Lucene search
K

13358 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2022/09/29 12:5 a.m.27 views

Security Bulletin: Vulnerabilities in IBM Java Runtime and IBM WebSphere Application Server Liberty affect IBM Spectrum Protect Backup-Archive Client, IBM Spectrum Protect for Space Management, and IBM Spectrum Protect for Virtual Environments

Summary IBM Spectrum Protect Backup-Archive Client, IBM Spectrum Protect for Space Management, and IBM Spectrum Protect for Virtual Environments may be affected by the below IBM Java and IBM WebSphere Application Server Liberty vulnerabilities CVEs. Vulnerability Details CVEID:CVE-2022-22476...

8.8CVSS6.7AI score0.02651EPSS
Exploits0Affected Software3
CNNVD
CNNVD
added 2022/09/29 12:0 a.m.5 views

IBM WebSphere MQ 安全漏洞

IBM WebSphere MQ is a system from International Business Machines IBM, Inc. A denial-of-service vulnerability exists in IBM WebSphere MQ version 7.1. A remote attacker could use this vulnerability to bypass security configuration settings and cause a denial of service...

7.5CVSS6.6AI score0.01693EPSS
Exploits0References3
CNVD
CNVD
added 2022/09/29 12:0 a.m.26 views

IBM WebSphere Application Server Code Issue Vulnerability (CNVD-2022-66768)

IBM WebSphere Application Server WAS is an application server product from International Business Machines IBM. The product is a platform for JavaEE and Web services applications and is the foundation of the IBM WebSphere software platform. A code issue vulnerability exists in IBM WebSphere...

6.5CVSS6.3AI score0.00304EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/28 4:48 p.m.28 views

Security Bulletin: IBM WebSphere Application Server Liberty is vulnerable to a Denial of Service due to Neko HTML (CVE-2022-24839)

Summary There is a vulnerability in the Neko HTML library used by IBM WebSphere Application Server Liberty with the openid-2.0 feature enabled. This has been addressed. Vulnerability Details CVEID:CVE-2022-24839 DESCRIPTION: Sparkle Motion Nokogiri is vulnerable to a denial of service, caused by ...

7.5CVSS7.3AI score0.02114EPSS
Exploits0Affected Software1
OSV
OSV
added 2022/09/28 4:15 p.m.2 views

CVE-2022-35282

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to server-side request forgery SSRF. By sending a specially crafted request, an attacker with local network access could exploit this vulnerability to obtain sensitive data...

6.5CVSS5.8AI score0.00304EPSS
Exploits0References2
NVD
NVD
added 2022/09/28 4:15 p.m.10 views

CVE-2022-35282

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to server-side request forgery SSRF. By sending a specially crafted request, an attacker with local network access could exploit this vulnerability to obtain sensitive data...

6.5CVSS0.00304EPSS
Exploits0References2
Prion
Prion
added 2022/09/28 4:15 p.m.23 views

Server side request forgery (ssrf)

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to server-side request forgery SSRF. By sending a specially crafted request, an attacker with local network access could exploit this vulnerability to obtain sensitive data...

3.3CVSS6.2AI score0.00304EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2022/09/28 3:55 p.m.84 views

CVE-2022-35282

CVE-2022-35282 affects IBM WebSphere Application Server (WAS) 7.0, 8.0, 8.5, and 9.0. The issue is a server-side request forgery (SSRF) vulnerability allowing a locally reachable attacker to obtain sensitive data via a crafted request. Connected IBM security bulletins document affected products/v...

6.5CVSS6.1AI score0.00304EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/09/28 3:55 p.m.2 views

CVE-2022-35282

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to server-side request forgery SSRF. By sending a specially crafted request, an attacker with local network access could exploit this vulnerability to obtain sensitive data...

4.3CVSS6.3AI score0.00304EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/09/28 3:55 p.m.17 views

CVE-2022-35282

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to server-side request forgery SSRF. By sending a specially crafted request, an attacker with local network access could exploit this vulnerability to obtain sensitive data...

4.3CVSS6.4AI score0.00304EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/28 3:53 p.m.16 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM WebSphere Remote Server (CVE-2022-35282)

Summary IBM WebSphere Application Server is shipped with IBM WebSphere Remote Server. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the...

