

The version of IBM MQ Server running on the remote host is affected by a vulnerability as referenced in the 7248944 advisory. - Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Commons FileUpload. This issue affects Apache Commons...

Security Bulletin: vulerability in IBM Spectrum Symphony with Apache Commons FileUpload

Summary vulerability in IBM Spectrum Symphony with Apache Commons FileUpload Vulnerability Details CVEID:CVE-2025-48976 DESCRIPTION: Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Commons FileUpload. This issue affects Apache Commons...

Security Bulletin: QRadar Suite Software includes components with multiple known vulnerabilities

Summary QRadar Suite Software includes components with known vulnerabilities. These have been addressed in the update. Vulnerability Details CVEID:CVE-2025-48976 DESCRIPTION: Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Commons...

AlmaLinux 10 : tomcat9 (ALSA-2025:14178)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:14178 advisory. tomcat: Apache Tomcat DoS in multipart upload CVE-2025-48988 tomcat: Apache Tomcat: Security constraint bypass for pre/post-resources CVE-2025-49125...

EUVD-2014-2632

Malware in sbrugna...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: tomcat (UTSA-2025-606733)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-606733 advisory. Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Commons FileUpload. This issue affects Apache Commons...

Unity Linux 20.1060a / 20.1070a Security Update: tomcat (UTSA-2025-986129)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986129 advisory. Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Commons FileUpload. This issue affects Apache Commons...