Lucene search
K

24 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/06/22 12:20 p.m.6 views

Security Bulletin: Vulnerability in cryptography affects IBM Cloud Pak for Data System 2.0 (CPDS 2.0) [CVE-2023-2650, CVE-2023-4807, CVE-2023-3446 ]

Summary The cryptography package is used by IBM Cloud Pak for Data System 2.0 . IBM Cloud Pak for Data System 2.0 has addressed the applicable CVEs CVE-2023-2650, CVE-2023-4807, CVE-2023-3446 Vulnerability Details CVEID:CVE-2023-2650 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caus...

7.8CVSS7.6AI score0.73461EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/15 6:43 p.m.24 views

Security Bulletin: Db2 Query Management Facility is vulnerable to IBM Semeru Runtime Quarterly CPU - Oct 2023 - Includes OpenJDK October 2023 CPU plus CVE-2023-4807

Summary Db2 Query Management Facility is vulnerable to IBM Semeru Runtime Quarterly CPU - Oct 2023 - Includes OpenJDK October 2023 CPU plus CVE-2023-4807. Vulnerability Details CVEID:CVE-2023-22081 DESCRIPTION: An unspecified vulnerability in Java SE related to the JSSE component could allow a...

7.8CVSS7.6AI score0.014EPSS
Exploits0Affected Software4
IBM Security Bulletins
IBM Security Bulletins
added 2024/10/03 12:44 p.m.27 views

Security Bulletin: IBM Sterling Control Center v6.2.1 and v6.3.1 is vulnerable with IBM Semeru Runtime Quarterly CPU - Oct 2023

Summary IBM Semeru Runtime Quarterly CPU - Apr 2023 - Includes OpenJDK October 2023 CPU plus CVE-2023-4807 and CVE-2023-5676 and affecting Sterling Control Center v6.2.1 and v6.3.1. Vulnerability Details CVEID:CVE-2023-22081 DESCRIPTION: An unspecified vulnerability in Java SE related to the JSSE...

7.8CVSS6.3AI score0.014EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/09 7:8 a.m.68 views

Security Bulletin: IBM Maximo Application Suite - There is a vulnerability in Python used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2018-20225, CVE-2019-20916, CVE-2023-43804, CVE-2023-4807)

Summary There is a vulnerability in Python used by IBM Maximo Manage application in IBM Maximo Application Suite Vulnerability Details CVEID:CVE-2018-20225 DESCRIPTION: Pip could allow a local attacker to execute arbitrary code on the system, caused by a flaw in the --extra-index-url option. By...

8.1CVSS9.1AI score0.03028EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/08/05 10:2 p.m.38 views

Security Bulletin: IBM Storage Ceph is vulnerable to Uncontrolled Resource Consumption in the RHEL UBI (CVE-2023-2650, CVE-2023-3446, CVE-2023-4807)

Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. CVE-2023-2650, CVE-2023-3446, CVE-2023-4807. Vulnerability Details CVEID:CVE-2023-2650 DESCRIPTION: OpenSSL is vulnerable to a denial...

7.8CVSS7.4AI score0.73461EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/07/24 12:0 a.m.22 views

Photon OS 4.0: Openssl PHSA-2023-4.0-0472

An update of the openssl package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0472. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

7.8CVSS6.9AI score0.00862EPSS
Exploits0References2
ICS
ICS
added 2024/07/18 6:0 a.m.23 views

Mitsubishi Electric MELSOFT MaiLab and MELSOFT VIXIO (Update A)

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.2 ATTENTION : Exploitable remotely Vendor : Mitsubishi Electric Corporation Equipment : MELSOFT MaiLab Vulnerability : Improper Verification of Cryptographic Signature 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote...

7.8CVSS8.3AI score0.00862EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2024/07/08 12:0 a.m.29 views

Tenable.ad < 3.59.5 Multiple Vulnerabilities (TNS-2024-11)

The version of Tenable.ad installed on the remote host is prior to 3.59.5. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2024-11 advisory. - The POLY1305 MAC message authentication code implementation contains a bug that might corrupt the internal state of...

8.6CVSS7.7AI score0.87211EPSS
Exploits11References24
Tenable Nessus
Tenable Nessus
added 2024/07/03 12:0 a.m.24 views

CBL Mariner 2.0 Security Update: kata-containers-cc / hvloader / kata-containers / nodejs18 (CVE-2023-4807)

The version of kata-containers-cc / hvloader / kata-containers / nodejs18 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-4807 advisory. - Issue summary: The POLY1305 MAC message authentication co...

