Lucene search
K

1025 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/03/26 2:0 a.m.38 views

Security Bulletin: IBM Sterling File Gateway is vulnerable to information disclosure (CVE-2021-39086)

Summary IBM Sterling File Gateway has addressed the an information discloure vulnerability. Vulnerability Details CVEID:CVE-2021-39086 DESCRIPTION: IBM Sterling File Gateway could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the...

5.3CVSS4.8AI score0.00779EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/18 11:38 a.m.15 views

Security Bulletin: Vulnerability in Apache Tomcat Server (CVE-2024-52318) affects Power HMC.

Summary The Apache Tomcat Server is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2024-52318 DESCRIPTION: Incorrect object recycling and reuse vulnerability in Apache Tomcat. This issue affects Apache Tomcat: 11.0.0, 10.1.31,...

6.1CVSS6.6AI score0.01676EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/06 8:52 p.m.14 views

Security Bulletin: IBM B2B Sterling Integrator is vunerable to Denial of Service attack due to Netty

Summary IBM B2B Sterling Integrator is affected by a Denial of Service vulnerability in Netty. Vulnerability Details CVEID:CVE-2024-29025 DESCRIPTION: Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers &...

5.3CVSS6.4AI score0.0138EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/06 8:51 p.m.23 views

Security Bulletin: IBM Sterling B2B Integrator is affected by security vulnerability in OpenSSH

Summary IBM Sterling B2B Integrator is affected by security vulnerability in OpenSSH Vulnerability Details CVEID:CVE-2023-48795 DESCRIPTION: The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity chec...

5.9CVSS6.8AI score0.93305EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/06 8:50 p.m.20 views

Security Bulletin: Vulnerability in OpenSSH affects IBM Integrated Analytics System [CVE-2023-48795]

Summary Redhat provided OpenSSH is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable CVE CVE-2023-48795 Vulnerability Details CVEID:CVE-2023-48795 DESCRIPTION: The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9...

5.9CVSS6.8AI score0.93305EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/04 8:56 p.m.29 views

Security Bulletin: IBM Sterling Secure Proxy is vulnerable to multiple issues

Summary Multple vulnerabilities affect IBM Sterling Secure Proxy and are addressed in the latest release and iFix Vulnerability Details CVEID:CVE-2024-20952 DESCRIPTION: An unspecified vulnerability in Java SE related to the Security component could allow a remote attacker to cause high...

7.5CVSS6.9AI score0.01026EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/04 8:55 p.m.23 views

Security Bulletin: IBM Sterling External Authentication Server is vulnerable to multiple issues

Summary Multple vulnerabilities affect IBM Sterling External Authentication Server and are addressed in the latest iFixes Vulnerability Details CVEID:CVE-2024-20952 DESCRIPTION: An unspecified vulnerability in Java SE related to the Security component could allow a remote attacker to cause high...

7.5CVSS6.9AI score0.01026EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/04 8:11 p.m.58 views

Security Bulletin: IBM Sterling B2B Integrator is Vulnerable to Remote Code Execution

Summary IBM Sterling B2B Integrator has addressed the remote code execution vulnerabilty Vulnerability Details CVEID:CVE-2024-31903 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition allow an attacker on the local network to execute arbitrary code on the system, caused by the deserializati...

8.8CVSS7.9AI score0.00968EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/04 6:24 p.m.25 views

Security Bulletin: vulnerability in Netty affects IBM Workload Scheduler.

Summary IBM Workload Scheduler is affected by a vulnerability in Netty that can cause denial of service CVE-2024-29025 Vulnerability Details CVEID:CVE-2024-29025 DESCRIPTION: Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance...

5.3CVSS6.3AI score0.0138EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/03 10:57 p.m.30 views

Security Bulletin: Multiple vulnerabilities in IBM® SDK Java™ affect Cloud Pak System

Summary Vulnerabilities in IBM® SDK Java™ Technology Edition affect IBM Cloud Pak System . These issues were disclosed as part of the IBM Java SDK updates in January 2024. Vulnerability Details CVEID:CVE-2024-20952 DESCRIPTION: An unspecified vulnerability in Java SE related to the Security...

