Lucene search
K

13318 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2022/12/05 7:0 p.m.37 views

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities

Summary IBM Cloud Transformation Advisor has addressed multiple security vulnerabilities. CVE-2021-39031, CVE-2020-28469 Vulnerability Details CVEID:CVE-2020-28469 DESCRIPTION: Node.js glob-parent module is vulnerable to a denial of service. By sending a specially-crafted request, a remote attack...

8.8CVSS8.1AI score0.04456EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/05 7:0 p.m.50 views

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities

Summary IBM Cloud Transformation Advisor has addressed multiple security vulnerabilities including those in Node.js, swagger, jQuery, Netty, Apache commons, validator.js, Chalk ansi-regex, Json-schema, Java SE and IBM WebSphere Application Server Liberty. Vulnerability Details CVEID:CVE-2021-4453...

9.8CVSS9.7AI score0.99019EPSS
Exploits29Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/05 7:0 p.m.43 views

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities

Summary IBM Cloud Transformation Advisor has addressed multiple security vulnerabilities including those in Node.js, IBM WebSphere Application Server Liberty and various other libraries. Vulnerability Details CVEID:CVE-2021-2163 DESCRIPTION: An unspecified vulnerability in Java SE related to the...

9.8CVSS10AI score0.99931EPSS
Exploits50Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/05 7:0 p.m.37 views

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities

Summary IBM Cloud Transformation Advisor has addressed multiple security vulnerabilities including those in Node.js, IBM WebSphere Application Server Liberty and various other libraries. Vulnerability Details CVEID:CVE-2022-32212 DESCRIPTION: Node.js could allow a remote attacker to execute...

8.1CVSS9AI score0.77278EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/05 4:59 p.m.37 views

Security Bulletin: Security vulnerabilities fixed in IBM WebSphere Operational Decision Management and IBM WebSphere ILOG JRules

Abstract List of security vulnerabilities fixed in WebSphere Operational Decision Management V7.5 and V8.0 and WebSphere ILOG JRules 7.1 Content VULNERABILITY DETAILS: CVE ID:CVE-2012-2161 DESCRIPTION: The IEHS IBM Eclipse Help System component has a cross-site scripting vulnerability CVSS: CVSS...

5.8CVSS8.9AI score0.01843EPSS
Exploits1Affected Software3
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/05 11:16 a.m.32 views

Security Bulletin: A security vulnerability has been identified in WebSphere Application Server traditional shipped with IBM Intelligent Operations Center (CVE-2022-40750)

Summary IBM WebSphere Application Server traditional is shipped with IBM Intelligent Operations Center. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in...

5.4CVSS1.9AI score0.00371EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/05 10:19 a.m.27 views

Security Bulletin: Multiple vulnerabilities in IBM WebSphere Application Server Liberty may affect IBM Spectrum Scale

Summary Multiple vulnerabilities in IBM WebSphere Application Server Liberty, used by IBM Spectrum Scale, which could allow identity spoofing by an authenticated user and cross-site scripting. Fix is available. Vulnerability Details CVEID:CVE-2022-22476 DESCRIPTION: IBM WebSphere Application Serv...

8.8CVSS6.6AI score0.00642EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/02 11:51 p.m.31 views

Security Bulletin: Vulnerability has been identified in WebSphere Application Server Liberty shipped with Cloud Pak System (CVE-2022-24839)

Summary Vulnerability has been identified in WebSsphere Application Server Liberty shipped wioth Cloud Pak System. IBM Cloud Pak System ships with optional Single- Sign-On SSO feature. Information about a security vulnerability affecting IBM WebSphere Application Server Liberty have been publishe...

7.5CVSS7.6AI score0.02114EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/02 7:43 p.m.56 views

Security Bulletin: IBM Cognos Controller has addressed multiple vulnerabilities

Summary This Security Bulletin addresses multiple vulnerabilities that have been remediated in IBM Cognos Controller 10.4.2 FP2 and 10.4.1 IF15 . There are multiple vulnerabilities in IBM® Runtime Environment Java™ used by IBM Cognos Controller. The applicable CVEs have been addressed by upgradin...

