CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

179 matches found

IBM Security Bulletins•added 2025/02/11 4:23 p.m.•18 views

Security Bulletin: InfoSphere Data Replication is affected by Snappy-Java vulnerabilities

Summary InfoSphere Data Replication uses Snappy-Java. This bulletin identifies the steps to take to address the vulnerability in that package. Vulnerability Details CVEID:CVE-2023-34453 DESCRIPTION: snappy-java is vulnerable to a denial of service, caused by an integer overflow in the shuffle...

7.5CVSS7.8AI score0.01503EPSS

Exploits2Affected Software1

IBM Security Bulletins•added 2024/06/28 12:48 p.m.•26 views

Security Bulletin: An unspecified IBM SDK, Java Technology Edition vulnerability affects InfoSphere Data Replication

Summary An unspecified IBM SDK, Java Technology Edition vulnerability is addressed. Vulnerability Details CVEID:CVE-2023-22081 DESCRIPTION: An unspecified vulnerability in Java SE related to the JSSE component could allow a remote attacker to cause no confidentiality impact, no integrity impact,...

5.9CVSS5.7AI score0.00098EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2024/06/28 12:47 p.m.•23 views

Security Bulletin: An unspecified IBM SDK, Java Technology Edition vulnerability affects InfoSphere Data Replication

Summary An unspecified IBM SDK, Java Technology Edition vulnerability is addressed. Vulnerability Details CVEID:CVE-2023-22045 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow a remote attacker to cause low confidentiality impacts. CVSS Base score: 3.7...

3.7CVSS4.8AI score0.00141EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2024/06/28 12:46 p.m.•31 views

Security Bulletin: A vulnerability in github.com/containerd/containerd-v1.6.17 affects Data Replication on Cloud Pak for Data

Summary A vulnerability in the github.com/containerd/containerd-v1.6.17 package has been addressed. Vulnerability Details CVEID:CVE-2023-25173 DESCRIPTION: containerd could allow a local authenticated attacker to bypass security restrictions, caused by improper setup for supplementary groups insi...

7.8CVSS6.6AI score0.00244EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2024/06/28 12:46 p.m.•26 views

Security Bulletin: A vulnerability in urllib3 affects Data Replication on Cloud Pak for Data

Summary A vulnerability in the urllib3 package has been addressed. Vulnerability Details CVEID:CVE-2021-33503 DESCRIPTION: urllib3 is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS flaw due to catastrophic backtracking. By sending a specially-crafted URL...

7.5CVSS7.5AI score0.00863EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2024/06/28 12:45 p.m.•24 views

Security Bulletin: A vulnerability in Go affects Data Replication on Cloud Pak for Data

Summary A vulnerability in the Go package has been addressed. Vulnerability Details CVEID:CVE-2023-24532 DESCRIPTION: An unspecified error with return an incorrect result in the ScalarMult and ScalarBaseMult methods of the P256 Curve in Golang Go has an unknown impact and attack vector. CVSS Base...

5.3CVSS7.1AI score0.00026EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2024/06/28 12:45 p.m.•23 views

Security Bulletin: A vulnerability in Go affects Data Replication on Cloud Pak for Data

Summary A vulnerability in the Go package has been addressed. Vulnerability Details CVEID:CVE-2022-41724 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by a flaw when processing large TLS handshake records. By sending specially-crafted TLS handshake records, a remote...

7.5CVSS8.4AI score0.0002EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2024/06/28 12:44 p.m.•25 views

Security Bulletin: A vulnerability in setuptools affects Data Replication on Cloud Pak for Data

Summary A vulnerability in the setuptools package has been addressed. Vulnerability Details CVEID:CVE-2022-40897 DESCRIPTION: Pypa Setuptools is vulnerable to a denial of service, caused by improper input validation. By sending request with a specially crafted regular expression, an remote attack...

5.9CVSS6.8AI score0.00513EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2024/06/28 12:43 p.m.•31 views

Security Bulletin: A vulnerability in urllib3 affects Data Replication on Cloud Pak for Data

Summary A vulnerability in the urllib3 package has been addressed. Vulnerability Details CVEID:CVE-2019-11236 DESCRIPTION: Python urllib3 is vulnerable to CRLF injection, caused by improper validation of user-supplied input by the request parameter. By sending a specially-crafted HTTP response...

6.1CVSS6.8AI score0.00609EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2024/06/28 12:42 p.m.•20 views

Security Bulletin: A vulnerability in containerd affects Data Replication on Cloud Pak for Data

Summary A vulnerability in the containerd package has been addressed. Vulnerability Details CVEID:CVE-2022-31030 DESCRIPTION: containerd is vulnerable to a denial of service, caused by a flaw in the CRI implementation. By sending a specially-crafted request using the ExecSync API, a local...

