Lucene search
K

51 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/06/09 2:53 p.m.9 views

Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by a remote code execution vulnerability (CVE-2026-9311, CVE-2026-9330)

Summary IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by a remote code execution. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products and Versions|...

9CVSS6.3AI score0.00508EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/08 10:21 p.m.10 views

Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is affected by multiple vulnerabilities when using Web Server Plug-ins (CVE-2026-8633, CVE-2026-8620)

Summary IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is affected by remote code execution and HTTP request smuggling when using the optional and separately installable Web Server Plug-ins for IBM WebSphere Application Server component...

9.8CVSS6.3AI score0.00847EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/08 7:13 p.m.11 views

Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by multiple vulnerabilities when using Web Server Plug-ins (CVE-2026-8633, CVE-2026-8620)

Summary IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by remote code execution and HTTP request smuggling when using the optional and separately installable Web Server Plug-ins for IBM WebSphere Application Server component. Vulnerability...

9.8CVSS6.3AI score0.00847EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/08 7:3 p.m.13 views

Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by a remote code execution vulnerability (CVE-2026-9319)

Summary IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by a remote code execution vulnerability when using JAX-WS endpoints with WS-Security. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected...

9CVSS6.3AI score0.00458EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/27 3:12 p.m.6 views

Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is affected by an identity spoofing vulnerability (CVE-2026-3621)

Summary IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is affected by an identity spoofing vulnerability when the appSecurity feature appSecurity-1.0, appSecurity-2.0, appSecurity-3.0, appSecurity-4.0, or appSecurity-5.0 is not enabled on the serve...

7.5CVSS5.2AI score0.00276EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/07 2:15 p.m.2 views

Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is affected by a prototype pollution vulnerability due to immutable (CVE-2026-29063)

Summary IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is affected by a prototype pollution vulnerability in the immutable library with the openapi-3.0, openapi-3.1, mpOpenAPI-1.0, mpOpenAPI-1.1, mpOpenAPI-2.0, mpOpenAPI-3.0 mpOpenAPI-3.1,...

9.8CVSS5.9AI score0.00978EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/16 9:44 p.m.7 views

Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by a denial of service vulnerability due to jose4j (CVE-2024-29371)

Summary IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by a denial of service vulnerability due to jose4j. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected...

7.5CVSS7.3AI score0.00244EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/17 3:1 p.m.5 views

Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is affected by an SMTP injection vulnerability due to Jakarta Mail (CVE-2025-7962)

Summary IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is affected by an SMTP injection vulnerability in the Jakarta Mail library with the javaMail-1.5, javaMail-1.6, mail-2.0, or mail-2.1 feature enabled. Vulnerability Details Refer to the securit...

7.5CVSS5.3AI score0.00756EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/12 9:17 p.m.6 views

Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is affected by a vulnerability that could provide weaker than expected security due to crypto.js (CVE-2020-36732)

Summary IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is affected by a vulnerability in the crypto.js library with the openidConnectServer-1.0 feature enabled. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes...

5.3CVSS6.6AI score0.01075EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/07/28 9:20 p.m.5 views

Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by a security bypass vulnerability (CVE-2024-56339)

Summary IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by a security bypass caused by a failure to honor security configuration. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and...

7.5CVSS6.8AI score0.004EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/07/28 8:45 p.m.4 views

Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by a denial of service (CVE-2025-36097)

Summary IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by a denial of service. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products and Versions| Affectin...

7.5CVSS6.9AI score0.00399EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/07/09 11:59 p.m.5 views

Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by arbitrary code execution (CVE-2025-36038)

Summary IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by arbitrary code execution. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products and Versions|...

9.8CVSS7.8AI score0.08023EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/05/27 6:22 p.m.13 views

Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by a cross-site scripting vulnerability (CVE-2025-33104)

Summary IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by a cross-site scripting vulnerability. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products and...

7.6CVSS6.3AI score0.00199EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/05/02 4:10 p.m.15 views

Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by a server-side request forgery vulnerability (CVE-2025-27907)

Summary IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by a server-side request forgery vulnerability. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Product...

4.1CVSS4.3AI score0.0028EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/29 2:10 a.m.33 views

Security Bulletin: Multiple Vulnerabilities in Apache Commons Compress affect IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications (CVE-2021-33517, CVE-2021-36090)

Summary Multiple Vulnerabilities in Apache Commons Compress affect IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications CVE-2021-33517, CVE-2021-36090 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected...

7.5CVSS7.8AI score0.12945EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/01 1:54 p.m.16 views

Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is vulnerable to a denial of service due to Apache CXF (CVE-2025-23184)

Summary There is a vulnerability in the Apache CXF library used by IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, with the jaxws-2.2, xmlWS-3.0 or xmlWS-4.0 feature enabled. Vulnerability Details Refer to the security bulletins listed in the...

7.5CVSS6.9AI score0.01941EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/26 4:28 p.m.19 views

Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is vulnerable to a denial of service due to Netty (CVE-2025-25193)

Summary There is a vulnerability in the Netty library used by IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, with the grpc-1.0 or grpcClient-1.0 feature enabled. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes...

5.5CVSS6.9AI score0.00384EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.29 views

Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is vulnerable to a denial of service due to Google Protocol Buffers (CVE-2024-7254)

Summary IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, contains a vulnerability in the Google Protocol Buffers protobuf library with the grpc-1.0 or grpcClient-1.0 feature enabled. Vulnerability Details Refer to the security bulletins listed in the...

8.7CVSS6.1AI score0.02772EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.18 views

Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is vulnerable to an XML External Entity Injection (XXE) vulnerability (CVE-2024-45072)

Summary IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is vulnerable to an XML External Entity Injection XXE in the administrative console. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and...

5.5CVSS5.7AI score0.00439EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.39 views

Security Bulletin: IBM WebSphere Application Server Liberty , which is bundled with IBM Cloud Pak for Applications, is vulnerable to a denial of service due to GraphQL Java (CVE-2024-40094)

Summary There is a vulnerability in the GraphQL Java library used by IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, with the mpGraphQL-1.0 or mpGraphQL-2.0 feature enabled. Vulnerability Details Refer to the security bulletins listed in the...

5.3CVSS6.1AI score0.00943EPSS
Exploits2Affected Software1
Rows per page
Query Builder