Lucene search
+L

241 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2022/05/15 12:11 p.m.32 views

Security Bulletin: A vulnerability in IBM Java SDK affects IBM Standards Processing Engine and IBM Transformation Extender Advanced (CVE-2016-5597)

Summary There is a vulnerability in IBM® SDK Java™ Technology Edition, Version 7 and 8, that is used by IBM Standards Processing Engine and IBM Transformation Extender Advanced. This issue was disclosed as part of the IBM Java SDK updates for October 2016. Vulnerability Details CVEID: CVE-2016-55...

5.9CVSS1.6AI score0.03937EPSS
Exploits0Affected Software1
Code423n4
Code423n4
added 2022/04/13 12:0 a.m.6 views

[WP-H5] yVault.sol A malicious early user/attacker can manipulate the vault's pricePerShare to take an unfair share of future users' deposits

Lines of code Vulnerability details function deposituint256 amount public noContractmsg.sender requireamount 0, "INVALIDAMOUNT"; uint256 balanceBefore = balance; token.safeTransferFrommsg.sender, addressthis, amount; uint256 supply = totalSupply; uint256 shares; if supply == 0 shares = amount; el...

6.7AI score
Exploits0
Wired Threat Level
Wired Threat Level
added 2022/04/07 11:0 a.m.16 views

The Senate Bill That Has Big Tech Scared

The proposal would stop the biggest platforms from giving themselves an advantage over the little guys. Who's afraid of a little competition?...

1AI score
Exploits0
OpenVAS
OpenVAS
added 2022/02/15 12:0 a.m.11 views

Debian: Security Advisory (DSA-5075-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.1AI score0.0166EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2022/01/25 1:12 p.m.112 views

Security Bulletin: IBM Observability by Instana and IBM Observability with Instana - Server and Agents are vulnerable to denial of service and arbitrary code execution due to Apache Log4j (CVE-2021-45105, CVE-2021-45046)

Summary Vulnerabilities detected in Apache Log4j affects IBM Observability by Instana and IBM Observability with Instana. The CVE numbers are: CVE-2021-45105 and CVE-2021-45046. These vulnerabilities have been addressed in both the Server and Agent components. The fix includes Apache Log4j v2.17...

10CVSS1.3AI score0.99999EPSS
Exploits359Affected Software1
OSV
OSV
added 2022/01/05 5:15 p.m.15 views

CVE-2021-28712

Rogue backends can cause DoS of guests via high frequency events This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Xen offers the ability to run PV backends in regular unprivileged guests, typically referred to as "drive...

6.5CVSS6.9AI score
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2021/10/28 8:51 p.m.34 views

Security Bulletin: IBM Watson Compare and Comply for IBM Cloud Pak for Data affected by vulnerability in Apache PDFBox

Summary IBM Watson Compare and Comply for IBM Cloud Pak for Data contains a vulnerable version of Apache PDFBox. Vulnerability Details CVEID: CVE-2021-31811 DESCRIPTION: Apache PDFBox is vulnerable to a denial of service, caused by an out-of-memory exception while loading a file. By persuading a...

5.5CVSS1.1AI score0.03445EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/06/25 6:42 a.m.20 views

Security Bulletin: Vulnerability in Jasper, Version 8 Service Refresh 5 Fix Pack 33, used in Jetty Server 9.4.14 where Rational Synergy is deployed.

Summary A security vulnerability in Jasper, Version 8 Service Refresh 5 Fix Pack 33, used by Jetty versions 9.4.14 is affecting IBM Rational Synergy. Vulnerability Details CVEID: CVE-2020-27216 DESCRIPTION: Eclipse Jetty could allow a local authenticated attacker to gain elevated privileges on th...

7CVSS0.8AI score0.043EPSS
Exploits1Affected Software1
Hacker One
Hacker One
added 2021/06/21 4:2 p.m.34 views

HackerOne: Mishandling of hackerone clear background checks resulting in disclosure of other hacker's information

Summary: Mishandling of hackerone clear background checks resulting in disclosure of other hacker's information . Description: I received a hackerone clear invite for "█████" I am not █████. There appears to be some kind of off by one error or similar problem with the hackerone clear invites! fir...

6.8AI score
Exploits0
ThreatPost
ThreatPost
added 2021/05/20 5:59 p.m.50 views

The Gig Economy Creates Novel Data-Security Risks

As businesses strive to move faster and faster, many are adopting a “just-in-time” strategy of spinning up human resources on demand – a phenomenon known as the gig economy, familiar to most via Uber, Instacart or DoorDash. But it’s a concept that enterprises are embracing too – inadvertently...

