Lucene search
K

13330 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2022/11/02 12:59 p.m.22 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server Liberty shipped with IBM Business Automation Workflow (CVE-2022-34165)

Summary WebSphere Application Server Liberty is shipped as part of IBM Business Automation Workflow containers and as part of the optional components Process Federation Server since 8.5.6, and User Management Service since 18.0.0.1 in IBM Business Automation Workflow traditional. Information abou...

5.4CVSS6AI score0.00441EPSS
Exploits0Affected Software2
CNNVD
CNNVD
added 2022/11/02 12:0 a.m.4 views

IBM MQ 输入验证错误漏洞

IBM MQ IBM WebSphere MQ is a messaging middleware product from International Business Machines IBM, Inc. The product provides a reliable, authenticated messaging backbone primarily for service-oriented architectures SOA.IBM MQ has an input validation error vulnerability that could be exploited by...

6.5CVSS6.5AI score0.0071EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/01 9:19 p.m.16 views

Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is vulnerable to cross-site scripting in the Admin Console (CVE-2022-40750)

Summary IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is vulnerable to cross-site scripting in the Admin Console CVE-2022-40750 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions...

5.4CVSS5.4AI score0.00371EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/01 9:15 p.m.25 views

Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM WebSphere Hybrid Edition, is vulnerable to cross-site scripting in the Admin Console (CVE-2022-40750)

Summary IBM WebSphere Application Server, which is bundled with IBM WebSphere Hybrid Edition, is vulnerable to cross-site scripting in the Admin Console CVE-2022-40750 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions...

5.4CVSS5.4AI score0.00371EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/01 9:7 p.m.22 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM WebSphere Remote Server (CVE-2022-38712)

Summary IBM WebSphere Application Server is shipped with IBM WebSphere Remote Server. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the...

5.9CVSS5.6AI score0.00475EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/01 9:6 p.m.17 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM WebSphere Remote Server (CVE-2022-40750)

Summary IBM WebSphere Application Server is shipped with IBM WebSphere Remote Server. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the...

5.4CVSS5.4AI score0.00371EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/01 4:2 p.m.41 views

Security Bulletin: Vulnerabilities in IBM WebSphere Application Server Liberty may affect IBM Spectrum Protect for Workstations Central Administration Console (CVE-2022-24839)

Summary IBM Spectrum Protect for Workstations Central Administration Console requires the dependent product IBM WebSphere Application Server Liberty. Information about security vulnerabilities affecting IBM WebSphere Application Server Liberty has been published in security bulletins. Refer to th...

7.5CVSS7.7AI score0.02114EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/01 3:59 p.m.33 views

Security Bulletin: IBM WebSphere Application Server is vulnerable to cross-site scripting in the Admin Console (CVE-2022-40750)

Summary IBM WebSphere Application Server is vulnerable to cross-site scripting in the Admin Console when using the Application Migration Report function. This has been addressed. Vulnerability Details CVEID:CVE-2022-40750 DESCRIPTION: IBM WebSphere Application Server is vulnerable to cross-site...

5.4CVSS5.3AI score0.00371EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/01 2:44 p.m.28 views

Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere Application Server used by IBM Master Data Management

Summary IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force...

6.1CVSS5.9AI score0.00495EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2022/11/01 12:0 a.m.1 views

IBM WebSphere Application Server 跨站脚本漏洞

IBM WebSphere Application Server WAS is an application server product from International Business Machines IBM. The product is a platform for JavaEE and Web services applications and is the foundation of the IBM WebSphere software platform. A security vulnerability exists in IBM WebSphere...

5.4CVSS6.1AI score0.00371EPSS
Exploits0References7
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/28 9:48 a.m.46 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server Liberty shipped with IBM Business Automation Workflow (CVE-2022-37734)

Summary WebSphere Application Server Liberty is shipped as part of IBM Business Automation Workflow containers and as part of the optional components Process Federation Server since 8.5.6, and User Management Service since 18.0.0.1 in IBM Business Automation Workflow traditional. Information abou...

