Lucene search
+L

43 matches found

IBM Security Bulletins
IBM Security Bulletins
added 6 days ago6 views

Security Bulletin: Vulnerability in undici bundled with IBM Fusion, IBM Fusion HCI, and IBM Fusion Content-Aware Storage

Summary IBM Fusion, IBM Fusion HCI, and IBM Fusion Content-Aware Storage include the undici library, which is affected by a denial of service vulnerability. CVE-2026-22036 Vulnerability Details CVEID:CVE-2026-22036 DESCRIPTION: Undici is an HTTP/1.1 client for Node.js. Prior to 7.18.0 and 6.23.0,...

7.5CVSS6.7AI score0.00433EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/29 4:12 p.m.7 views

Security Bulletin: Vulnerability in github.com/jackc/pgx/v5 bundled with IBM Fusion, IBM Fusion HCI, IBM Fusion Content-Aware Storage

Summary IBM Fusion, IBM Fusion HCI, IBM Fusion Content-Aware Storage include github.com/jackc/pgx/v5. It is vulnerable to memory-safety vulnerability. CVE-2026-33816 Vulnerability Details CVEID:CVE-2026-33816 DESCRIPTION: Memory-safety vulnerability in github.com/jackc/pgx/v5. CVSS Source: CISA A...

9.8CVSS5.8AI score0.00561EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/29 4:10 p.m.17 views

Security Bulletin: Multiple Vulnerabilities in bcprov package bundled with IBM Fusion, IBM Fusion HCI, IBM Fusion Data Cataloging, and IBM Fusion Content-Aware Storage

Summary IBM Fusion, IBM Fusion HCI, IBM Fusion Data Cataloging, and IBM Fusion Content-Aware Storage include bcprov library, which is susceptible to use of broken cryptographic algorithm, Improper neutralization, covert timing channel vulnerabilities CVE-2025-14813, CVE-2026-0636, CVE-2026-5598...

9.9CVSS6.7AI score0.00691EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/25 9:10 a.m.6 views

Security Bulletin: Multiple Vulnerabilities in cryptography bundled with IBM Fusion, IBM Fusion HCI, IBM Fusion Data Cataloging, and IBM Fusion Content-Aware Storage

Summary IBM Fusion, IBM Fusion HCI, IBM Fusion Data Cataloging, and IBM Fusion Content-Aware Storage include the cryptography library, which is vulnerable to a critical buffer overflow and an improper certificate validation flaw. A classic buffer overflow vulnerability exists when non-contiguous...

9.8CVSS6.6AI score0.00652EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/17 1:55 p.m.6 views

Security Bulletin: Multiple Vulnerabilities in NLTK bundled with IBM Fusion, IBM Fusion HCI, and IBM Fusion Content-Aware Storage

Summary IBM Fusion, IBM Fusion HCI, and IBM Fusion Content-Aware Storage include the Natural Language Toolkit NLTK library, which is susceptible to several critical security vulnerabilities. These flaws could allow a remote attacker to execute arbitrary code, perform arbitrary file reads via path...

10CVSS6.8AI score0.00924EPSS
Exploits9Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/17 11:57 a.m.8 views

Security Bulletin: Vulnerability in gRPC-Go bundled with IBM Fusion, IBM Fusion HCI, and IBM Fusion Content-Aware Storage

Summary IBM Fusion, IBM Fusion HCI, and IBM Fusion Content-Aware Storage include the gRPC-Go library, which is vulnerable to an authorization bypass. This issue is caused by improper input validation of the HTTP/2 :path pseudo-header. The gRPC-Go server incorrectly accepted requests where the...

9.1CVSS5.6AI score0.01557EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/18 10:20 p.m.10 views

Security Bulletin: Vulnerability in qs bundled with IBM Fusion, IBM Fusion HCI and IBM Fusion Data Cataloging

Summary IBM Fusion, IBM Fusion HCI and IBM Fusion Data Cataloging include the qs library, which is vulnerable to a Denial of Service DoS due to improper input validation. The arrayLimit option in the library failed to enforce limits specifically for bracket notation a=1, allowing the creation of...

6.3CVSS6.8AI score0.0041EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/18 10:19 p.m.14 views

Security Bulletin: Multiple Vulnerabilities in pyOpenSSL bundled with IBM Fusion, IBM Fusion HCI, and IBM Fusion Data Cataloging

Summary IBM Fusion, IBM Fusion HCI, and IBM Fusion Data Cataloging include the pyOpenSSL library, which is susceptible to a critical buffer overflow and a "fail-open" security bypass. A classic buffer overflow vulnerability exists when a user-provided cookie generation callback returns a value...

9.8CVSS6.5AI score0.00704EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/13 10:58 a.m.14 views

Security Bulletin: Vulnerability in pypdf bundled with IBM Fusion, IBM Fusion HCI and Content-Aware Storage

Summary IBM Fusion, IBM Fusion HCI and Content-Aware Storage include pypdf which could cause infinite loop vulnerability. CVE-2026-24688. Vulnerability Details CVEID:CVE-2026-24688 DESCRIPTION: pypdf is a free and open-source pure-python PDF library. An attacker who uses an infinite loop...

