Lucene search
K

19 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/03/06 3:0 p.m.5 views

Security Bulletin: IBM WebSphere Application Server is affected by a denial of service by IBM Master Data Management (CVE-2025-36097)

Summary IBM Master Data Management version 11.6, 12.0 and 14.0 are impacted by vulnerability in WebSphere Application Server which could create a denial of service caused by a stack-based overflow. Vulnerability Details CVEID:CVE-2025-36097 DESCRIPTION: IBM WebSphere Application Server 9.0 and...

7.5CVSS5.9AI score0.00399EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/29 7:26 a.m.7 views

Security Bulletin: Vulnerability in IBM WebSphere Application Server 9.0 and WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.7 affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in IBM WebSphere Application Server 9.0 and WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.7 has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component...

7.5CVSS6.4AI score0.00399EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/17 1:39 a.m.31 views

Security Bulletin: Security vulnerabilities have been discovered in IBM Verify Identity Access and IBM Security Verify Access

Summary Security vulnerabilities have been addressed in IBM Verify Identity Access and IBM Security Verify Access Vulnerability Details CVEID:CVE-2025-7962 DESCRIPTION: In Jakarta Mail 2.0.2 it is possible to preform a SMTP Injection by utilizing the \r and \n UTF-8 characters to separate differe...

7.5CVSS7AI score0.64718EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/01 9:42 a.m.10 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses WebSphere Application Server Liberty which is affected by a denial of service in glassfish jso np and vulnerable to CVE-2025-36097

Summary IBM Maximo Application Suite - Monitor Component uses WebSphere Application Server Liberty which is affected by a denial of service in glassfish jso np and vulnerable to CVE-2025-36097. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details...

7.5CVSS6.7AI score0.00399EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/07 7:41 a.m.8 views

Security Bulletin: IBM Maximo Application Suite uses WebSphere Application Server Liberty V.25.0.0.2, flask-3.1.0-py3-none-any.whl form-data-2.5.1.tgz and golang.org/x/net which is vulnerable to multiple CVEs

Summary IBM Maximo Application Suite uses WebSphere Application Server Liberty V.25.0.0.2, flask-3.1.0-py3-none-any.whl form-data-2.5.1.tgz and golang.org/x/net which is vulnerable to CVE-2025-36097, CVE-2025-7783, CVE-2025-25193, CVE-2025-47278, CVE-2025-23184, CVE-2025-22872 and CVE-2024-56339...

9.4CVSS6.6AI score0.01941EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/01 4:58 p.m.5 views

Security Bulletin: IBM Operations Analytics - Log Analysis is affected by a denial of service due to JSON-P Java API

Summary JSON-P java api is used by IBM Operations Analytics - Log Analysis as part of converting plain Java objects to and from JSON data in WebSphere Application Server Liberty. CVE-2025-36097. Vulnerability Details CVEID:CVE-2025-36097 DESCRIPTION: IBM WebSphere Application Server 9.0 and...

7.5CVSS6.9AI score0.00399EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/09 5:14 p.m.6 views

Security Bulletin: Vulnerabilities in IBM WebSphere Liberty that is shipped with IBM CICS TX Standard (CVE-2025-36097 and CVE-2024-56339)

Summary There are vulnerabilities in IBM WebSphere Liberty that is shipped with IBM CICS TX Standard CVE-2025-36097 and CVE-2024-56339. An update to IBM CICS TX Standard has been released to address these. Vulnerability Details CVEID:CVE-2025-36097 DESCRIPTION: IBM WebSphere Application Server 9....

7.5CVSS7.1AI score0.004EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/09 5:8 p.m.8 views

Security Bulletin: Vulnerabilities in IBM WebSphere Liberty that is shipped with IBM TXSeries for Multiplatforms (CVE-2025-36097 and CVE-2024-56339).

Summary There are vulnerabilities in IBM WebSphere Liberty that is shipped with IBM TXSeries for Multiplatforms CVE-2025-36097 and CVE-2024-56339. An update to IBM TXSeries for Multiplatforms has been released to address these. Vulnerability Details CVEID:CVE-2025-36097 DESCRIPTION: IBM WebSphere...

7.5CVSS7.1AI score0.004EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/04 9:5 a.m.6 views

Security Bulletin: The IBM Engineering Test Management product using WebSphere Application Server is affected by a denial of service with glassfish jsonp (CVE-2025-36097)

Summary IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by a denial of service. This affects WebSphere Liberty with the jsonp-1.0, jsonp-1.1, or jsonp-2.0 features enabled. It has been addressed in this bulletin. Vulnerability Details Refer to the security...