9.8CVSS10AI score0.99677EPSS
Exploits128Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/02 6:37 a.m.24 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Tivoli Netcool/OMNIbus WebGUI (CVE-2022-38712)

Summary Websphere Application Server WAS is shipped as a component of Tivoli Netcool/OMNIbus WebGUI. Information about a security vulnerability affecting WAS has been published in a security bulletin. Vulnerability Details CVEID:CVE-2022-38712 DESCRIPTION: IBM WebSphere Application Server 7.0, 8....

5.9CVSS5.8AI score0.00475EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/02 6:16 a.m.23 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Tivoli Netcool/OMNIbus WebGUI (CVE-2022-40750)

Summary Websphere Application Server WAS is shipped as a component of Tivoli Netcool/OMNIbus WebGUI. Information about a security vulnerability affecting WAS has been published in a security bulletin. Vulnerability Details CVEID:CVE-2022-40750 DESCRIPTION: IBM WebSphere Application Server 7.0, 8....

5.4CVSS5.5AI score0.00371EPSS
Exploits0Affected Software1
Packet Storm
Packet Storm
added 2022/12/02 12:0 a.m.290 views

IBM Websphere Application Server 7.0 Cross Site Scripting

Exploit Title: IBM Websphere Application Server 7.0 - Persistent Cross-Site Scripting Authenticated Date: 2022-12-02 Author: Milad karimi Software Link: https://www.ibm.com/support/pages/6107-websphere-application-server-v61-fix-pack-7-windows Version: 7.0 Tested on: Windows 10 CVE: 2009-0855 1...

4.3CVSS6.7AI score0.05979EPSS
Exploits1
OSV
OSV
added 2022/12/01 7:15 p.m.4 views

CVE-2022-43900

IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps 1.4.2 could provide a weaker than expected security. A local attacker can create an outbound network connection to another system. IBM X-Force ID: 240827...

6.5CVSS5.8AI score0.00168EPSS
Exploits0References2
NVD
NVD
added 2022/12/01 7:15 p.m.24 views

CVE-2022-43901

IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps 1.4.3 could disclose sensitive information. An authenticated local attacker could exploit this vulnerability to possibly gain information to other IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps components. IBM X-Force ID:...

5.7CVSS0.00194EPSS
Exploits0References2
NVD
NVD
added 2022/12/01 7:15 p.m.18 views

CVE-2022-43900

IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps 1.4.2 could provide a weaker than expected security. A local attacker can create an outbound network connection to another system. IBM X-Force ID: 240827...

6.5CVSS0.00168EPSS
Exploits0References2
OSV
OSV
added 2022/12/01 7:15 p.m.3 views

CVE-2022-43901

IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps 1.4.3 could disclose sensitive information. An authenticated local attacker could exploit this vulnerability to possibly gain information to other IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps components. IBM X-Force ID:...

5.5CVSS5.7AI score0.00194EPSS
Exploits0References2
Prion
Prion
added 2022/12/01 7:15 p.m.13 views

Code injection

IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps 1.4.2 could provide a weaker than expected security. A local attacker can create an outbound network connection to another system. IBM X-Force ID: 240827...

1.7CVSS6.2AI score0.00168EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/12/01 6:9 p.m.10 views

CVE-2022-43901 IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps information disclosure

IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps 1.4.3 could disclose sensitive information. An authenticated local attacker could exploit this vulnerability to possibly gain information to other IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps components. IBM X-Force ID:...

5.7CVSS5.3AI score0.00194EPSS
Exploits0References2
CVE
CVE
added 2022/12/01 6:9 p.m.54 views

CVE-2022-43901

IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps 1.4.3 is affected by CVE-2022-43901, which could disclose sensitive information. The issue is an information disclosure vulnerability enabling an authenticated local attacker to potentially access data across IBM WebSphere Automation com...

5.7CVSS5.2AI score0.00194EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/12/01 6:0 p.m.11 views

CVE-2022-43900 IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps security bypass

IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps 1.4.2 could provide a weaker than expected security. A local attacker can create an outbound network connection to another system. IBM X-Force ID: 240827...

5.3CVSS6.2AI score0.00168EPSS
Exploits0References2
Rows per page
Query Builder