Lucene search
K

36 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/06/23 10:33 a.m.47 views

Security Bulletin: IBM Spectrum Control is vulnerable to multiple weaknesses related to OpenSSL

Summary Vulnerabilities in OpenSSL such as denial of service, may affect IBM Spectrum Control. Vulnerability Details CVEID:CVE-2022-4450 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a double-free error related to the improper handling of specific PEM data by the PEMreadbio...

7.5CVSS6.9AI score0.20444EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/22 6:30 p.m.23 views

Security Bulletin: IBM Storage Protect Server is vulnerable to denial of service due to Java SE (CVE-2022-21426)

Summary Java SE is used by the IBM Storage Protect Server and may be affected by this vulnerability. Vulnerability Details CVEID:CVE-2022-21426 DESCRIPTION: An unspecified vulnerability in Java SE related to the JAXP component could allow an unauthenticated attacker to cause a denial of service...

5.3CVSS5.9AI score0.03203EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/30 5:31 p.m.78 views

Security Bulletin: Multiple vulnerabilities affect IBM Tivoli Monitoring embedded WebSphere Application and IHS server

Summary The following security issues have been identified in the WebSphere Application Server and IHS server included as part of IBM Tivoli Monitoring ITM portal server. Vulnerability Details CVEID:CVE-2019-4670 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a...

9.8CVSS8.7AI score0.33937EPSS
Exploits1Affected Software1
IBM AIX
IBM AIX
added 2022/09/12 3:7 p.m.41 views

AIX is vulnerable to a denial of service due to libxml2 (CVE-2022-29824)

IBM SECURITY ADVISORY First Issued: Mon Sep 12 15:07:01 CDT 2022 |Updated: Mon Dec 12 12:49:47 CST 2022 |Update: Added iFixes for AIX 7.2 TL5 SP5 and VIOS 3.1.4.10. The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/libxml2advisory3.asc...

6.5CVSS7AI score0.0363EPSS
Exploits5
IBM AIX
IBM AIX
added 2022/07/28 1:39 p.m.184 views

IBM PowerVM VIOS could allow a remote attacker to tamper with system configuration or cause a denial of service

IBM SECURITY ADVISORY First Issued: Thu Jul 28 13:39:29 CDT 2022 The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/viosadvisory.asc https://aix.software.ibm.com/aix/efixes/security/viosadvisory.asc...

9.1CVSS8.7AI score0.01179EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2022/03/30 3:22 p.m.33 views

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in XStream

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of XStream. Vulnerability Details CVEID: CVE-2021-43859 DESCRIPTION: XStream is vulnerable to a denial of service, caused by improper input validation. By injecting highly recursive collections or maps, a remote...

7.5CVSS1.6AI score0.07934EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/03/14 11:20 p.m.15 views

Security Bulletin: Vulnerability in IBM Dojo affects IBM Spectrum Protect Operations Center (CVE-2021-23450)

Summary IBM Spectrum Protect Operations Center may be affected by a vulnerability in IBM Dojo CVE-2021-23450 which could allow a remote attacker to execute arbitrary code on the system. Vulnerability Details CVEID: CVE-2021-23450 DESCRIPTION: Dojo could allow a remote attacker to execute arbitrar...

9.8CVSS9.5AI score0.30367EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/06/14 9:22 p.m.34 views

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Spectrum Protect Backup-Archive Client NetApp Services (CVE-2020-1971, CVE-2021-23840, CVE-2021-23841)

Summary OpenSSL vulnerabilities were disclosed on December 8, 2020 and February 16, 2021 by the OpenSSL Project. OpenSSL, used by the IBM Spectrum Protect Backup-Archive Client for network connections with NetApp services, has addressed the applicable CVEs. UPDATED: 14 June 2021 - Added 7.1 fix...