7.5CVSS8.6AI score0.00399EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/01 5:30 a.m.5 views

Security Bulletin: The IBM® Engineering Lifecycle Management products using WebSphere Application Server Liberty is affected by a denial of service in glassfish jsonp (CVE-2025-36097)

Summary IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by a denial of service. This affects WebSphere Liberty with the jsonp-1.0, jsonp-1.1, or jsonp-2.0 features enabled. Following IBM® Engineering Lifecycle Management products are vulnerable to this attac...

7.5CVSS8.8AI score0.00399EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/08/21 4:16 p.m.6 views

Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server, which is a required product for IBM Tivoli Network Manager IP Edition

Summary IBM WebSphere Application Server is a required product for IBM Tivoli Network Manager version 4.2. Information about multiple security vulnerabilities affecting IBM WebSphere Application Server have been addressed CVE-2025-36097,CVE-2024-56339 Vulnerability Details Refer to the security...

7.5CVSS7.1AI score0.004EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/07/28 8:54 p.m.5 views

Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM WebSphere Hybrid Edition, is affected by a denial of service (CVE-2025-36097)

Summary IBM WebSphere Application Server Liberty, which is bundled with IBM WebSphere Hybrid Edition, is affected by a denial of service with the jsonp-1.0, jsonp-1.1, or jsonp-2.0 features enabled. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

7.5CVSS6.8AI score0.00399EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/07/22 6:5 p.m.6 views

Security Bulletin: IBM WebSphere Application Server and WebSphere Application Server Liberty, which are bundled with WebSphere Remote Server, are affected by a denial of service (CVE-2025-36097)

Summary IBM WebSphere Application Server and WebSphere Application Server Liberty are shipped with IBM WebSphere Remote Server. Information about a security vulnerability affecting IBM WebSphere Application Server and WebSphere Application Server Liberty has been published in a security bulletin...

7.5CVSS6.8AI score0.00399EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/07/21 2:10 p.m.9 views

Security Bulletin: IBM Tivoli Composite Application Manager for Application Diagnostics installed WebSphere Application Server is affected by a denial of service with glassfish jsonp (CVE-2025-36097)

Summary WebSphere Application Server is included as part of IBM Tivoli Composite Application Manager for Application Diagnostics and has affected by a denial of service with glassfish jsonp CVE-2025-36097 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes sectio...

7.5CVSS6.9AI score0.00399EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/07/18 5:58 p.m.6 views

CVE-2025-36097

IBM WebSphere Application Server 9.0 and WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.7 are vulnerable to a denial of service, caused by a stack-based overflow. An attacker can send a specially crafted request that cause the server to consume excessive memory resources...

7.5CVSS6.3AI score0.00399EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/07/17 12:0 a.m.6 views

IBM WebSphere Application Server 9.x < 9.0.5.25 / Liberty 17.0.0.3 < 25.0.0.8 DoS (7239856)

The version of IBM WebSphere Application Server running on the remote host is affected by a DoS vulnerability as referenced in the 7239856 advisory. - IBM WebSphere Application Server 9.0 and WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.7 are vulnerable to a denial of service,...

7.5CVSS6.6AI score0.00399EPSS
Exploits0References2
CVE
CVE
added 2025/07/16 5:44 p.m.51 views

CVE-2025-36097

CVE-2025-36097 affects IBM WebSphere Application Server 9.0 and WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.7. The issue is a stack-based overflow in the server when processing specially crafted requests, leading to denial of service by consuming memory resources. The vulnerabili...

7.5CVSS6.5AI score0.00399EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/07/16 5:44 p.m.5 views

CVE-2025-36097 IBM WebSphere Application Server denial of service

IBM WebSphere Application Server 9.0 and WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.7 are vulnerable to a denial of service, caused by a stack-based overflow. An attacker can send a specially crafted request that cause the server to consume excessive memory resources...

7.5CVSS7AI score0.00399EPSS
Exploits0References1
Circl
Circl
added 2025/07/16 4:25 p.m.8 views

CVE-2025-36097

creationtimestamp| type| source ---|---|--- 2025-07-16 16:25:05+00:00| seen| https://bsky.app/profile/knaepp.bsky.social/post/3lu3texeaya2b 2025-07-16 16:40:05+00:00| seen| https://bsky.app/profile/knaepp.bsky.social/post/3lu3u7rkyfj27 2025-07-16 16:50:04+00:00| seen|...

7.5CVSS4.7AI score0.00399EPSS
Exploits0References4
Rows per page
Query Builder