Lucene search
K

273 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/04/01 7:51 a.m.14 views

Security Bulletin: Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients (CVE-2024-47535) affects IBM PowerVM Novalink.

Summary Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients is used by IBM PowerVM Novalink. An unsafe reading of environment file could potentially cause a denial of service in Netty. When loaded on...

5.5CVSS6.8AI score0.00408EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/01 7:50 a.m.25 views

Security Bulletin: Vulnerabilities in Java SE (component: Hotspot: CVE-2024-10917, CVE-2024-21235, CVE-2024-21217, CVE-2024-21210, CVE-2024-21208) affect IBM PowerVM Novalink.

Summary Java SE component: Hotspot is used by IBM PowerVM Novalink. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete...

5.3CVSS5.7AI score0.01157EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/03/30 1:36 p.m.22 views

CVE-2025-0986

IBM PowerVM Hypervisor FW1050.00 through FW1050.30 and FW1060.00 through FW1060.20 could allow a local user, under certain Linux processor combability mode configurations, to cause undetected data loss or errors when performing gzip compression using HW acceleration...

4.5CVSS6.8AI score0.0012EPSS
Exploits0References1
OSV
OSV
added 2025/03/28 2:15 p.m.4 views

CVE-2025-0986

IBM PowerVM Hypervisor FW1050.00 through FW1050.30 and FW1060.00 through FW1060.20 could allow a local user, under certain Linux processor combability mode configurations, to cause undetected data loss or errors when performing gzip compression using HW acceleration...

4.4CVSS5.8AI score0.0012EPSS
Exploits0References1
NVD
NVD
added 2025/03/28 2:15 p.m.9 views

CVE-2025-0986

IBM PowerVM Hypervisor FW1050.00 through FW1050.30 and FW1060.00 through FW1060.20 could allow a local user, under certain Linux processor combability mode configurations, to cause undetected data loss or errors when performing gzip compression using HW acceleration...

4.5CVSS0.0012EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/28 1:21 p.m.12 views

CVE-2025-0986 IBM PowerVM Hypervisor data manipulation

IBM PowerVM Hypervisor FW1050.00 through FW1050.30 and FW1060.00 through FW1060.20 could allow a local user, under certain Linux processor combability mode configurations, to cause undetected data loss or errors when performing gzip compression using HW acceleration...

4.5CVSS6.7AI score0.0012EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/28 1:21 p.m.47 views

CVE-2025-0986 IBM PowerVM Hypervisor data manipulation

IBM PowerVM Hypervisor FW1050.00 through FW1050.30 and FW1060.00 through FW1060.20 could allow a local user, under certain Linux processor combability mode configurations, to cause undetected data loss or errors when performing gzip compression using HW acceleration...

4.5CVSS0.0012EPSS
Exploits0References1
CVE
CVE
added 2025/03/28 1:21 p.m.66 views

CVE-2025-0986

CVE-2025-0986 affects IBM PowerVM Hypervisor FW1050.00–FW1050.30 and FW1060.00–FW1060.20. A local user, under certain Linux processor-compatibility mode configurations, can cause undetected data loss or errors when gzip is accelerated by hardware. IBM’s bulletin notes this is mitigated by upgradi...

4.5CVSS6.5AI score0.0012EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/03/28 12:0 a.m.4 views

IBM PowerVM Hypervisor 安全漏洞

IBM PowerVM Hypervisor is an application from International Business Machines IBM, Inc. Providing a secure and scalable virtualized environment, these applications are built on the advanced RAS features and leading performance of the Power Systems platform. A security vulnerability exists in IBM...

4.5CVSS6.3AI score0.0012EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/03/28 12:0 a.m.6 views

PT-2025-13521 · Ibm · Ibm Powervm Hypervisor

Name of the Vulnerable Software and Affected Versions: IBM PowerVM Hypervisor versions FW1050.00 through FW1050.30 IBM PowerVM Hypervisor versions FW1060.00 through FW1060.20 Description: The issue allows a local user, under certain Linux processor compatibility mode configurations, to cause...

4.5CVSS6.9AI score0.0012EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/27 9:33 p.m.8 views

Security Bulletin: This Power System update is being released to address CVE-2025-0986

Summary A Linux partition in Power10 processor compatibility mode can cause undetected data loss or error when performing gzip compression using hardware acceleration during a specific hardware state window. Vulnerability Details CVEID:CVE-2025-0986 DESCRIPTION: IBM PowerVM could allow a local...

