Lucene search
+L

499 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/06/25 7:40 p.m.12 views

Security Bulletin: Multiple vulnerabilities in IBM® SDK Java™ affect IBM Cloud Pak System

Summary Multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition were addressed in IBM Cloud Pak System version 2.3.6.1. Vulnerability Details CVEID:CVE-2024-21235 DESCRIPTION: Vulnerability in Java SE component: Hotspot. Difficult to exploit vulnerability allows unauthenticated attacke...

8.1CVSS6.9AI score0.01157EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/25 7:25 p.m.13 views

Security Bulletin: Due to the use of IBM Db2, IBM Cloud Pak System is affected by multiple vulnerabilities

Summary Vulnerabilities found in IBM Db2 LUW that affect Foundation and IBM Tivoli Monitoring ITM pattern Types pTypes shipped with IBM Cloud Pak System. Vulnerabilities were addressed in IBM Cloud Pak System. IBM Cloud Pak System v2.3.6.0 has updated Foundation and ITM pTypes to Foundation versi...

7.5CVSS6AI score0.00384EPSS
Exploits0Affected Software3
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/25 7:16 p.m.17 views

Security Bulletin: Due to IBM Db2, IBM Cloud Pak System is affected by multiple vulnerabilities.

Summary IBM Db2 vulnerabilities have been found in IBM Cloud Pak System DB2 pattern type db2 pType shipped with Cloud Pak System. Vulnerabilities were addressed in IBM Cloud Pak System. Vulnerability Details CVEID:CVE-2024-45663 DESCRIPTION: IBM Db2 for Linux, UNIX and Windows includes Db2 Connec...

7.5CVSS6AI score0.00696EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/24 11:45 p.m.4 views

Security Bulletin: Multiple Vulnerabilities in Axios affect IBM Cloud Pak System

Summary Due to the use of Axios, multiple vulnerabilities were addressed in IBM Cloud Pak System version 2.3.5.1 Vulnerability Details CVEID:CVE-2026-42264 DESCRIPTION: Axios is a promise based HTTP client for the browser and Node.js. From version 1.0.0 to before version 1.15.2, fFive config...

9.9CVSS6.9AI score0.01815EPSS
Exploits12Affected Software3
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/24 11:21 p.m.15 views

Security Bulletin: Multiple vulnerabilities in IBM® SDK Java™ affect IBM Cloud Pak System [CVE-2024-21144, CVE-2024-21131, CVE-2024-27267]

Summary Vulnerabilities in IBM® SDK Java™ Technology Edition affect IBM Cloud Pak System . These issues were disclosed as part of the IBM Java SDK updates in July 2024. Vulnerability Details CVEID:CVE-2024-21144 DESCRIPTION: An unspecified vulnerability in Java SE related to the Concurrency...

5.9CVSS6.7AI score0.01056EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/24 11:13 p.m.4 views

Security Bulletin: Multiple Vulnerabilities in IBM® SDK, Java™ Technology affect IBM Cloud Pak System

Summary Multiple Vulnerabilities have been found in IBM® SDK, Java™ Technology that is shipped with IBM Cloud Pak System. IBM Cloud Pak System has addressed these vulnerabilities as per the IBM® SDK, Java™ Technology April 2026 in IBM Cloud Pak System 2.3.5.1. Vulnerability Details...

7.5CVSS6.5AI score0.00864EPSS
Exploits1Affected Software3
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/24 10:13 p.m.26 views

Security Bulletin: Multiple vulnerabilities in Open Source affect IBM Cloud Pak System

Summary Multiple vulnerabilities in Open Source affect IBM Cloud Pak System. Vulnerability Details CVEID:CVE-2024-21538 DESCRIPTION: Versions of the package cross-spawn before 6.0.6, from 7.0.0 and before 7.0.5 are vulnerable to Regular Expression Denial of Service ReDoS due to improper input...

9.8CVSS6.8AI score0.01017EPSS
Exploits4Affected Software1
CNVD
CNVD
added 2026/03/06 12:0 a.m.4 views

IBM Cloud Pak System Access Control Error Vulnerability

IBM Cloud Pak System is a full-stack, converged infrastructure with configurable, pre-integrated software from International Business Machines IBM. The product supports deploying, managing and moving application environments across hybrid clouds. An access control error vulnerability exists in IB...

4.3CVSS5.8AI score0.00207EPSS
Exploits0References1
CNVD
CNVD
added 2026/03/06 12:0 a.m.5 views

IBM Cloud Pak System Information Disclosure Vulnerability (CNVD-2026-13784)

IBM Cloud Pak System is a full-stack, converged infrastructure with configurable, pre-integrated software from International Business Machines IBM. The product supports deploying, managing and moving application environments across hybrid clouds. An information disclosure vulnerability exists in...

