Lucene search
K

26 matches found

EUVD
EUVD
added 2026/06/22 3:21 p.m.9 views

EUVD-2026-38266

IBM Watson Speech Services Cartridge is vulnerable to Server-Side Request Forgery SSRF in Sterling File Gateway, due to a flaw which may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks...

5.3CVSS5.8AI score0.002EPSS
Exploits0References1
CVE
CVE
added 2026/06/22 3:21 p.m.21 views

CVE-2026-7253

CVE-2026-7253 summary: IBM Watson Speech Services Cartridge is affected by a Server-Side Request Forgery (SSRF) in Sterling File Gateway. Affected versions are 4.0.0–5.3.1. The root cause is SSRF allowing an authenticated attacker to issue unauthorized requests from the system, with potential net...

8.8CVSS5.8AI score0.002EPSS
Exploits0References1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/18 7:51 p.m.5 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to privilege escalation in Sudo [CVE-2026-35535]

Summary IBM Watson Speech Services Cartridge is vulnerable to privilege escalation in Sudo, due to a failure of a setuid, setgid, or setgroups call, during a privilege drop before running the mailer, which is not recognised as a fatal error and can lead to privilege escalation. CVE-2026-35535. Su...

7.8CVSS5.1AI score0.00173EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/09 2:57 p.m.9 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in qs-6.14.2.tgz

Summary IBM Watson Discovery Cartridge affected by vulnerability in qs-6.14.2.tgz Vulnerability Details CVEID:CVE-2026-8723 DESCRIPTION: Summary qs.stringify throws TypeError when called with arrayFormat: 'comma' and encodeValuesOnly: true on an array containing null or undefined. The throw is...

6.3CVSS5.5AI score0.00351EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/01 3:26 p.m.11 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in uuid-3.3.2.tgz

Summary IBM Watson Discovery Cartridge affected by vulnerability in uuid-3.3.2.tgz Vulnerability Details CVEID:CVE-2026-41988 DESCRIPTION: uuid before 14.0.0 can make unexpected writes when external output buffers are used, and the UUID version is 3, 5, or 6. In particular, UUID version 4, which ...

3.2CVSS5.8AI score0.00181EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/21 3:21 p.m.14 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a denial of service in Pillow [CVE-2026-40192]

Summary IBM Watson Speech Services Cartridge is vulnerable to a denial of service in Pillow, due to a failure to limit the amount of GZIP-compressed data read when decoding a FITS image, making them vulnerable to decompression bomb attack CVE-2026-40192. Pillow is used in our speech runtimes. Thi...

8.7CVSS7AI score0.00671EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/16 5:46 p.m.5 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in elasticsearch-6.8.23.jar

Summary IBM Watson Discovery Cartridge affected by vulnerability in elasticsearch-6.8.23.jar Vulnerability Details CVEID:CVE-2024-52979 DESCRIPTION: Uncontrolled Resource Consumption in Elasticsearch while evaluating specifically crafted search templates with Mustache functions can lead to Denial...

7.5CVSS5.8AI score0.00522EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/14 5:0 p.m.3 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to an Improper Allocation of Resources in Golang Go (CVE-2025-58181)

Summary IBM Watson Speech Services Cartridge is vulnerable to an Improper Allocation of Resources in Golang Go, caused by an issue in SSH servers parsing GSSAPI authentication requests, which do not validate the number of mechanisms specified in the request CVE-2025-58181. Golang Go is used in ou...

5.3CVSS6.7AI score0.00533EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/14 4:56 p.m.8 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to improper allocation of resources in net/url [CVE-2025-61726]

Summary IBM Watson Speech Services Cartridge is vulnerable to improper allocation of resources due to a failure of the net/url package to set a limit on the number of query parameters in a queryCVE-2025-61726. Net/url is used in our speech utilities. This vulnerabilitiy has been addressed. Please...

