Security Bulletin: Security vulnerability has been identified in WebSphere Application Server shipped with IBM Guardium Key Lifecycle Manager (SKLM/GKLM)

Summary WebSphere Application Server is shipped as a component of IBM Guardium Key Lifecycle Manager SKLM/GKLM. Information about security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details CVEID:CVE-2026-9330 DESCRIPTION:...

CVE-2026-4919

IBM Guardium Data Protection 12.1 is vulnerable to cross-site scripting. This vulnerability allows an administrative user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

CVE-2026-8405

IBM Guardium Data Protection 12.2.1, and 12.2.2 's add-on feature of Guardium Data Protection named "Long Term Retention" LTR can expose sensitive credentials in debug mode...

CVE-2026-8405

IBM Guardium Data Protection 12.2.1, and 12.2.2 's add-on feature of Guardium Data Protection named "Long Term Retention" LTR can expose sensitive credentials in debug mode...

CVE-2026-8405

IBM Guardium Data Protection 12.2.1, and 12.2.2 's add-on feature of Guardium Data Protection named "Long Term Retention" LTR can expose sensitive credentials in debug mode...

CVE-2026-4918

IBM Guardium Data Protection 12.1 is vulnerable to stored cross-site scripting. This vulnerability allows an administrative user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

CVE-2026-1726

IBM Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2, 4.2.1, 5.0, and 5.1 enables privilege escalation, allowing unauthorized users to perform administrative operations after being demoted. Attackers could access sensitive data, modify system configurations, or change permissions for other users. T...

IBM Guardium Key Lifecycle Manager 安全漏洞

IBM Guardium Key Lifecycle Manager is a key management system provided by IBM that offers capabilities for generating, distributing, and managing encrypted keys. There is a security vulnerability in IBM Guardium Key Lifecycle Manager, which stems from improper permission management. This...

CVE-2026-1726

CVE-2026-1726 affects IBM Guardium Key Lifecycle Manager (GKLM) versions 4.1, 4.1.1, 4.2, 4.2.1, 5.0, and 5.1. The IBM security bulletin lists this CVE under CWE-269: Improper Privilege Management, with a IBM CVSS base score of 6.4 (vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N). The conne...

CVE-2026-4919

IBM Guardium Data Protection 12.1 is vulnerable to cross-site scripting. This vulnerability allows an administrative user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

CVE-2026-4919 IBM Guardium Data Protection is affected by multiple vulnerabilities

IBM Guardium Data Protection 12.1 is vulnerable to cross-site scripting. This vulnerability allows an administrative user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

Security Bulletin: IBM Guardium Data Protection is affected by a spring-security-config-5.8.14.jar vulnerability (CVE-2024-38827)

Summary IBM Guardium Data Protection has addressed this vulnerability in an update. Vulnerability Details CVEID:CVE-2024-38827 DESCRIPTION: The usage of String.toLowerCase and String.toUpperCase has some Locale dependent exceptions that could potentially result in authorization rules not working...

Security Bulletin: IBM Guardium Data Protection is affected by multiple vulnerabilities

Summary IBM Guardium Data Protection has addressed these vulnerabilities in an update. Vulnerability Details CVEID:CVE-2025-55163 DESCRIPTION: Netty is an asynchronous, event-driven network application framework. Prior to versions 4.1.124.Final and 4.2.4.Final, Netty is vulnerable to MadeYouReset...

Security Bulletin: Multiple security vulnerabilities have been identified in IBM Db2 shipped with IBM Guardium Key Lifecycle Manager (SKLM/GKLM)

Summary IBM Db2 is shipped as a component of IBM Guardium Key Lifecycle Manager SKLM/GKLM. Information about multiple security vulnerabilities affecting IBM Db2 has been published in security bulletins. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

Security Bulletin: IBM Guardium Data Security Center is affected by multiple vulnerabilities

Summary IBM Guardium Data Security Center has addressed these vulnerabilties with an update. Vulnerability Details CVEID:CVE-2026-23490 DESCRIPTION: pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.2, a Denial-of-Service issue has been found that leads to memory exhaustion from malforme...

CVE-2023-25922

IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment. IBM X-Force ID: 247621...

CVE-2023-25924

IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 could allow an authenticated user to perform actions that they should not have access to due to improper authorization. IBM X-Force ID: 247630...

Security Bulletin: IBM Guardium Data Protection is affected by multiple vulnerabilities

Summary IBM Guardium Data Protection has addressed these vulnerabilities in an update. Vulnerability Details CVEID:CVE-2025-31650 DESCRIPTION: Improper Input Validation vulnerability in Apache Tomcat. Incorrect error handling for some invalid HTTP priority headers resulted in incomplete clean-up ...

EUVD-2021-25460

Malware in sbrugna...

EUVD-2021-25462

Malware in sbrugna...