5.3CVSS5.8AI score0.00206EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/04 12:14 p.m.9 views

Security Bulletin: Multiple Vulnerabilities in Lenovo XCC affect IBM Cloud Pak System

Summary Multiple Vulnerabilities in Lenovo XCC affect IBM Cloud Pak System. Vulnerabilities were addressed in IBM Cloud Pak System v2.3.6.1. Vulnerability Details CVEID:CVE-2023-20599 DESCRIPTION: Improper register access control in ASP may allow a privileged attacker to perform unauthorized acce...

7.9CVSS6.4AI score0.00601EPSS
Exploits0Affected Software2
RedhatCVE
RedhatCVE
added 2026/02/19 1:28 a.m.9 views

CVE-2023-38005

IBM Cloud Pak System 2.3.3.6, 2.3.3.7, 2.3.4.0, 2.3.4.1, and 2.3.5.0 could allow an authenticated user to perform unauthorized tasks due to improper access controls...

4.3CVSS5.5AI score0.00207EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/18 7:30 p.m.6 views

CVE-2023-38265

IBM Cloud Pak System 2.3.3.6, 2.3.3.7, 2.3.4.0, 2.3.4.1, and 2.3.5.0 could disclose folder location information to an unauthenticated attacker that could aid in further attacks against the system...

5.3CVSS5.5AI score0.00206EPSS
Exploits0References1
OSV
OSV
added 2026/02/17 10:18 p.m.6 views

CVE-2023-38005

IBM Cloud Pak System 2.3.3.6, 2.3.3.7, 2.3.4.0, 2.3.4.1, and 2.3.5.0 could allow an authenticated user to perform unauthorized tasks due to improper access controls...

4.3CVSS5.8AI score0.00207EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/17 9:49 p.m.6 views

CVE-2023-38005

IBM Cloud Pak System 2.3.3.6, 2.3.3.7, 2.3.4.0, 2.3.4.1, and 2.3.5.0 could allow an authenticated user to perform unauthorized tasks due to improper access controls...

4.3CVSS5.5AI score0.00207EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/17 9:49 p.m.4 views

CVE-2023-38005 Improper Access Control and Exposure of Information Through Directory Listing vulnerabilities affect IBM Cloud Pak System[, ]

IBM Cloud Pak System 2.3.3.6, 2.3.3.7, 2.3.4.0, 2.3.4.1, and 2.3.5.0 could allow an authenticated user to perform unauthorized tasks due to improper access controls...

4.3CVSS5.5AI score0.00207EPSS
Exploits0References1
CVE
CVE
added 2026/02/17 9:49 p.m.21 views

CVE-2023-38005

CVE-2023-38005 affects IBM Cloud Pak System versions 2.3.3.6, 2.3.3.7, 2.3.4.0, 2.3.4.1, and 2.3.5.0. An authenticated user could perform unauthorized tasks due to improper access controls (CWE-284). IBM’s bulletin combines this with CVE-2023-38265; the base score for CVE-2023-38005 is 4.3 (Mediu...

4.3CVSS5.5AI score0.00207EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/02/17 9:49 p.m.32 views

CVE-2023-38005 Improper Access Control and Exposure of Information Through Directory Listing vulnerabilities affect IBM Cloud Pak System[, ]

IBM Cloud Pak System 2.3.3.6, 2.3.3.7, 2.3.4.0, 2.3.4.1, and 2.3.5.0 could allow an authenticated user to perform unauthorized tasks due to improper access controls...

4.3CVSS0.00207EPSS
Exploits0References1
OSV
OSV
added 2026/02/17 8:22 p.m.5 views

CVE-2023-38265

IBM Cloud Pak System 2.3.3.6, 2.3.3.7, 2.3.4.0, 2.3.4.1, and 2.3.5.0 could disclose folder location information to an unauthenticated attacker that could aid in further attacks against the system...

5.3CVSS5.7AI score0.00206EPSS
Exploits0References1
NVD
NVD
added 2026/02/17 8:22 p.m.14 views

CVE-2023-38265

IBM Cloud Pak System 2.3.3.6, 2.3.3.7, 2.3.4.0, 2.3.4.1, and 2.3.5.0 could disclose folder location information to an unauthenticated attacker that could aid in further attacks against the system...

5.3CVSS0.00206EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/17 7:6 p.m.5 views

CVE-2023-38265

IBM Cloud Pak System 2.3.3.6, 2.3.3.7, 2.3.4.0, 2.3.4.1, and 2.3.5.0 could disclose folder location information to an unauthenticated attacker that could aid in further attacks against the system...

5.3CVSS5.5AI score0.00206EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder