Lucene search
K

33 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 2:48 a.m.77 views

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for September and October 2024.

Summary Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 21.0.3-IF037 and 24.0.0-IF003. Vulnerability Details CVEID:CVE-2024-39249 DESCRIPTION: Async is vulnerable to a denial of service, caused by the ReDoS Regular Expression Denial of Service while...

8.5CVSS9.9AI score0.91969EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/28 9:16 p.m.9 views

Security Bulletin: IBM InfoSphere Information Server is vulnerable due to an observable response discrepancy (CVE-2024-51477)

Summary An observable response discrepancy vulnerability in IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2024-51477 DESCRIPTION: IBM InfoSphere Information Server could allow an authenticated to obtain sensitive username information due to an observable respons...

6.5CVSS6.1AI score0.00281EPSS
Exploits0Affected Software1
Intel
Intel
added 2023/02/14 12:0 a.m.32 views

Computer Vision Annotation Tool Advisory

Summary: A potential security vulnerability in the Computer Vision Annotation Tool CVAT software maintained by Intel® may allow information disclosure. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2022-27234 Description: Server-si...

6.5CVSS5AI score0.00453EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/25 9:6 p.m.50 views

Security Bulletin: IBM WebSphere Business Services Fabric – Information regarding a security vulnerability in IBM SDK for Java that shipped with IBM WebSphere Application Server and addressed by Oracle CPU April 2013 (CVE-2013-0169)

Abstract Multiple security vulnerabilities exist in the IBM SDK for Java that is shipped with IBM WebSphere Application Server and is included in IBM WebSphere Business Services Fabric. Content VULNERABILITY DETAILS: DESCRIPTION: This Security Bulletin addresses the security vulnerabilities that...

10CVSS6.7AI score0.86963EPSS
Exploits23Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/03/23 10:7 p.m.24 views

Security Bulletin: Vulnerability in WebSphere Application Server Liberty affects IBM Spectrum Control (CVE-2020-4329)

Summary WebSphere Application Server Liberty could allow a remote, authenticated attacker to obtain sensitive information caused by improper paramater checking which affects IBM Spectrum Control. Vulnerability Details CVEID: CVE-2020-4329 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8....

4.3CVSS4.5AI score0.01263EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/02/28 1:26 p.m.24 views

Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Sourcing (CVE-2021-35557)

Summary IBM Emptoris Sourcing supports Oracle database server as a backend database. The remediated version of Oracle database server has been certified by IBM Emptoris Sourcing. Vulnerability Details CVEID: CVE-2021-35557 DESCRIPTION: An unspecified vulnerability in Oracle Database Server relate...

4.3CVSS4.6AI score0.00813EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/02/23 5:2 p.m.42 views

Security Bulletin: Vulnerability in SSLv3 affects IBM QRadar SIEM. (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in IBM QRadar SIEM. Vulnerability Details CVE-ID: CVE-2014-3566 DESCRIPTION: Product could allow a remote attacker to obtain sensitive information...

4.3CVSS3.9AI score0.99999EPSS
Exploits7Affected Software3
NVD
NVD
added 2021/10/20 11:17 a.m.19 views

CVE-2021-35611

Vulnerability in the Oracle Sales Offline product of Oracle E-Business Suite component: Offline Template. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

4.3CVSS0.01157EPSS
Exploits0References2
Prion
Prion
added 2021/10/20 11:16 a.m.24 views

Design/Logic Flaw

Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 19c and 21c. Easily exploitable vulnerability allows low privileged attacker having Create Table privilege with network access via Oracle Net to compromise Core RDBMS...

4CVSS4AI score0.00804EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/07/21 3:16 p.m.33 views

Design/Logic Flaw

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Easily exploitable vulnerability allows low privileged attacker having Create Procedure privilege with network access via Oracle Net to compromise Java VM...

4CVSS4AI score0.0084EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/07/20 10:43 p.m.23 views

CVE-2021-2330

Vulnerability in the Core RDBMS component of Oracle Database Server. The supported version that is affected is 19c. Easily exploitable vulnerability allows low privileged attacker having Create Table privilege with network access via Oracle Net to compromise Core RDBMS. Successful attacks of this...

