Lucene search
K

51 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/04/29 1:54 a.m.71 views

Security Bulletin: Multiple security vulnerabilities have been identified in IBM® DB2® shipped with IBM PureData System for Operational Analytics

Summary IBM® DB2® is shipped as a component of IBM PureData System for Operational Analytics. Information about security vulnerabilities affecting IBM DB2 have been published in a security bulletin. Vulnerability Details CVEID:CVE-2017-12973 DESCRIPTION: Connect2id Nimbus JOSE+JWT could provide...

9.3CVSS10AI score0.87806EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/26 3:39 a.m.46 views

Security Bulletin: Multiple vulnerabilities in DITA, Apache Batik, Apache FOP may affect IBM Business Automation Workflow and IBM Case Manager

Summary IBM Business Automation Workflow and IBM Case Manager packages DITA for documentation generation in Case Management. Multiple CVEs have been reported for open source libraries repackaged in DITA. A few of the same open source libraries, such as Apache Batik and Apache FOP, are also used f...

9.8CVSS8.4AI score0.24738EPSS
Exploits5Affected Software3
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/10 3:21 p.m.19 views

Security Bulletin: Multiple Security Vulnerabilities in Google Guava Affects IBM Sterling B2B Integrator

Summary IBM Sterling B2B Integrator has addressed the security vulnerabilities from Google Guava Vulnerability Details CVEID:CVE-2023-2976 DESCRIPTION: Use of Java's default temporary directory for file creation in FileBackedOutputStream in Google Guava versions 1.0 to 31.1 on Unix systems and...

7.1CVSS5.8AI score0.05119EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.31 views

Security Bulletin: IBM Maximo Application Suite uses jsonata-1.8.6 which is vulnerable to CVE-2024-27307, CVE-2022-34169, CVE-2023-20861, CVE-2023-3635, CVE-2018-10237, CVE-2023-33201, CVE-2023-33202, CVE-2023-45288, CVE-2023-20863

Summary IBM Maximo Application Suite uses jsonata-1.8.6 which is vulnerable to CVE-2024-27307, CVE-2022-34169, CVE-2023-20861, CVE-2023-3635, CVE-2018-10237, CVE-2023-33201, CVE-2023-33202, CVE-2023-45288, CVE-2023-20863. This bulletin contains information regarding the vulnerability and its...

9.8CVSS9.1AI score0.91969EPSS
Exploits6Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.29 views

RHEL 7 : guava (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - guava: Unbounded memory allocation in AtomicDoubleArray and CompoundOrdering classes allow remote attackers to caus...

5.9CVSS7.3AI score0.05119EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/08 8:38 a.m.27 views

Security Bulletin: IBM Tivoli Application Dependency Discovery Manager is vulnerable to a denial of service due to vulnerability in Guava: Google Core Libraries for Java

Summary ICU4J Library used by IBM Tivoli Application Dependency Discovery Manager and is vulnerable to CVE-2018-10237 Vulnerability Details CVEID:CVE-2018-10237 DESCRIPTION: Google Guava is vulnerable to a denial of service, caused by improper eager allocation checks in the AtomicDoubleArray and...

5.9CVSS6.1AI score0.05119EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/05 12:37 p.m.76 views

Security Bulletin: IBM App Connect Enterprise and IBM Integration Bus are vulnerable to a remote attacker and denial of service due to Guava (CVE-2020-8908, CVE-2018-10237).

Summary IBM App Connect Enterprise toolkit and IBM Integration Bus toolkit are vulnerable to a remote attacker and denial of service due to Guava CVE-2020-8908, CVE-2018-10237. The resolving fix includes Guava version =31.1 Vulnerability Details CVEID:CVE-2020-8908 DESCRIPTION: Guava could allow ...

5.9CVSS6.1AI score0.05119EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/28 10:13 p.m.54 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, which is a required product for IBM Tivoli Netcool Configuration Manager (CVE-2018-10237)

Summary IBM WebSphere Application Server is a required product for IBM Tivoli Netcool Configuration Manager version 6.4.2. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Please consult the...

5.9CVSS6AI score0.05119EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/21 6:38 p.m.36 views

Security Bulletin: IBM Storage Protect Server is vulnerable to attacks due to Google guava (CVE-2020-8908, CVE-2018-10237)

Summary Google guava is used by IBM Storage Protect and may be affected by these vulnerabilities. Vulnerability Details CVEID:CVE-2020-8908 DESCRIPTION: Guava could allow a remote authenticated attacker to bypass security restrictions, caused by a temp directory creation vulnerability in...

5.9CVSS6.2AI score0.05119EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/04/20 10:31 a.m.37 views

Security Bulletin: IBM Security Verify Governance is vulnerable to denial of service and security bypass (CVE-2018-10237, CVE-2020-8908)

Summary IBM Security Verify Governance is vulnerable to a denial of service and security restrictions bypass within Google Guava. The product has upgraded the affected package. Vulnerability Details CVEID:CVE-2018-10237 DESCRIPTION: Google Guava is vulnerable to a denial of service, caused by...

