Lucene search
K

36 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/06/22 5:25 p.m.3 views

Security Bulletin: SPSS Collaboration and Deployment Services is affected by Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc

Summary SPSS Collaboration and Deployment Services is affected by Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2026-3505 DESCRIPTION: Allocation of resources without limits o...

8.7CVSS5.7AI score0.00758EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/17 3:51 p.m.8 views

Security Bulletin: Vulnerability in edk2 affects IBM Netezza Appliance

Summary The edk2 package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2025-9230 Vulnerability Details CVEID:CVE-2025-9230 DESCRIPTION: Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigge...

7.5CVSS6.7AI score0.01744EPSS
Exploits0Affected Software1
UbuntuCve
UbuntuCve
added 2026/02/25 8:21 p.m.7 views

CVE-2025-3525

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.0 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that could have, under certain circumstances, allowed an authenticated user with certain access to cause Denial of Service by creating specially crafted CI...

6.5CVSS5.9AI score0.00308EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/03 6:2 a.m.12 views

Security Bulletin: Vulnerability in openssh (CVE-2025-26465) affects Power HMC.

Summary The openssh library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2025-26465 DESCRIPTION: A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be...

6.8CVSS5.3AI score0.06997EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/30 5:50 a.m.11 views

Security Bulletin: IBM Edge Data Collector uses jws-3.2.2.tgz which are vulnerable to CVE-2025-65945.

Summary IBM Edge Data Collector uses jws-3.2.2.tgz which are vulnerable to CVE-2025-65945. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-65945 DESCRIPTION: auth0/node-jws is a JSON Web Signature implementation for Node.js. In...

7.5CVSS5.8AI score0.002EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/05 9:37 a.m.9 views

Security Bulletin: IBM Maximo Application Suite - Predict Component uses IBM WebSphere Application Server Liberty 25.0.0.8 which is vulnerable to CVE-2025-36000, CVE-2020-36732 and CVE-2025-36124

Summary Security Bulletin: IBM Maximo Application Suite - Predict Component uses IBM WebSphere Application Server Liberty 25.0.0.8 which is vulnerable to CVE-2025-36000, CVE-2020-36732 and CVE-2025-36124. This bulletin contains information regarding the vulnerability and its fixture. Vulnerabilit...

7.5CVSS6.5AI score0.01075EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/19 8:45 a.m.5 views

Security Bulletin: Vulnerability in libxml2 library (CVE-2025-32415) affects Power HMC.

Summary The libxml2 library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2025-32415 DESCRIPTION: In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer...

7.5CVSS6.8AI score0.00527EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/19 5:33 p.m.8 views

Security Bulletin: IBM SPSS Analytic Server is affected by multiple vulnerabilities in IBM WebSphere Application Server Liberty (CVE-2024-56339, CVE-2025-36047, CVE-2025-36124, CVE-2025-36000, CVE-2025-36097, CVE-2025-48976)

Summary IBM SPSS Analytic Server is affected by multiple vulnerabilities in IBM WebSphere Application Server Liberty CVE-2024-56339,CVE-2025-36047, CVE-2025-36124, CVE-2025-36000, CVE-2025-36097, CVE-2025-48976. This has been addressed in the remediation section. Vulnerability Details...

7.5CVSS6.8AI score0.63258EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/04 9:5 a.m.5 views

Security Bulletin: The IBM Engineering Test Management product using WebSphere Application Server traditional is affected by a denial of service due to Apache Commons FileUpload (CVE-2025-48976)

Summary There is a vulnerability in Apache Commons FileUpload which affects IBM WebSphere Application Server traditional and affects IBM WebSphere Application Server Liberty with the servlet-3.0, servlet-3.1, servlet-4.0, servlet-5.0 or servlet-6.0 feature enabled. It has been addressed in this...

7.5CVSS7.5AI score0.63258EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/07/07 5:41 a.m.17 views

Security Bulletin: Vulnerabilities in libxml2 library (CVE-2024-56171, CVE-2025-24928) affect Power HMC.

Summary The libxml2 library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2024-56171 DESCRIPTION: libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables and...

9.8CVSS8AI score0.0113EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/06/18 4:1 p.m.5 views

Security Bulletin: The Mailbox User Interface of IBM Sterling B2B Integrator and IBM Sterling File Gateway are vulnearble to XSS (CVE-2024-54183)

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway has addressed XSS in the mailbox user interface Vulnerability Details CVEID:CVE-2024-54183 DESCRIPTION: IBM Sterling B2B Integrator and IBM Sterling File Gateway is vulnerable to cross-site scripting. This vulnerability allows an...