7.8CVSS6.9AI score0.00862EPSS
Exploits0References2
ICS
ICS
added 2024/06/27 12:0 a.m.46 views

Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric Products (Update E)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.0 ATTENTION : Exploitable remotely Vendor : ICONICS, Mitsubishi Electric Equipment : ICONICS Product Suite Vulnerabilities : Allocation of Resources Without Limits or Throttling, Improper Neutralization, Uncontrolled Search Path Element, Improper...

7.8CVSS7.3AI score0.73461EPSS
Exploits0References9
CBLMariner
CBLMariner
added 2024/05/17 9:38 p.m.23 views

CVE-2023-4807 affecting package kata-containers for versions less than 3.2.0.azl1-1

CVE-2023-4807 affecting package kata-containers for versions less than 3.2.0.azl1-1. An upgraded version of the package is available that resolves this issue...

7.8CVSS6.5AI score0.00862EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2023/12/13 8:4 p.m.39 views

Security Bulletin: IBM DataPower Gateway potentially vulnerable to a denial of service (CVE-2023-4807)

Summary IBM has addressed the CVE Vulnerability Details CVEID:CVE-2023-4807 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a state corruption flaw in the POLY1305 MAC message authentication code implementation, when running on newer X8664 processors supporting the AVX512-IFM...

7.8CVSS7.8AI score0.00862EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/11/29 1:16 p.m.31 views

Security Bulletin: Multiple vulnerabilities affect IBM® Semeru Runtime

Summary This bulletin covers all applicable Java SE CVEs published by OpenJDK as part of their October 2023 Vulnerability Advisory, plus CVE-2023-4807 and CVE-2023-5676. For more information please refer to OpenJDK's October 2023 Vulnerability Advisory and the X-Force database entries referenced...

7.8CVSS7.5AI score0.014EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/11/15 3:1 p.m.69 views

Security Bulletin: IBM App Connect Enterprise is vulnerable to a denial of service due to OpenSSL and Node.js (CVE-2023-4807, CVE-2023-44487)

Summary IBM App Connect Enterprise is vulnerable to a denial of service due to OpenSSL and Node.js CVE-2023-4807, CVE-2023-44487 Vulnerability Details CVEID: CVE-2023-4807 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a state corruption flaw in the POLY1305 MAC message...

7.8CVSS7.7AI score0.99999EPSS
Exploits19Affected Software1
OpenVAS
OpenVAS
added 2023/11/02 12:0 a.m.36 views

Tenable Nessus Agent 10.4.2 Multiple Vulnerabilities (TNS-2023-38)

Tenable Nessus Agent is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:tenable:nessusagent";...

9.8CVSS7.7AI score0.05533EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/11/01 12:0 a.m.119 views

Tenable Nessus < 10.6.2 Multiple Vulnerabilities (TNS-2023-37)

According to its self-reported version, the Tenable Nessus application running on the remote host is prior to 10.6.2. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2023-37 advisory. - Nessus leverages third-party software to help provide underlying functionality...

9.8CVSS6.5AI score0.02918EPSS
Exploits0References4
Node JS Blog
Node JS Blog
added 2023/10/26 12:0 a.m.47 views

OpenSSL Recent Security Patches

OpenSSL Recent Security Patches Summary For the vulnerabilities disclosed in the OpenSSL Security Advisories of: OpenSSL 3.0.11 - Tuesday 19th September 2023 OpenSSL 3.0.12 - Tuesday 24th October 2023 Node.js Windows is affected by one vulnerability rated as LOW. Therefore, these patches will be...

7.8CVSS6.4AI score0.03332EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/09/12 12:0 a.m.123 views

OpenSSL 1.1.1 < 1.1.1w Vulnerability

The version of OpenSSL installed on the remote host is prior to 1.1.1w. It is, therefore, affected by a vulnerability as referenced in the 1.1.1w advisory. - Issue summary: The POLY1305 MAC message authentication code implementation contains a bug that might corrupt the internal state of...

7.8CVSS6.9AI score0.00862EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/09/12 12:0 a.m.74 views

OpenSSL 3.1.0 < 3.1.3 Vulnerability

The version of OpenSSL installed on the remote host is prior to 3.1.3. It is, therefore, affected by a vulnerability as referenced in the 3.1.3 advisory. - Issue summary: The POLY1305 MAC message authentication code implementation contains a bug that might corrupt the internal state of applicatio...

7.8CVSS6.9AI score0.00862EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/09/12 12:0 a.m.74 views

OpenSSL 3.0.0 < 3.0.11 Vulnerability

The version of OpenSSL installed on the remote host is prior to 3.0.11. It is, therefore, affected by a vulnerability as referenced in the 3.0.11 advisory. - Issue summary: The POLY1305 MAC message authentication code implementation contains a bug that might corrupt the internal state of...

7.8CVSS6.9AI score0.00862EPSS
Exploits0References5
Rows per page
Query Builder