4.3CVSS5.2AI score0.00782EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2020/11/13 9:18 p.m.18 views

Security Bulletin: Path Traversal Vulnerability Affects IBM Sterling B2B Integrator (CVE-2020-4692)

Summary IBM Sterling B2B Integrator has addressed a path traversal vulnerability. Vulnerability Details CVEID: CVE-2020-4692 DESCRIPTION: IBM Sterling B2B Integrator could allow an authenticated user to obtain sensitive information from the Dashboard UI. CVSS Base score: 4.3 CVSS Temporal Score:...

6.5CVSS1.1AI score0.00889EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/08/27 10:38 a.m.20 views

Security Bulletin: Information disclosure vulnerability in WebSphere Application Server - Liberty affects IBM MobileFirst Platform Foundation

Summary IBM MobileFirst Platform Foundation has addressed the following vulnerability: Information disclosure in WebSphere Application Server - Liberty Vulnerability Details CVEID: CVE-2020-4329 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0 and Liberty 17.0.0.3 through 20.0.0.4...

4.3CVSS0.8AI score0.01263EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/24 10:19 p.m.31 views

Security Bulletin: Vulnerability in SSLv3 affects IBM Sterling Connect:Direct for Microsoft Windows (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in IBM Sterling Connect:Direct for Microsoft Windows. Vulnerability Details CVE-ID: CVE-2014-3566 DESCRIPTION: Product could allow a remote attack...

4.3CVSS0.5AI score0.99999EPSS
Exploits7Affected Software1
NVD
NVD
added 2019/10/16 6:15 p.m.23 views

CVE-2019-2734

Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows low privileged attacker having Create Session, Execute on DBMSADVISOR privilege with network access via OracleNet to...

4.3CVSS3.9AI score0.00844EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2018/10/17 1:0 a.m.10 views

CVE-2018-3269

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: SMB Server. The supported version that is affected is 11.3. Easily exploitable vulnerability allows low privileged attacker with network access via SMB to compromise Solaris. Successful attacks of this...

5.3AI score0.02006EPSS
Exploits0References3
CVE
CVE
added 2018/07/18 1:0 p.m.47 views

CVE-2018-2927

CVE-2018-2927 affects the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: HTTP data path subsystems), with exploitation possible on versions prior to 8.7.18. The vulnerability allows a low-privileged, network-accessible attacker (via HTTP) to gain ...

4.3CVSS3.3AI score0.01476EPSS
Exploits0References3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 12:9 a.m.34 views

Security Bulletin: Vulnerabilities in SSL and TLS protocols affect the IBM FlashSystem V840 (CVE-2011-3389)

Summary SSL and TLS vulnerabilities were disclosed in September 2011. This vulnerability has been referred to as the “BEAST” attack. SSL protocol is used by the IBM FlashSystem V840. Vulnerability Details CVE-ID: CVE-2011-3389 DESCRIPTION: Multiple products could allow a remote attacker to obtain...

4.3CVSS0.4AI score0.73327EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 3:12 p.m.20 views

Security Bulletin: TLS padding vulnerability affects IBM MessageSight (CVE-2014-8730)

Summary Transport Layer Security TLS padding vulnerability via a POODLE Padding Oracle On Downgraded Legacy Encryption like attack affects IBM MessageSight. Vulnerability Details CVE-ID: CVE-2014-8730 DESCRIPTION: Product could allow a remote attacker to obtain sensitive information, caused by th...

4.3CVSS0.6AI score0.1372EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 4:55 a.m.33 views

Security Bulletin: Open Source Apache Tomcat - 4 issues (CVE-2013-4286) for RAF

Summary Previous releases of IBM Rational Automation Framework RAF are affected by the vulnerabilitie in Apache Tomcat that may allow remote attackers to influence the availability of the Framework Server. Vulnerability Details | Subscribe to My Notifications to be notified of important product...

5.8CVSS0.6AI score0.16833EPSS
Exploits2Affected Software1
Rows per page
Query Builder