5.9CVSS6.1AI score0.05119EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/04/19 12:39 p.m.98 views

Security Bulletin: Multiple Vulnerabilities of Guava Google Core Libraries have affected APM Synthetic Playback Agent

Summary APM Synthetic Playback Agent is vulnerable to Google Guava CVE-2020-8908 and CVE-2018-10237. The fix includes Google Guava upgraded to guava-30.0-jre. Vulnerability Details CVEID:CVE-2020-8908 DESCRIPTION: Guava could allow a remote authenticated attacker to bypass security restrictions,...

5.9CVSS6.1AI score0.05119EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/12 9:59 p.m.32 views

Security Bulletin: A Google Guava vulnerability affects IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data (CVE-2018-10237)

Summary A Google Guava vulnerability affects IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data CVE-2018-10237. Please see below for information on how to remediate this issue. Vulnerability Details CVEID:CVE-2018-10237 DESCRIPTION: Google Guava is vulnerable to a denial of service,...

5.9CVSS6AI score0.05119EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/08 7:55 p.m.65 views

Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities (CVE-2018-10237, CVE-2020-8908)

Summary IBM Security Guardium has fixed these vulnerabilities Vulnerability Details CVEID:CVE-2018-10237 DESCRIPTION: Google Guava is vulnerable to a denial of service, caused by improper eager allocation checks in the AtomicDoubleArray and CompoundOrdering class. By sending a specially-crafted...

5.9CVSS5.8AI score0.05119EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/02/22 7:59 p.m.45 views

Security Bulletin: Potential denial of service in WebSphere Application Server affects IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2018-10237)

Summary There is a potential denial of service with the Google Guava library that is used in WebSphere Application Server. This can affect IBM Spectrum Control formerly Tivoli Storage Productivity Center. Vulnerability Details CVEID: CVE-2018-10237 DESCRIPTION: Google Guava is vulnerable to a...

5.9CVSS6.8AI score0.05119EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/10/06 12:30 p.m.53 views

Security Bulletin: IBM Security Guardium Insights is affected by components with known vulnerabilities (CVE-2018-10237, CVE-2020-9488)

Summary IBM Security Guardium Insights has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2018-10237 DESCRIPTION: Google Guava is vulnerable to a denial of service, caused by improper eager allocation checks in the AtomicDoubleArray and CompoundOrdering class. By sendin...

5.9CVSS1.1AI score0.08096EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/04/16 7:3 a.m.74 views

Security Bulletin: A vulnerability in Apache Solr affects IBM Operations Analytics - Log Analysis Analysis (CVE-2018-10237)

Summary A vulnerability on unbounded memory allocation was addressed by IBM Operations Analytics - Log Analysis. Vulnerability Details CVEID: CVE-2018-10237 DESCRIPTION: Google Guava is vulnerable to a denial of service, caused by improper eager allocation checks in the AtomicDoubleArray and...

5.9CVSS1.2AI score0.05119EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/01/18 2:21 p.m.18 views

Security Bulletin: Vulnerability in Google Guava affects WebSphere Service Registry and Repository (CVE-2018-10237)

Summary A vulnerability in Google Guava affects WebSphere Service Registry and Repository. This issue is also addressed by WebSphere Application Server shipped with WebSphere Service Registry and Repository. Vulnerability Details CVEID: CVE-2018-10237 DESCRIPTION: Google Guava is vulnerable to a...

5.9CVSS1.6AI score0.05119EPSS
Exploits0Affected Software1
vulnersOsv
vulnersOsv
added 2020/06/15 8:35 p.m.8 views

org.eclipse.hudson.plugins:hudson-plugin-parent (>=3.3.1 <=3.3.3), org.eclipse.hudson.stapler:stapler-core (>=3.0.4 <=3.0.6) +10 more potentially affected by CVE-2018-10237 via org.hudsonci.lib.guava:guava (>=14.0.1-h-1 <=14.0.1-h-3)

org.hudsonci.lib.guava:guava MAVEN version =14.0.1-h-1, =3.3.1, =3.0.4, =3.0.4, =3.3.1, =3.3.1, =3.3.1, =3.3.1, =3.3.1, =3.3.1, =3.3.1, =3.3.1, =4.5.0, =4.6.0 Source cves: CVE-2018-10237 Source advisory: OSV:GHSA-MVR2-9PJ6-7W5J...

5.9CVSS6.8AI score0.05119EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2020/06/15 4:13 p.m.106 views

Important: Red Hat Security Advisory: EAP Continuous Delivery Technical Preview Release 13 security update

This is a security update for JBoss EAP Continuous Delivery 13.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

9.8CVSS6.9AI score0.37925EPSS
Exploits7References6
IBM Security Bulletins
IBM Security Bulletins
added 2020/05/06 12:2 p.m.22 views

Security Bulletin: Vulnerability in Google Guava affects IBM Cloud Pak System (CVE-2018-10237)

Summary There is a potential denial of service with the Google Guava library that is used in IBM Cloud Pak System. Vulnerability Details CVEID: CVE-2018-10237 DESCRIPTION: Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of...

5.9CVSS1.2AI score0.05119EPSS
Exploits0Affected Software1
Rows per page
Query Builder