Lucene search
K

59 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2024/09/16 4:32 p.m.39 views

Security Bulletin: Vulnerability in Netty affects watsonx.data

Summary Netty is vulnerable to a denial of service. For CVE-2019-9518, a remote attacker could cause watsonx.data to consume excessive CPU resources by sending a set of frames without an end-of-stream flag, eventually causing a denial of service condition. This would affect watsonx.data. For...

7.8CVSS8.5AI score0.25448EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/03 8:48 p.m.30 views

Security Bulletin: Vulnerabilities in Netty affect watsonx.data

Summary Netty is vulnerable to denial of service attacks and remote attack via restrictions bypass. These can affect watsonx.data. Vulnerability Details CVEID:CVE-2015-2156 DESCRIPTION: Netty could allow a remote attacker to bypass restrictions, caused by the improper validation of characters in ...

7.8CVSS8.5AI score0.25448EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/10/16 12:0 a.m.39 views

Ubuntu 18.04 ESM : Netty vulnerabilities (USN-4866-1)

The remote Ubuntu 18.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4866-1 advisory. It was discovered that Netty incorrectly implements HTTP/2. An attacker could possibly use this issue to cause a denial of service. CVE-2019-9512,...

7.8CVSS8.1AI score0.87806EPSS
Exploits1References5
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/21 6:13 p.m.73 views

Security Bulletin: IBM Storage Protect is vulnerable to multiple attacks due to http2-server and http2-common

Summary IBM Storage Protect Server uses the http2-server and http2-common components and may be vulnerable to these attacks. Vulnerability Details CVEID:CVE-2019-9511 DESCRIPTION: Multiple vendors are vulnerable to a denial of service, caused by a Data Dribble attack. By sending a HTTP/2 request ...

7.8CVSS6.9AI score0.87806EPSS
Exploits1Affected Software1
F5 Networks
F5 Networks
added 2023/02/21 6:53 p.m.110 views

K46011592: HTTP/2 Empty Frames Flood vulnerability CVE-2019-9518

Security Advisory Description Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. The attacker sends a stream of frames with an empty payload and without the end-of-stream flag. These frames can be DATA, HEADERS, CONTINUATION and/or...

7.8CVSS7.9AI score0.25448EPSS
Exploits0
OpenVAS
OpenVAS
added 2023/01/27 12:0 a.m.33 views

Ubuntu: Security Advisory (USN-4866-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.9AI score0.87806EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2022/02/22 8:10 p.m.45 views

Security Bulletin: Netty vulnerabilities affect IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2019-9514, CVE-2019-9512, CVE-2019-9518, CVE-2019-9515)

Summary Netty denial of service vulnerabilities affect IBM Spectrum Control formerly Tivoli Storage Productivity Center. Vulnerability Details CVEID: CVE-2019-9514 DESCRIPTION: Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker...

7.8CVSS7.8AI score0.87806EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/02/22 8:10 p.m.50 views

Security Bulletin: WebSphere Application Server Liberty vulnerabilities affect IBM Spectrum Control (formerly Tivoli Storage Productivity Center)

Summary Multiple vulnerabilities in IBM WebSphere Application Server Liberty affect IBM Spectrum Control formerly Tivoli Storage Productivity Center. IBM Spectrum Control has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2019-4304 DESCRIPTION: IBM WebSphere Application Server -...

7.8CVSS7.2AI score0.87806EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/02/22 7:59 p.m.49 views

Security Bulletin: Node.js vulnerabilities affect IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2019-9511, CVE-2019-9512, CVE-2019-9513, CVE-2019-9514, CVE-2019-9515, CVE-2019-9516, CVE-2019-9517, CVE-2019-9518)

Summary Node.js denial of service vulnerabilities affect IBM Spectrum Control formerly Tivoli Storage Productivity Center. Vulnerability Details CVE-ID: CVE-2019-9511 Description: Multiple vendors are vulnerable to a denial of service, caused by a Data Dribble attack. By sending a HTTP/2 request ...

7.8CVSS7.6AI score0.87806EPSS
Exploits1Affected Software1
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.38 views

Mageia: Security Advisory (MGASA-2020-0372)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.5AI score0.87806EPSS
Exploits4References10
Ubuntu
Ubuntu
added 2021/06/29 7:18 p.m.63 views

USN-4866-1: Netty vulnerabilities

It was discovered that Netty incorrectly implements HTTP/2. An attacker could possibly use this issue to cause a denial of service. CVE-2019-9512, CVE-2019-9514, CVE-2019-9515, CVE-2019-9518...

7.8CVSS7.7AI score0.87806EPSS
Exploits1
OSV
OSV
added 2021/06/29 7:18 p.m.6 views

USN-4866-1 netty vulnerabilities

It was discovered that Netty incorrectly implements HTTP/2. An attacker could possibly use this issue to cause a denial of service. CVE-2019-9512, CVE-2019-9514, CVE-2019-9515, CVE-2019-9518...

7.8CVSS7.1AI score0.87806EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.42 views

SUSE: Security Advisory (SUSE-SU-2019:2260-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.1AI score0.87806EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.41 views

SUSE: Security Advisory (SUSE-SU-2019:2254-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.1AI score0.87806EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.32 views

SUSE: Security Advisory (SUSE-SU-2020:0059-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.1AI score0.87806EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/01/29 12:0 a.m.63 views

CentOS 8 : nodejs:10 (CESA-2019:2925)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:2925 advisory. - nodejs: Insufficient Slowloris fix causing DoS via server.headersTimeout bypass CVE-2019-5737 - HTTP/2: large amount of data requests leads to denial...

7.8CVSS7.2AI score0.87806EPSS
Exploits1References10
IBM Security Bulletins
IBM Security Bulletins
added 2020/12/09 4:40 a.m.43 views

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Netty

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Netty. Vulnerability Details CVEID: CVE-2019-16869 DESCRIPTION: Netty is vulnerable to HTTP request smuggling, caused by a flaw when handling unusual whitespaces before the colon in HTTP headers. By sending a...

7.8CVSS0.9AI score0.87806EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/08/31 7:36 p.m.41 views

Security Bulletin: Multiple vulnerabilities in IBM WebSphere Application Server Liberty affect IBM Spectrum Protect Plus

Summary There are multiple vulnerabilities in IBM WebSphere Application Server Liberty that may affect IBM Spectrum Protect Plus. Vulnerability Details CVEID: CVE-2019-17573 DESCRIPTION: Apache CXF is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the...

9.8CVSS0.8AI score0.87806EPSS
Exploits3Affected Software1
RedHat Linux
RedHat Linux
added 2020/07/29 6:21 a.m.95 views

Important: Red Hat Security Advisory: Red Hat Process Automation Manager 7.8.0 Security Update

An update is now available for Red Hat Process Automation Manager. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

9.8CVSS7.5AI score0.87806EPSS
Exploits11References35
RedHat Linux
RedHat Linux
added 2020/07/29 6:6 a.m.99 views

Important: Red Hat Security Advisory: Red Hat Decision Manager 7.8.0 Security Update

An update is now available for Red Hat Decision Manager. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in...

9.8CVSS7.4AI score0.87806EPSS
Exploits10References34
Rows per page
Query Builder