Security Bulletin: Security vulnerabilities have been identified in IBM DB2 shipped with IBM License Metric Tool v9.

Summary IBM DB2 is shipped with IBM License Metric Tool. Information about security vulnerabilities affecting IBM DB2 has been published in separate security bulletins. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions...

Security Bulletin: Multiple Vulnerabilities affects IBM License Metric Tool v9

Summary Multiple vulnerabilities have been remediated in components used by IBM License Metric Tool Vulnerability Details CVEID:CVE-2025-14923 DESCRIPTION: IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.2 IBM WebSphere Application Server Liberty could provide weaker than...

Security Bulletin: A vulnerability in zlib affects IBM License Metric Tool v9 scanner (CIT)

Summary There is a vulnerability in the zlib component used by IBM License Metric Tool v9 scanner CIT Vulnerability Details CVEID:CVE-2026-27171 DESCRIPTION: zlib before 1.3.2 allows CPU consumption via crc32combine64 and crc32combinegen64 because x2nmodp can do right shifts within a loop that ha...

Security Bulletin: Multiple Vulnerabilities affects IBM License Metric Tool v9

Summary Multiple vulnerabilities have been remediated in components used by IBM License Metric Tool Vulnerability Details CVEID:CVE-2025-68161 DESCRIPTION: The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname verification of the peer certificate...

Security Bulletin: A vulnerability in WebSphere Application Server Liberty affects IBM License Metric Tool

Summary There is a vulnerability in the WebSphere Application Server Liberty used by IBM License Metric Tool. Vulnerability Details CVEID:CVE-2025-12635 DESCRIPTION: IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.12 are affected by...

CVE-2023-43044

IBM License Metric Tool 9.2 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system. IBM X-Force ID: 266893...

EUVD-2014-8754

Malware in sbrugna...

EUVD-2014-8753

Malware in sbrugna...

EUVD-2014-4695

Malware in sbrugna...

EUVD-2014-4693

Malware in sbrugna...

EUVD-2014-4697

Malware in sbrugna...

EUVD-2014-8751

Malware in sbrugna...

EUVD-2025-31574

Malicious code in bioql PyPI...

EUVD-2023-47465

Malicious code in bioql PyPI...

EUVD-2025-31577

Malicious code in bioql PyPI...

CVE-2025-36352

IBM License Metric Tool 9.2.0 through 9.2.40 is vulnerable to stored cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted sessi...

CVE-2025-36352

IBM License Metric Tool 9.2.0 through 9.2.40 is vulnerable to stored cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted sessi...

CVE-2025-36351

IBM License Metric Tool 9.2.0 through 9.2.40 could allow an authenticated user to bypass access controls in the REST API interface and perform unauthorized actions...

CVE-2025-36351

IBM License Metric Tool 9.2.0 through 9.2.40 could allow an authenticated user to bypass access controls in the REST API interface and perform unauthorized actions...

CVE-2025-36351 IBM License Metric Tool bypass security

IBM License Metric Tool 9.2.0 through 9.2.40 could allow an authenticated user to bypass access controls in the REST API interface and perform unauthorized actions...