7.5CVSS6.5AI score0.00918EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.20 views

Security Bulletin: Vulnerability in OpenSSL affects IBM Integrated Analytics System [CVE-2024-5535]

Summary Redhat provided OpenSSL is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable CVE CVE-2024-5535 Vulnerability Details CVEID:CVE-2024-5535 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a buffer over-read flaw in the...

9.1CVSS6.9AI score0.05582EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.40 views

Security Bulletin: This Power System update is being released to address CVE-2024-45656

Summary IBM Flexible Service Processor FSP has static credentials which may allow network users to gain service privileges to the FSP. Vulnerability Details CVEID:CVE-2024-45656 DESCRIPTION: IBM Flexible Service Processor FSP has static credentials which may allow network users to gain service...

9.8CVSS7AI score0.00434EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.30 views

Security Bulletin: Vulnerability in OpenSSL affects IBM Integrated Analytics System [CVE-2024-9143]

Summary Redhat provided OpenSSL is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable CVE CVE-2024-9143 Vulnerability Details CVEID:CVE-2024-9143 DESCRIPTION: OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused b...

4.3CVSS7.4AI score0.05966EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.17 views

Security Bulletin: Vulnerability in MIT Kerberos krb5 (CVE-2024-37371) affects Power HMC.

Summary The MIT Kerberos krb5 library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2024-37371 DESCRIPTION: MIT Kerberos 5 aka krb5 is vulnerable to a denial of service, caused by an invalid memory reads during GSS message...

9.1CVSS6.6AI score0.01863EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.11 views

Security Bulletin: Vulnerability in linux affects IBM Integrated Analytics System [CVE-2024-50243]

Summary Redhat provided linux is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable CVE CVE-2024-50243 Vulnerability Details CVEID:CVE-2024-50243 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by general protection fault i...

5.5CVSS6.2AI score0.00218EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.98 views

Security Bulletin: Vulnerability in httpd (CVE-2024-27316) affects Power HMC

Summary HTTPD is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2024-27316 DESCRIPTION: Apache HTTP Server is vulnerable to a denial of service, caused by the failure to check or limit the use of HTTP/2 CONTINUATION frames that...

7.5CVSS6.9AI score0.91327EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.63 views

Security Bulletin: Vulnerability in Apache HTTP Server (CVE-2024-38475) affects Power HMC.

Summary The Apache HTTP Server library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2024-38475 DESCRIPTION: Improper escaping of output in modrewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to map URLs ...

9.1CVSS6.8AI score0.99957EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.31 views

Security Bulletin: Vulnerability in Apache HTTP Server (CVE-2024-39573) affects Power HMC.

Summary The Apache HTTP Server library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2024-39573 DESCRIPTION: Apache HTTP Server is vulnerable to server-side request forgery, caused by a flaw in the modrewrite. By sending a...

7.5CVSS6.2AI score0.35447EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.40 views

Security Bulletin: Vulnerability in Apache HTTP Server (CVE-2024-38474) affects Power HMC.

Summary The Apache HTTP Server library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2024-38474 DESCRIPTION: Apache HTTP Server could allow a remote attacker to execute arbitrary code on the system, caused by a substitution...

9.8CVSS7.5AI score0.02456EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.24 views

Security Bulletin: Vulnerability in MIT Kerberos krb5 (CVE-2024-37370) affects Power HMC.

Summary The MIT Kerberos krb5 library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2024-37370 DESCRIPTION: MIT Kerberos 5 aka krb5 could allow a remote attacker to bypass security restrictions, caused by improper access...

7.5CVSS6.6AI score0.00748EPSS
Exploits0Affected Software1
Rows per page
Query Builder