Lucene search
+L

419 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.10 views

EUVD-2022-53170

Malicious code in bioql PyPI...

8.8CVSS7AI score0.00462EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-35816

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.00421EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-27472

Malicious code in bioql PyPI...

4CVSS4.7AI score0.00194EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-43526

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.00315EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-53169

Malicious code in bioql PyPI...

9.1CVSS6AI score0.0115EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-53168

Malicious code in bioql PyPI...

5.4CVSS5.6AI score0.00421EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-53167

Malicious code in bioql PyPI...

8.8CVSS8.8AI score0.00359EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/07/03 5:39 p.m.6 views

Security Bulletin: IBM DataPower Gateway affected by issues in Java Runtime

Summary IBM DataPower Gateway does not itself use Java, but certain bundled integrations do e.g. JDBC, IMS Vulnerability Details CVEID:CVE-2025-21587 DESCRIPTION: An unspecified vulnerability in Java SE related to the Server: DDL component could allow a remote attacker to cause high confidentiali...

7.5CVSS7.4AI score0.00784EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/06/11 11:58 a.m.13 views

Security Bulletin: IBM DataPower Gateway affected by timing side-channel in OpenSSL (CVE-2024-13176)

Summary IBM DataPower Gateway uses OpenSSL for most cryptographic operations. Vulnerability Details CVEID:CVE-2024-13176 DESCRIPTION: Issue summary: A timing side-channel which could potentially allow recovering the private key exists in the ECDSA signature computation. Impact summary: A timing...

4.1CVSS8.9AI score0.00601EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/06/11 11:55 a.m.16 views

Security Bulletin: IBM DataPower Gateway vulnerable to multiple CVEs in zlib

Summary IBM DataPower Gateway uses ZLib in reading and writing configuration exports and for handling compressed traffic Vulnerability Details CVEID:CVE-2018-25032 DESCRIPTION: zlib before 1.2.12 allows memory corruption when deflating i.e., when compressing if the input has many distant matches...

9.8CVSS7.9AI score0.52063EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/06/10 9:6 p.m.15 views

Security Bulletin: IBM DataPower Gateway affected by multiple CVEs in OS kernel

Summary The following CVEs in the OS kernel may affect IBM DataPower Gateway Vulnerability Details CVEID:CVE-2023-52458 DESCRIPTION: In the Linux kernel, the following vulnerability has been resolved: block: add check that partition length needs to be aligned with block size Before calling add...

7.8CVSS9.4AI score0.00301EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/22 11:27 p.m.15 views

CVE-2022-40228

IBM DataPower Gateway 10.0.3.0 through 10.0.4.0, 10.0.1.0 through 10.0.1.9, 2018.4.1.0 through 2018.4.1.22, and 10.5.0.0 through 10.5.0.2 does not invalidate session after a password change which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 235527...

5.4CVSS6.4AI score0.00315EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/05/06 1:49 p.m.20 views

Security Bulletin: IBM DataPower Gateway vulnerable to DoS

Summary This issue may result in a memory leak. Vulnerability Details CVEID:CVE-2024-26935 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by an error related to unremoved procfs host directory regression. A local authenticated attacker could exploit this vulnerability to...

5.5CVSS6.5AI score0.00242EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/29 2:23 a.m.32 views

Security Bulletin: IBM DataPower Gateway does not force a Gateway Peering password change

Summary The DataPower UI does not notify customers of any gateway-peering instance that uses the system default password. The UI will now warn if the password is not changed. Vulnerability Details CVEID:CVE-2022-31776 DESCRIPTION: IBM DataPower Gateway 10.0.2.0 through 10.0.4.0, 10.0.1.0 through...

8.8CVSS8.7AI score0.00462EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/29 2:15 a.m.29 views

Security Bulletin: IBM DataPower Gateway may permit admin users to view and edit files that are not allowed to be read via RBM access rights (CVE-2022-22326)

Summary IBM has addressed the CVE Vulnerability Details CVEID:CVE-2022-22326 DESCRIPTION: IBM MQ Appliance could allow unauthorized viewing of logs and files due to insufficient authorisation checks. CVSS Base score: 4 CVSS Temporal Score: See:...

4CVSS3.6AI score0.00194EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/03 7:21 p.m.21 views

Security Bulletin: IBM DataPower Gateway vulnerable to denial of service and remote code execution through use of Redis

Summary IBM DataPower Gateway uses Redis internally for gateway peering. Vulnerability Details CVEID:CVE-2024-46981 DESCRIPTION: Redis is an open source, in-memory database that persists on disk. An authenticated user may use a specially crafted Lua script to manipulate the garbage collector and...

9.8CVSS7.5AI score0.07934EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/02 8:11 p.m.9 views

Security Bulletin: IBM DataPower Gateway vulnerable to denial of service due to rustls

Summary Rustls is used in gateway peering Vulnerability Details CVEID:CVE-2024-11738 DESCRIPTION: A flaw was found in Rustls 0.23.13 and related APIs. This vulnerability allows denial of service panic via a fragmented TLS ClientHello message. CWE:CWE-248: Uncaught Exception CVSS Source:...

7.5CVSS6.6AI score0.00707EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/02 8:10 p.m.21 views

Security Bulletin: IBM DataPower Gateway vulnerable to naming confusion (CVE-2024-12224)

Summary idna is used in the GitOps feature. Vulnerability Details CVEID:CVE-2024-12224 DESCRIPTION: idna 0.5.0 and earlier accepts Punycode labels that do not produce any non-ASCII output, which means that either ASCII labels or the empty root label can be masked such that they appear unequal...

8.8CVSS7AI score0.00201EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/26 2:42 a.m.46 views

Security Bulletin: IBM DataPower Gateway does not invalidate active sessions on a password change (CVE-2022-40228)

Summary If a user password is changed, IBM DataPower Gateway does not immediately invalidate existing active sessions that were created with the old password. This means that a session created using a compromised password could continue to operate after the password has been changed until the...

5.4CVSS5.2AI score0.00315EPSS
Exploits0Affected Software4
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/21 4:35 p.m.7 views

Security Bulletin: IBM DataPower Gateway vulnerable to Denial of Service (CVE-2024-53088)

Summary IBM DataPower Gateway uses the ethernet driver on hardware platforms. Vulnerability Details CVEID:CVE-2024-53088 DESCRIPTION: In the Linux kernel, the following vulnerability has been resolved: i40e: fix race condition by adding filter's intermediate sync state Fix a race condition in the...

5.5CVSS7.2AI score0.00199EPSS
Exploits0Affected Software1
Rows per page
Query Builder