6.5CVSS5.2AI score0.00304EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/28 10:52 a.m.29 views

Security Bulletin: TXSeries for Multiplatforms is vulnerable to a denial of service exposure due to IBM SDK, Java Technology Edition

Summary IBM SDK, Java Technology Edition is used by TXSeries for Multiplatforms to run WebSphere Liberty, Fix Installer and Java based CICS applications. The fix removes the denial of service vulnerability CVE-2022-21299 from IBM SDK, JTE. Vulnerability Details CVEID:CVE-2022-21299 DESCRIPTION: A...

5.3CVSS5.2AI score0.03458EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/28 8:0 a.m.28 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Tivoli Netcool/OMNIbus WebGUI (CVE-2022-35282)

Summary Websphere Application Server WAS is shipped as a component of Tivoli Netcool/OMNIbus WebGUI. Information about a security vulnerability affecting WAS has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

6.5CVSS5.2AI score0.00304EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/28 7:29 a.m.15 views

Security Bulletin: A vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Buinses Automation Workflow and IBM Business Process Manager (CVE-2022-34336)

Summary WebSphere Application Server is shipped as a component of IBM Business Automation Workflow and IBM Business Process Manager. Information about a security vulnerability affecting IBM WebSphere Application Server Traditional have been published in a security bulletin. Vulnerability Details...

5.4CVSS5.6AI score0.00412EPSS
Exploits0Affected Software6
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/28 4:15 a.m.29 views

Security Bulletin: Vulnerabilities in IBM Semeru Runtime affect SPSS Collaboration and Deployment Services (CVE-2022-21496, CVE-2022-21426)

Summary There are vulnerabilities in IBM® Semeru Runtime Open Edition 11 used by SPSS Collaboration and Deployment Services. The issues have been addressed. Vulnerability Details CVEID:CVE-2022-21496 DESCRIPTION: An unspecified vulnerability in Java SE related to the JNDI component could allow an...

5.3CVSS6.9AI score0.03028EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/28 3:9 a.m.80 views

Security Bulletin: A vulnerability in IBM Java Runtime affects SPSS Collaboration and Deployment Services (CVE-2022-21496)

Summary There is a vulnerability in IBM® Runtime Environment Java™ Version 8 used by SPSS Collaboration and Deployment Services. This issue has been addressed. Vulnerability Details CVEID:CVE-2022-21496 DESCRIPTION: An unspecified vulnerability in Java SE related to the JNDI component could allow...

5.3CVSS6AI score0.02651EPSS
Exploits0Affected Software1
NCSC
NCSC
added 2022/09/28 12:0 a.m.4 views

Vulnerabilities fixed in IBM WebSphere Application Server and QRadar

IBM has fixed vulnerabilities in WebSphere Application Server and QRadar User Behavior Analytics. The vulnerabilities allow a malicious party able to gain access to system data or execute a Server-Side Request Forgery. Both vulnerabilities require that a malicious party already has access to the...

6.5CVSS6.8AI score0.00478EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2022/09/28 12:0 a.m.1 views

PT-2022-22684 · Ibm · Ibm Websphere Application Server

Name of the Vulnerable Software and Affected Versions: IBM WebSphere Application Server versions 7.0 through 9.0 Description: The issue allows an attacker with local network access to exploit the server-side request forgery SSRF vulnerability by sending a specially crafted request, potentially...

6.5CVSS5.3AI score0.00304EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/27 6:55 p.m.40 views

Security Bulletin: IBM WebSphere Application Server is vulnerable to Server-Side Request Forgery (CVE-2022-35282)

Summary IBM WebSphere Application Server is vulnerable to a server-side request forgery vulnerability. This has been addressed. Vulnerability Details CVEID:CVE-2022-35282 DESCRIPTION: IBM WebSphere Application Server is vulnerable to server-side request forgery SSRF. By sending a specially crafte...

6.5CVSS5AI score0.00304EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/27 4:43 p.m.28 views

Security Bulletin: IBM Tivoli Composite Application Manager for Application Diagnostics Installed WebSphere Application Server is vulnerable to Cross-site Scripting (CVE-2022-22477)

Summary The security issue described in CVE-2022-22477 has been identified in the WebSphere Application Server included as part of IBM Tivoli Composite Application Manager for Application Diagnostics Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

6.1CVSS6.3AI score0.00495EPSS
Exploits0Affected Software1
Rows per page
Query Builder