Lucene search
K

9 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/06/05 8:14 a.m.8 views

Security Bulletin: IBM watsonx.ai on Cloud Pak for Data is vulnerable to python-Python-3.12.0b4 (Publicly disclosed vulnerability found by Mend) due to python pip package ( CVE-2023-5752, PRISMA-2022-0168)

Summary IBM watsonx.ai on Cloud Pak for Data internally uses CVE-2023-5752 Vulnerability Details CVEID:CVE-2023-5752 DESCRIPTION: When installing a package from a Mercurial VCS URL ie "pip install hg+..." with pip prior to v23.3, the specified Mercurial revision could be used to inject arbitrary...

5.5CVSS6.5AI score0.00476EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/04 2:25 p.m.7 views

Security Bulletin: Vulnerability in Pillowy affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in Pillow has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerabilit...

8.6CVSS6.5AI score0.00367EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/04 2:25 p.m.8 views

Security Bulletin: Vulnerability in node-tar affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in node-tar has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information...

8.2CVSS6.8AI score0.00541EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/04 2:25 p.m.7 views

Security Bulletin: Vulnerability in wheel affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in wheel has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerability...

7.1CVSS7.3AI score0.00311EPSS
Exploits2Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/27 8:56 p.m.8 views

Security Bulletin: DataStage on Cloud Pak for Data is vulnerable to regular expression denial of service (ReDoS) due to the transformers package (CVE-2025-2099)

Summary The transformers package is used by DataStage on Cloud Pak for Data as part of machine learning processing. Vulnerability Details CVEID:CVE-2025-2099 DESCRIPTION: A vulnerability in the preprocessstring function of the transformers.testingutils module in huggingface/transformers version...

7.5CVSS5.5AI score0.00507EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/14 5:11 p.m.4 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to incorrect parse function values in net/url (CVE-2025-47912)

Summary IBM Watson Speech Services Cartridge is vulnerable to a condition in net/url that allows incorrect parse function values other than IPv6 addresses to be included in square brackets within the host component of a URL CVE-2025-47912, Net/url is used in our speech-utilities. This...

5.3CVSS7AI score0.00443EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/13 8:55 p.m.4 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in pyasn1-0.6.1.tar.gz

Summary IBM Watson Discovery Cartridge affected by vulnerability in pyasn1-0.6.1.tar.gz Vulnerability Details CVEID:CVE-2026-23490 DESCRIPTION: pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.2, a Denial-of-Service issue has been found that leads to memory exhaustion from malformed...

7.5CVSS5.7AI score0.00679EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/05 8:20 p.m.7 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in logback-core-1.3.15.jar

Summary IBM Watson Discovery Cartridge affected by vulnerability in logback-core-1.3.15.jar Vulnerability Details CVEID:CVE-2025-11226 DESCRIPTION: ACE vulnerability in conditional configuration file processing by QOS.CH logback-core up to and including version 1.5.18 in Java applications, allows...

7CVSS6.2AI score0.00181EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2009/11/23 12:0 a.m.9 views

PT-2009-5845 · Php · Php

Name of the Vulnerable Software and Affected Versions: PHP versions 5.3.x before 5.3.1 Description: The issue in PHP does not recognize the safe mode include dir directive, which allows context-dependent attackers to have an unknown impact by triggering the failure of PHP scripts that perform...

7.5CVSS4.8AI score0.02696EPSS
Exploits0References13
Rows per page
Query Builder