7.5CVSS0.4AI score0.50732EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/05/03 3:14 p.m.33 views

Security Bulletin: Go can panic upon an attempt to process network traffic on IBM Watson Machine Learning on CP4D

Summary Go is vulnerable to a denial of service and can panic upon an attempt to process network traffic on IBM Watson Machine Learning on CP4D Vulnerability Details CVEID: CVE-2019-17596 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by a flaw when verifying invalid DSA publ...

7.5CVSS0.6AI score0.04693EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/05/03 3:9 p.m.29 views

Security Bulletin: Tensor Flow security vulnerabilities with segmentation fault on IBM Watson Machine Learning on CP4D

Summary TensorFlow is vulnerable to a denial of service and segmentation fault on IBM Watson Machine Learning on CP4D Vulnerability Details CVEID: CVE-2020-5215 DESCRIPTION: Tensorflow is vulnerable to a denial of service, caused by a flaw when converting a string from Python to a tf.float16 valu...

7.5CVSS1.3AI score0.00581EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/02/23 5:27 p.m.24 views

Security Bulletin: A vulnerability in IBM Java Runtime affects IBM MessageGateway

Summary There is a vulnerability in IBM Runtime Environment Java Version 8.0 used by IBM MessageGateway. This issue was disclosed as part of the IBM Java SDK updates in October, 2020. Vulnerability Details CVEID: CVE-2020-14782 DESCRIPTION: An unspecified vulnerability in Java SE related to the...

4.3CVSS1.5AI score0.02245EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/08/11 7:18 p.m.51 views

Security Bulletin: A vulnerability in jQuery affects IBM WIoTP MessageGateway (CVE-2020-7656)

Summary There is a vulnerability in jQuery that affects IBM WIoTP MessageGateway. Vulnerability Details CVEID: CVE-2020-7656 DESCRIPTION: jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the load method. A remote attacker could exploit this...

6.1CVSS1.1AI score0.06273EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/16 7:31 a.m.26 views

Security Bulletin: IBM Java Runtime Vulnerability affects the IBM Spectrum Protect Backup-Archive Client, IBM Spectrum Protect for Space Management, and IBM Spectrum Protect for Virtual Environments (CVE-2020-2654)

Summary A denial of service vulnerability in IBM® Runtime Environment Java™ was disclosed as part of the IBM Java SDK updates in January 2020. IBM® Runtime Environment Java™ is used by the IBM Spectrum Protect Backup-Archive Client, IBM Spectrum Protect for Space Management, and IBM Spectrum...

4.3CVSS1.7AI score0.03823EPSS
Exploits0Affected Software3
IBM Security Bulletins
IBM Security Bulletins
added 2020/05/07 4:56 a.m.29 views

Security Bulletin: A security vulnerability in IBM Websphere affects IBM Tivoli Netcool Performance Manager for Wireline (CVE-2013-0169)

Summary The Lucky Thirteen attack is a cryptographic timing attack against implementations of the Transport Layer Security TLS protocol that use the CBC mode of operation. An attacker could perform main in the middle attacks to successfully obtain plain text from the secure channel. Vulnerability...

0.4AI score0.35584EPSS
Exploits1Affected Software1
Malwarebytes
Malwarebytes
added 2020/04/23 12:0 p.m.44 views

Introducing Malwarebytes Privacy

Here at Malwarebytes, we’re no strangers to using virtual private networks VPNs to protect our privacy while browsing online. Regular readers of our blog will remember that we’ve advised on VPN usage on many occasions, whether for mobile device users looking for anonymity or business owners wanti...

0.9AI score
Exploits0
KoreLogic Security
KoreLogic Security
added 2017/09/25 12:0 a.m.12 views

Solarwinds LEM Insecure Update Process

Vulnerability Details Affected Vendor: Solarwinds Affected Product: Multiple Affected Version: Multiple Platform: Embedded Linux CWE Classification: CWE-284: Improper Access Control, CWE-346: Origin Validation Error Impact: Counterfeit Product Downloads Attack vector: HTTP 2. Vulnerability...

0.1AI score
Exploits0
Rows per page
Query Builder