5.4CVSS5.2AI score0.0017EPSS
Exploits0Affected Software1
Exploit DB
Exploit DB
added 2025/06/15 12:0 a.m.359 views

Parrot and DJI variants Drone OSes - Kernel Panic Exploit

!/usr/bin/env python3 Exploit Title: Parrot and DJI variants Drone OSes - Kernel Panic Exploit Author: Mohammed Idrees Banyamer Instagram: @banyamersecurity GitHub: https://github.com/mbanyamer Date: 2025-06-10 Tested on: Parrot QRD, Parrot Alpha-M, DJI QRD, DJI Alpha-M CVE: CVE-2025-37928 Type:...

7.8CVSS7.2AI score0.00618EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2025/06/13 4:17 p.m.6 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a sensitive information exposure in Golang crypto/internal/nistec [CVE-2025-22866]

Summary IBM Watson Speech Services Cartridge is vulnerable to a sensitive information exposure in the Golang crypto/internal/nistec package, due to the usage of a variable time instruction in the assembly implementation of an internal function, which may allow a small number of bits of secret...

4CVSS4.8AI score0.00272EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/05/28 3:19 p.m.11 views

Security Bulletin: SPSS Collaboration and Deployment Services is affected by vulnerability in Apache Commons BCEL

Summary SPSS Collaboration and Deployment Services is affected by vulnerability in Apache Commons BCEL. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2022-42920 DESCRIPTION: Apache Commons BCEL could allow a remote attacker to bypass security restrictions,...

9.8CVSS6.9AI score0.02836EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/22 10:57 p.m.4 views

CVE-2022-32553

Pure Storage FlashArray products running Purity//FA 6.2.0 - 6.2.3, 6.1.0 - 6.1.12, 6.0.0 - 6.0.8, 5.3.0 - 5.3.17, 5.2.x and prior Purity//FA releases, and Pure Storage FlashBlade products running Purity//FB 3.3.0, 3.2.0 - 3.2.4, 3.1.0 - 3.1.12, 3.0.x and prior Purity//FB releases are vulnerable t...

9CVSS7.3AI score0.01047EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:55 p.m.7 views

CVE-2022-32552

Pure Storage FlashArray products running Purity//FA 6.2.0 - 6.2.3, 6.1.0 - 6.1.12, 6.0.0 - 6.0.8, 5.3.0 - 5.3.17, 5.2.x and prior Purity//FA releases, and Pure Storage FlashBlade products running Purity//FB 3.3.0, 3.2.0 - 3.2.4, 3.1.0 - 3.1.12, 3.0.x and prior Purity//FB releases are vulnerable t...

9CVSS7.3AI score0.01047EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:25 p.m.5 views

CVE-2022-32554

Pure Storage FlashArray products running Purity//FA 6.2.0 - 6.2.3, 6.1.0 - 6.1.12, 6.0.0 - 6.0.8, 5.3.0 - 5.3.17, 5.2.x and prior Purity//FA releases, and Pure Storage FlashBlade products running Purity//FB 3.3.0, 3.2.0 - 3.2.4, 3.1.0 - 3.1.12, 3.0.x and prior Purity//FB releases are vulnerable t...

10CVSS7.9AI score0.01176EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/05/08 3:24 p.m.20 views

Security Bulletin: IBM Asset Data Dictionary uses netty-handler-4.1.108.Final.jar which is vulnerable to CVE-2025-24970.

Summary IBM Asset Data Dictionary uses netty-handler-4.1.108.Final.jar which is vulnerable to CVE-2025-24970. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-24970 DESCRIPTION: Netty, an asynchronous, event-driven network...

7.5CVSS6.9AI score0.01966EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/05/01 9:23 p.m.7 views

Security Bulletin: IBM Watson Speech Services Cartridge v5.1.2 is vulnerable to a Base OS issue in LibYAML (CVE-2024-35325)

Summary IBM Watson Speech Services Cartridge v5.1.2 is vulnerable to a Base OS issue in LibYAML , caused by a double-free in the function yamleventdelete of the file /src/libyaml/src/api.c CVE-2024-35325. We have updated the base image used by our Speech Services and the following vulnerability h...

9.5AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/05/01 7:49 p.m.13 views

Security Bulletin: IBM Watson Speech Services Cartridge v4.8.8 is vulnerable to a security information disclosure in VMware Tanzu Spring [CVE-2024-38819]

Summary IBM Watson Speech Services Cartridge is vulnerable to a security information disclosure in VMware Tanzu Spring, due to path traversal exposures through the functional web framework: WebMvc.fn or WebFlux.fn CVE-2024-38819. VMware Tanzu Spring is used in our Speech microservices. This...

7.5CVSS6.3AI score0.54862EPSS
Exploits6Affected Software1
Rows per page
Query Builder