5.1CVSS5.7AI score0.00388EPSS
Exploits2Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/13 10:55 a.m.18 views

Security Bulletin: Vulnerability in google.protobuf with IBM Fusion, IBM Fusion HCI and Content-Aware Storage.

Summary IBM Fusion, IBM Fusion HCI and Content-Aware Storage includes google.protobuf, which could cause denial-of-service DoS vulnerability. CVE-2026-0994. Vulnerability Details CVEID:CVE-2026-0994 DESCRIPTION: A denial-of-service DoS vulnerability exists in google.protobuf.jsonformat.ParseDict ...

8.2CVSS6.6AI score0.00613EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/13 10:51 a.m.19 views

Security Bulletin: Vulnerabilities in Hugging Face Transformers bundled with IBM Fusion, IBM Fusion HCI and Content-Aware Storage

Summary IBM Fusion, IBM Fusion HCI and Content-Aware Storage includes the Hugging Face Transformers library, which could allow a remote attacker to execute arbitrary code on affected installations. These vulnerabilities exist due to the lack of proper validation of user-supplied data during the...

7.8CVSS7.6AI score0.00315EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/13 10:46 a.m.21 views

Security Bulletin: Vulnerability in DiskCache with IBM Fusion, IBM Fusion HCI and IBM Fusion Content-Aware Storage.

Summary IBM Fusion, IBM Fusion HCI and IBM Fusion Content-Aware Storage includes DiskCache python-diskcache. Following vulnerability can achieve arbitrary code execution. CVE-2025-69872. Vulnerability Details CVEID:CVE-2025-69872 DESCRIPTION: DiskCache python-diskcache through 5.6.3 uses Python...

9.8CVSS7.8AI score0.00521EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/08 8:4 a.m.11 views

Security Bulletin: Vulnerability in golang.org/x/crypto bundled with IBM Fusion, IBM Fusion HCI and IBM Fusion Content-Aware Storage

Summary IBM Fusion, IBM Fusion HCI and IBM Fusion Content-Aware Storage include golang.org/x/crypto which could cause early termination of client process. CVE-2025-47913. Vulnerability Details CVEID:CVE-2025-47913 DESCRIPTION: SSH clients receiving SSHAGENTSUCCESS when expecting a typed response...

7.5CVSS5.9AI score0.00632EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/06 12:34 p.m.6 views

Security Bulletin: Vulnerabilities in llama_index_core bundled with IBM Fusion, IBM Fusion HCI and Content-Aware Storage.

Summary IBM Fusion, IBM Fusion HCI and Content-Aware Storage includes llamaindexcore which could allow Denial of Service DoS, steal proprietary models, poison cached embeddings, conduct symlink attacks. CVE-2025-5472, CVE-2024-12911, CVE-2024-12704, CVE-2025-5302, CVE-2025-7647. Vulnerability...

8.6CVSS7AI score0.00761EPSS
Exploits3Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/19 8:44 p.m.14 views

Security Bulletin: There are multiple vulnerabilities that can affect IBM Fusion

Summary Multiple vulnerabilities affecting IBM Fusion and IBM Fusion HCI could have resulted in reduced security. These issues have since been resolved. CVE-2025-7969, CVE-2025-66221, CVE-2025-65945, CVE-2025-6493, CVE-2025-64756, CVE-2025-64118, CVE-2025-62727, CVE-2025-59952, CVE-2025-5889,...

9.1CVSS6.1AI score0.1686EPSS
Exploits10Affected Software3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-19876

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00218EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-28994

Malicious code in bioql PyPI...

9.8CVSS6.5AI score0.00351EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/13 9:22 p.m.7 views

CVE-2025-36222

IBM Fusion 2.2.0 through 2.10.1, IBM Fusion HCI 2.2.0 through 2.10.0, and IBM Fusion HCI for watsonx 2.8.2 through 2.10.0 uses insecure default configurations that could expose AMQStreams without client authentication that could allow an attacker to perform unauthorized actions...

9.8CVSS6.9AI score0.00351EPSS
Exploits0References1
NVD
NVD
added 2025/09/11 9:15 p.m.7 views

CVE-2025-36222

IBM Fusion 2.2.0 through 2.10.1, IBM Fusion HCI 2.2.0 through 2.10.0, and IBM Fusion HCI for watsonx 2.8.2 through 2.10.0 uses insecure default configurations that could expose AMQStreams without client authentication that could allow an attacker to perform unauthorized actions...

9.8CVSS0.00351EPSS
Exploits0References1
OSV
OSV
added 2025/09/11 9:15 p.m.5 views

CVE-2025-36222

IBM Fusion 2.2.0 through 2.10.1, IBM Fusion HCI 2.2.0 through 2.10.0, and IBM Fusion HCI for watsonx 2.8.2 through 2.10.0 uses insecure default configurations that could expose AMQStreams without client authentication that could allow an attacker to perform unauthorized actions...

9.8CVSS5.8AI score0.00351EPSS
Exploits0References1
Rows per page
Query Builder