280 matches found
CVE-2026-14971
CVE-2026-14971 affects IBM PowerVM Novalink (NovaLink APIs) with misconfiguration that can increase attack surface and enable unintended/unauthorized operations under non-default conditions. Affected PowerVM Novalink versions include 2.2.0, 2.2.1, 2.2.1.1 and 2.3.0, 2.3.0.1, 2.3.1, 2.3.2. IBM rep...
CVE-2026-9171
IBM PowerVM Novalink are vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources...
EUVD-2026-45250
IBM PowerVM Novalink are vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources...
CVE-2026-9171 Vulnerabilities in IBM WebSphere Application affects IBM PowerVM Novalink.
IBM PowerVM Novalink are vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources...
PT-2026-60837
IBM PowerVM Novalink are vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources...
Security Bulletin: This PowerVM Novalink update is being released to address CVE-2026-14971
Summary A vulnerability on PowerVM Novalink could allow an unintended or unauthorized operations under non-default conditions. PowerVM Novalink has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2026-14971 DESCRIPTION: IBM NovaLink APIs misconfiguration may increase attack surface...
Security Bulletin: Vulnerabilities in IBM WebSphere Application (CVE-2026-50645, CVE-2026-9322, CVE-2026-11541, CVE-2026-4410, CVE-2026-9320, CVE-2026-8646, CVE-2026-11806, CVE-2026-9071, CVE-2026-11546, CVE-2026-5516) affects IBM PowerVM Novalink.
Summary IBM WebSphere Libery Profile is used by IBM PowerVM Novalink. IBM PowerVM Novalink has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2026-50645 DESCRIPTION: There is no restriction on the amount of attachment headers that a message can contain when being deserialized by...
Security Bulletin: Vulnerability in IBM WebSphere Application (CVE-2025-14917) affects IBM PowerVM Novalink.
Summary IBM WebSphere Libery Profile is used by IBM PowerVM Novalink. IBM PowerVM Novalink has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2025-14917 DESCRIPTION: IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty could...
Security Bulletin: Vulnerability in IBM WebSphere Application (CVE-2026-1561) affects IBM PowerVM Novalink.
Summary IBM WebSphere Libery Profile is used by IBM PowerVM Novalink. IBM PowerVM Novalink has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2026-1561 DESCRIPTION: IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty is...
Security Bulletin: Vulnerability in IBM WebSphere Application (CVE-2025-14915) affects IBM PowerVM Novalink.
Summary IBM WebSphere Libery Profile is used by IBM PowerVM Novalink. IBM PowerVM Novalink has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2025-14915 DESCRIPTION: IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty is...
Security Bulletin: Vulnerability in IBM WebSphere Application ( CVE-2025-14923) affects IBM PowerVM Novalink.
Summary IBM WebSphere Libery Profile is used by IBM PowerVM Novalink. IBM PowerVM Novalink has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2025-14923 DESCRIPTION: IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.2 IBM WebSphere Application Server Liberty could...
Security Bulletin: This Power System update is being released to address CVE-2026-22796
Summary PowerVM relies on OpenSSL to support a range of features, such as virtual TPM, LPM, and other functionalities that require cryptographic operations. This bulletin provides a remediation for the impacted vulnerability, CVE-2026-22796 by upgrading PowerVM and thus addressing the exposure to...
Security Bulletin: Vulnerability in IBM WebSphere Application (CVE-2025-12635) affects IBM PowerVM Novalink.
Summary IBM WebSphere Libery Profile is used by IBM PowerVM Novalink. IBM PowerVM Novalink has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2025-12635 DESCRIPTION: IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.12 ar...
Security Bulletin: Vulnerability in Iog4j (CVE-2025-68161) affects IBM PowerVM Novalink.
Summary log4j is used by IBM PowerVM Novalink. IBM PowerVM Novalink has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2025-68161 DESCRIPTION: The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname verification of the peer...
Security Bulletin: Vulnerability in Java SE (CVE-2024-29371) affects IBM PowerVM Novalink.
Summary Java SE is used by IBM PowerVM Novalink. IBM PowerVM Novalink has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2026-21945 DESCRIPTION: Java SE is vulnerable to a denial of service, caused by an easily exploitable vulnerability issue that allows an remote attacker to cause...
Security Bulletin: Vulnerability in IBM WebSphere Application (CVE-2025-14914) affects IBM PowerVM Novalink.
Summary IBM WebSphere Libery Profile is used by IBM PowerVM Novalink. IBM PowerVM Novalink has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2025-14914 DESCRIPTION: IBM WebSphere Application Server Liberty 17.0.0.3 through 26.0.0.1 could allow a privileged user to upload a zip...
Security Bulletin: Vulnerability in IBM WebSphere Application (CVE-2024-29371) affects IBM PowerVM Novalink.
Summary IBM WebSphere Libery Profile is used by IBM PowerVM Novalink. IBM PowerVM Novalink has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2024-29371 DESCRIPTION: In jose4j before 0.9.6, an attacker can cause a Denial-of-Service DoS condition by crafting a malicious JSON Web...
Security Bulletin: Vulnerability in IBM WebSphere Application (CVE-2026-29063) affects IBM PowerVM Novalink.
Summary IBM WebSphere Libery Profile is used by IBM PowerVM Novalink. IBM PowerVM Novalink has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2026-29063 DESCRIPTION: Immutable.js provides many Persistent Immutable data structures. Prior to versions 3.8.3, 4.3.7, and 5.1.5, Prototyp...
Security Bulletin: Multiple vulnerabilities in PostgreSQL affect PowerVM VIOS
Summary Vulnerabilities in PostgreSQL could allow an attacker to cause a denial of service CVE-2025-4207, read sensitive data CVE-2025-8713, or inject arbitrary code CVE-2025-8714, CVE-2025-8715. PowerVM VIOS uses PostgreSQL as part of Shared Storage Pools SSP and for internal administration...
Multiple vulnerabilities in PostgreSQL affect PowerVM VIOS
IBM SECURITY ADVISORY First Issued: Thu Apr 2 15:29:58 CDT 2026 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/postgresadvisory.asc Security Bulletin: Multiple vulnerabilities in PostgreSQL affect PowerVM VIOS...