6.9AI score
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2021/05/11 11:7 a.m.23 views

Security Bulletin: Vulnerability in WebSphere Application Server Liberty affects IBM Financial Transaction Manager for RedHat OpenShift (CVE-2020-5258)

Summary Dojo vulnerability in WebSphere Application Server Liberty affects IBM Financial Transaction Manager for RedHat OpenShift. Vulnerability Details CVEID: CVE-2020-5258 DESCRIPTION: Dojo dojo could allow a remote attacker to inject arbitrary code on the system, caused by a prototype pollutio...

7.7CVSS1.9AI score0.0399EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/05/07 7:5 a.m.35 views

Security Bulletin: IBM Kenexa LMS On Premise -CVE-2020-14781 (deferred from Oracle Oct 2020 CPU for Java 8)

Summary We have identified that the IBM Kenexa LMS On Premise is affected by one or more security vulnerabilities. These have been addressed in LMS 6.1.0 version. Vulnerability Details CVEID: CVE-2020-14781 DESCRIPTION: An unspecified vulnerability in Java SE related to the JNDI component could...

4.3CVSS0.5AI score0.02324EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/05/07 7:1 a.m.34 views

Security Bulletin: IBM Kenexa LCMS Premier On Premise - CVE-2020-14782 (deferred from Oracle Oct 2020 CPU for Java 8)

Summary We have identified that the IBM Kenexa LCMS Premier is affected by one or more security vulnerabilities. These have been addressed in LCMS Premier 14.0 version. Vulnerability Details CVEID: CVE-2020-14782 DESCRIPTION: An unspecified vulnerability in Java SE related to the Libraries...

4.3CVSS0.4AI score0.02272EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/05/07 6:55 a.m.20 views

Security Bulletin: IBM Kenexa LMS On Premise - CVE-2020-14782 (deferred from Oracle Oct 2020 CPU for Java 8)

Summary We have identified that the IBM Kenexa LMS On Premise is affected by one or more security vulnerabilities. These have been addressed in LMS 6.1.0 version. Vulnerability Details CVEID: CVE-2020-14782 DESCRIPTION: An unspecified vulnerability in Java SE related to the Libraries component...

4.3CVSS0.7AI score0.02272EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/04/12 6:13 p.m.25 views

Security Bulletin: CVE-2020-14782 may affect IBM® SDK, Java™ Technology Edition

Summary CVE-2020-14782 was disclosed as part of the Oracle October 2020 Critical Patch Update. Vulnerability Details CVEID: CVE-2020-14782 DESCRIPTION: An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause no confidentiality...

4.3CVSS0.6AI score0.02272EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/04/08 8:59 p.m.19 views

Security Bulletin: Infosphere BigInsights is affected by a vulnerability that could allow a local attacker to obtain the value-add services passwords stored in the Ambari configuration file (CVE-2015-4928, CVE-2015-4940).

Summary Infosphere BigInsights is affected by a vulnerability that could allow a local attacker to obtain value-add services passwords stored in the Ambari configuration file. The passwords are shown in plain text CVE-2015-4928, CVE-2015-4940. Vulnerability Details CVEID: CVE-2015-4928 DESCRIPTIO...

4.3CVSS0.5AI score0.02824EPSS
Exploits0Affected Software1
Citrix
Citrix
added 2021/03/26 12:0 a.m.9 views

Citrix license files shows a warning symbol on the SA date in the Licensing tab on Studio

The Subscription advantage date for a license shows a warning symbol-...

7.2AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2021/03/08 6:0 p.m.38 views

International Women’s Day: How to support and grow women in cybersecurity

Today, March 8, we are proud to celebrate International Women’s Day. The United Nations announced this year’s theme as “Women in leadership: Achieving an equal future in a COVID-19 world.” As a woman, a mother, a daughter, a sister, a friend, and a leader at Microsoft, this is an important time t...

7AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2021/02/22 7:26 a.m.29 views

Security Bulletin: IBM Kenexa LCMS Premier On Premise - IBM SDK, Java Technology Edition Quarterly CPU - Oct 2020 - Includes Oracle Oct 2020 CPU

Summary We have identified that the IBM Kenexa LCMS Premier is affected by one or more security vulnerabilities. These have been addressed in LCMS Premier 14.0 version. Vulnerability Details CVEID: CVE-2020-14779 DESCRIPTION: An unspecified vulnerability in Java SE related to the Serialization...

5.8CVSS0.7AI score0.03758EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/12/22 6:53 p.m.29 views

Security Bulletin: Security vulnerability in IBM Java SDK affecting Rational Synergy (CVE-2019-4732)

Summary There is a security vulnerability in IBM® SDK Java™ Technology Edition, Version 7.0.0.0 through 7.0.10.55, 7.1.0.0 through 7.1.4.55 used by Rational Synergy versions 7.2.1.0 to 7.2.1.7. Rational Synergy has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2019-4732...

7.2CVSS1.3AI score0.00561EPSS
Exploits0Affected Software1
Rows per page
Query Builder