5.5CVSS5.7AI score0.00158EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2024/06/28 12:42 p.m.•22 views

Security Bulletin: A vulnerability in containerd affects Data Replication on Cloud Pak for Data

Summary A vulnerability in the containerd package has been addressed. Vulnerability Details CVEID:CVE-2022-23471 DESCRIPTION: containerd is vulnerable to a denial of service, caused by a flaw in the CRI implementation. By sending a specially-crafted request, a remote authenticated attacker could...

6.5CVSS6.2AI score0.00259EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2024/06/28 12:41 p.m.•32 views

Security Bulletin: A vulnerability in Go affects Data Replication on Cloud Pak for Data

Summary A vulnerability in the package Go has been addressed. Vulnerability Details CVEID:CVE-2022-41725 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by a flaw when perform multipart form parsing with mime/multipart.Reader.ReadForm. By sending a specially-crafted request, a...

7.5CVSS8.4AI score0.00065EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2024/06/28 12:40 p.m.•18 views

Security Bulletin: InfoSphere Data Replication is affected by a guava package vulnerbility (CVE-2023-2976)

Summary InfoSphere Data Replication uses the guava package. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-2976 DESCRIPTION: Google Guava could allow a local authenticated attacker to obtain sensitive information, caused by a flaw wit...

7.1CVSS6AI score0.00065EPSS

Exploits0Affected Software1

Wallarm Lab•added 2024/01/09 2:3 p.m.•16 views

What Is Cloud Data Protection?

A Deep Dive into the Cosmic Universe of Information Safeguarding: An Exhaustive Examination of Distributed Data Security As the virtual dominions continue to propagate at a phenomenal pace, the totality of data we generate daily scales new zeniths. We see ourselves increasingly relying on 'online...

6.6AI score

Exploits0

IBM Security Bulletins•added 2023/12/08 2:31 p.m.•16 views

Security Bulletin: A vulnerability in cryptography-3.3.2-cp36-abi3-manylinux2010_x86_64.whl affects Data Replication on Cloud Pak for Data

Summary A vulnerability in cryptography-3.3.2-cp36-abi3-manylinux2010x8664.whl has been addressed. Vulnerability Details CVEID:CVE-2023-0286 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a type confusion error related to X.400 address processing inside an X.509 GeneralName...

7.4CVSS7.5AI score0.88334EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2023/12/08 2:29 p.m.•28 views

Security Bulletin: A vulnerability in github.com/golang/text/language-v0.3.0 affects Data Replication on Cloud Pak for Data

Summary A vulnerability in the package github.com/golang/text/language-v0.3.0 has been addressed. Vulnerability Details CVEID:CVE-2022-32149 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by improper input validation by the golang.org/x/text/language package. By sending a...

7.5CVSS7.5AI score0.00054EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2023/11/08 12:47 p.m.•21 views

Security Bulletin: Data Replication on Cloud Pak for Data vulnerabile to Apache James MIME4J vulnerability

Summary A vulnerability in Apache James MIME4J is addressed. Vulnerability Details CVEID:CVE-2022-45787 DESCRIPTION: Apache James MIME4J could allow a local authenticated attacker to obtain sensitive information, caused by improper laxist permissions on the temporary files. By sending a...

5.5CVSS5.9AI score0.00009EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2023/11/08 12:42 p.m.•23 views

Security Bulletin: A systemd vulnerability affects Data Replication on Cloud Pak for Data (CVE-2022-4415)

Summary This bulletin covers a vulnerability finding in the systemd package used with this product. Vulnerability Details CVEID:CVE-2022-4415 DESCRIPTION: systemd could allow a local authenticated attacker to obtain sensitive information, caused by not respecting fs.suiddumpable kernel setting in...

5.5CVSS5.3AI score0.00033EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2023/11/08 12:37 p.m.•33 views

Security Bulletin: A vulnerability in Node.js http-cache-semantics package affects Data Replication on Cloud Pak for Data

Summary A vulnerability in Node.js http-cache-semantics package used in Data Replication on Cloud Pak for Data was addressed. Vulnerability Details CVEID:CVE-2022-25881 DESCRIPTION: Node.js http-cache-semantics module is vulnerable to a denial of service, caused by a regular expression denial of...

7.5CVSS6.8AI score0.00175EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2023/11/07 9:50 p.m.•36 views

Security Bulletin: Multiple vulnerabilities in jsonwebtoken package affects Data Replication on Cloud Pak for Data

Summary Multiple vulnerabilities in jsonwebtoken package used in Data Replication on Cloud Pak for Data was addressed. Vulnerability Details CVEID:CVE-2022-23541 DESCRIPTION: Auth0 jsonwebtoken could allow a remote authenticated attacker to bypass security restrictions, caused by an insecure...

8.1CVSS7.2AI score0.00082EPSS

Exploits0Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by