7.5CVSS6.6AI score0.01945EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/14 3:9 p.m.5 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to an Improper Validation of Integrity Check Value in go-git [CVE-2026-25934]

Summary IBM Watson Speech Services Cartridge is vulnerable to an Improper Validation of Integrity Check Value in go-git, due to an issue where data integrity values for .pack and .idx files were not properly verified CVE-2026-25934. GO-git is used as a component of our ibm-watson-speech-catalog...

4.3CVSS7AI score0.00136EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/14 3:8 p.m.3 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a path traversal in setuptools [CVE-2025-47273]

Summary M Watson Speech Services Cartridge is vulnerable to a path traversal in setuptools, due to an issue that allows users to download, build, install, upgrade, and uninstall Python packages CVE-2025-47273. Setuptools is used in our speech service runtimes. This vulnerabilitiy has been...

8.8CVSS7.4AI score0.01479EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/27 3:40 p.m.6 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a Data Amplification in urllib3 [ CVE-2026-21441]

Summary IBM Watson Speech Services Cartridge is vulnerable to a Data Amplification in urllib3, due to a flaw that library reads the entire response body to drain the connection and decompress the content unnecessarily, rather than decompressing only the necessary bytes as expected CVE-2026-21441...

8.9CVSS5.9AI score0.02667EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/04 10:38 p.m.7 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in brace-expansion-1.1.11.tgz

Summary IBM Watson Discovery Cartridge affected by vulnerability in brace-expansion-1.1.11.tgz Vulnerability Details CVEID:CVE-2025-5889 DESCRIPTION: A vulnerability was found in juliangruber brace-expansion up to 1.1.11/2.0.1/3.0.0/4.0.0. It has been rated as problematic. Affected by this issue ...

3.1CVSS4.9AI score0.00459EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/22 5:3 a.m.9 views

Security Bulletin: Vulnerability affects IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary Potential vulnerability has been identified that affects IBM watsonx Orchestrate with watsonx Assistant Cartridge - UAB Component. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2025-47913 DESCRIPTION: SSH clients receivi...

7.5CVSS6.4AI score0.00591EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/29 7:27 a.m.6 views

Security Bulletin: Vulnerability in Python-Future 1.0.0 module affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in Python-Future 1.0.0 module has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional...

5.4CVSS6.2AI score0.00271EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/17 2:23 p.m.6 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to an authentication bypass in Spring Security [CVE-2025-41248]

Summary IBM Watson Speech Services Cartridge is vulnerable to an authentication bypass in Spring Security, due to an issue where annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics...

7.5CVSS6.6AI score0.00433EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/07 7:37 p.m.6 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in deepdiff-8.5.0-py3-none-any.whl

Summary IBM Watson Discovery Cartridge contains a vulnerable version of deepdiff-8.5.0-py3-none-any.whl Vulnerability Details CVEID:CVE-2025-58367 DESCRIPTION: DeepDiff is a project focused on Deep Difference and search of any Python data. Versions 5.0.0 through 8.6.0 are vulnerable to class...

10CVSS7.5AI score0.01056EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/06 8:18 p.m.5 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in IBM SDK

Summary IBM Watson Discovery Cartridge contains a vulnerable version of IBM SDK Vulnerability Details CVEID:CVE-2025-50106 DESCRIPTION: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: 2D. Supported versions that a...

8.1CVSS7AI score0.01058EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/20 11:38 a.m.10 views

Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in transformers-4.48.3-py3-none-any.whl

Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of transformers-4.48.3-py3-none-any.whl Vulnerability Details CVEID:CVE-2025-1194 DESCRIPTION: A Regular Expression Denial of Service ReDoS vulnerability was identified in the huggingface/transformers library, specifically in...

6.5CVSS6.4AI score0.00384EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/20 11:35 a.m.12 views

Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in torch-2.6.0-cp313-cp313-manylinux1_x86_64.whl

Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of torch-2.6.0-cp313-cp313-manylinux1x8664.whl Vulnerability Details CVEID:CVE-2025-4287 DESCRIPTION: A vulnerability was found in PyTorch 2.6.0+cu124. It has been rated as problematic. Affected by this issue is the function...

4.8CVSS5.4AI score0.00155EPSS
Exploits0Affected Software1
Rows per page
Query Builder