4.5CVSS6.2AI score0.0012EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/26 1:38 a.m.40 views

Security Bulletin: IBM PowerVM VIOS could allow a remote attacker to tamper with system configuration or cause a denial of service (CVE-2022-35643)

Summary A vulnerability in IBM PowerVM VIOS could allow a remote attacker to tamper with system configuration or cause a denial of service CVE-2022-35643. Vulnerability Details CVEID:CVE-2022-35643 DESCRIPTION: IBM PowerVM VIOS could allow a remote attacker to tamper with system configuration or...

9.1CVSS9.1AI score0.01179EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/06 8:43 p.m.42 views

Security Bulletin: This Power System update is being released to address CVE-2024-41781

Summary An attacker that gains service access to the HMC can locate and through a series of service procedures decrypt data contained in the Platform KeyStore Vulnerability Details CVEID:CVE-2024-41781 DESCRIPTION: IBM PowerVM Platform KeyStore functionality can be compromised if an attacker gain...

5.9CVSS5AI score0.00343EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.27 views

Security Bulletin: IBM PowerVM Novalink is vulnerable because an unspecified vulnerability in Java SE related to the VM component could allow a remote attacker to cause high confidentiality, high integrity impacts.(CVE-2024-21147)

Summary IBM PowerVM Novalink is vulnerable because an unspecified vulnerability in Java SE related to the VM component could allow a remote attacker to cause high confidentiality, high integrity impacts. Vulnerability Details CVEID:CVE-2024-21147 DESCRIPTION: An unspecified vulnerability in Java ...

7.4CVSS6.9AI score0.01257EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.20 views

Security Bulletin: This Power System update is being released to address CVE-2024-41007

Summary The Linux kernel is used by the Virtualization Management Interface in PowerVM to support network communication with the Hardware Management Console. This bulletin provides a remediation for the impacted vulnerability, CVE-2024-41007, by upgrading PowerVM and thus addressing the exposure ...

3.3CVSS6.4AI score0.00229EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.11 views

Security Bulletin: IBM PowerVM Novalink is vulnerable because Any project that parses untrusted Protocol Buffers data containing an arbitrary number of nested groups / series of SGROUP tags can corrupted by exceeding the stack limit. (CVE-2024-7254)

Summary IBM PowerVM Novalink is vulnerable because Any project that parses untrusted Protocol Buffers data containing an arbitrary number of nested groups / series of SGROUP tags can corrupted by exceeding the stack limit i.e. StackOverflow. Parsing nested groups as unknown fields with...

8.7CVSS6.9AI score0.02772EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.18 views

Security Bulletin: IBM PowerVM Novalink is vulnerable because GraphQL Java (aka graphql-java) is vulnerable to a denial of service, caused by the failure to properly consider ExecutableNormalizedFields. (CVE-2024-40094)

Summary IBM PowerVM Novalink is vulnerable because GraphQL Java aka graphql-java is vulnerable to a denial of service, caused by the failure to properly consider ExecutableNormalizedFields ENFs as part of preventing denial of service. By using introspection queries, a remote attacker could exploi...

5.3CVSS7.1AI score0.00943EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/11/22 4:52 p.m.18 views

Security Bulletin: This Power System update is being released to address CVE-2022-0480 and CVE-2023-6531

Summary The Linux kernel is used by the Virtualization Management Interface in PowerVM to support network communication with the Hardware Management Console and by the Runtime Processor Diagnostics in PowerVM. This bulletin provides a remediation for the impacted vulnerabilities, CVE-2022-0480 an...

7CVSS7AI score0.00272EPSS
Exploits0
OSV
OSV
added 2024/11/22 12:15 p.m.7 views

CVE-2024-41781

IBM PowerVM Platform KeyStore IBM PowerVM Hypervisor FW950.00 through FW950.90, FW1030.00 through FW1030.60, FW1050.00 through FW1050.20, and FW1060.00 through FW1060.10 functionality can be compromised if an attacker gains service access to the HMC. An attacker that gains service access to the H...

5.9CVSS5.8AI score0.00343EPSS
Exploits0References1
NVD
NVD
added 2024/11/22 12:15 p.m.31 views

CVE-2024-41781

IBM PowerVM Platform KeyStore IBM PowerVM Hypervisor FW950.00 through FW950.90, FW1030.00 through FW1030.60, FW1050.00 through FW1050.20, and FW1060.00 through FW1060.10 functionality can be compromised if an attacker gains service access to the HMC. An attacker that gains service access to the H...

5.9CVSS0.00343EPSS
Exploits0References1
Rows per page
Query Builder