7.5CVSS7.7AI score0.02121EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/27 7:18 p.m.46 views

Security Bulletin: A security vulnerability has been identified in IBM HTTP Server shipped with IBM WebSphere Remote Server (CVE-2022-40674)

Summary IBM HTTP Server is shipped with IBM WebSphere Remote Server. Information about a security vulnerability affecting IBM HTTP Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and...

8.1CVSS8.6AI score0.01659EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/27 6:27 p.m.28 views

Security Bulletin: CP4D Match 360 is vulnerable to HTTP header injection within IBM WebSphere Application Server Liberty (CVE-2022-34165)

Summary CP4D Match 360 is vulnerable to HTTP header injection within IBM WebSphere Application Server Liberty. IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.9 are vulnerable to HTTP header injection, caused by improper validation. This could allow an attacker to conduct various...

5.4CVSS5.6AI score0.00441EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/27 5:12 p.m.23 views

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to WebSphere Application Server Liberty identity spoofing (CVE-2022-24476)

Summary Potential vulnerabilities in WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.7 and Open Liberty identity spoofing by an authenticated user using a specially crafted requestCVE-2022-24476 has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. Refe...

8.8CVSS6.9AI score0.00642EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/27 3:50 p.m.22 views

Security Bulletin: A vulnerability (CVE-2022-24839) in WebSphere Application Server Liberty affects IBM TXSeries for Multiplatforms

Summary WebSphere Application Server Liberty is used by IBM TXSeries for Multiplatforms to provide a web based administration console and to provide web services support. The fix removes vulnerability CVE-2022-24839, in the Neko HTML library used by IBM WebSphere Application Server Liberty, that...

7.5CVSS7.3AI score0.02114EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/27 3:18 p.m.45 views

Security Bulletin: Multiple vulnerabilities present in IBM Answer Retrieval for Watson Discovery versions 2.8 and earlier

Summary This fix upgrades to Websphere Liberty 22.0.0.10, NodeJs 14.20.1, Jackson 2.14.0-rc1, Protobuf 3.16.3, Apache commons-text 1.10.0 Vulnerability Details CVEID:CVE-2022-35256 DESCRIPTION: Node.js is vulnerable to HTTP request smuggling, caused by the failure to correctly handle header field...

9.8CVSS9.1AI score0.99931EPSS
Exploits46Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/27 10:18 a.m.41 views

Security Bulletin: IBM MQ is affected by an identity spoofing issue in IBM WebSphere Application Server Liberty (CVE-2022-22476)

Summary An issue was identified in IBM WebSphere Application Server Liberty which IBM MQ ships and uses to supply MQ Console and MQ REST API functionality. Vulnerability Details CVEID:CVE-2022-22476 DESCRIPTION: IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.7 and Open Liberty a...

8.8CVSS6.5AI score0.00642EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/27 10:9 a.m.24 views

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to WebSphere Application Server Liberty Denial of Service due to Neko HTML (CVE-2022-24839)

Summary Potential vulnerabilities in WebSphere Application Server Liberty Denial of Service due to Neko HTML CVE-2022-24839 has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. Refer to details for additional information. Vulnerability Details CVEID:CVE-2022-24839...

7.5CVSS7.6AI score0.02114EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/26 3:8 p.m.38 views

Security Bulletin: IBM WebSphere Application Server Liberty is vulnerable to denial of service due to GraphQL Java (CVE-2022-37734)

Summary There is a vulnerability in the GraphQL Java library used by IBM WebSphere Application Server Liberty with the mpGraphQL-1.0 or mpGraphQL-2.0 feature enabled. This has been addressed. Vulnerability Details CVEID:CVE-2022-37734 DESCRIPTION: GraphQL Java is vulnerable to a denial of service...

7.5CVSS7.3AI score0.02121EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/26 2:25 p.m.42 views

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Apr 2022and Jul 2022

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 8 that are used by Rational Software Architect Designer and Rational Software Architect Designer for Websphere Software. These issues were disclosed as part of the IBM Java SDK updates in Apr 2022 and Jul 20...

5.9CVSS7.3AI score0.06468EPSS
Exploits0Affected Software1
Rows per page
Query Builder