Lucene search
K

4420 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/07/31 5:54 p.m.29 views

Security Bulletin: IBM App Connect Enterprise Certified Container IntegrationServer and IntegrationRuntime operands that use Google PubSub nodes are vulnerable to arbitrary code execution due to [CVE-2023-36665]

Summary Node.js module protobuf.js is used by IBM App Connect Enterprise Certified Container by the Google PubSub node. IBM App Connect Enterprise Certified Container IntegrationServer and IntegrationRuntime operands that use the Google PubSub node are vulnerable to arbitrary code execution. This...

9.8CVSS9.7AI score0.01422EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/31 5:52 p.m.30 views

Security Bulletin: IBM App Connect Enterprise Certified Container operator and operands are vulnerable to arbitrary code execution due to [CVE-2023-29404]

Summary The IBM App Connect Enterprise Certified Container operator is written in Golang Go, as are parts of the ace-server application. IBM App Connect Enterprise Certified Container operator and operands are vulnerable to arbitrary code execution. This bulletin provides patch information to...

9.8CVSS9.8AI score0.01837EPSS
Exploits0Affected Software1
OSV
OSV
added 2023/07/29 11:5 a.m.3 views

OESA-2023-1446 doxygen security update

Doxygen is the de facto standard tool for generating documentation from annotated C++ sources, but it also supports other popular programming languages such as C, Objective-C, C, PHP, Java, Python, IDL Corba, Microsoft, and UNO/OpenOffice flavors, Fortran, VHDL, Tcl, and to some extent D. Securit...

7.3AI score
Exploits5References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/28 2:36 p.m.29 views

Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use mapping assistance are vulnerable to denial of service due to [CVE-2023-3576]

Summary libtiff is not used directly by IBM App Connect Enterprise Certified Container but is present in one of the DesignerAuthoring images. IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use mapping assistance are vulnerable to denial of service. This bulletin...

5.5CVSS6AI score0.00341EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/28 2:35 p.m.29 views

Security Bulletin: IBM App Connect Enterprise Certified Container operands are vulnerable to loss of confidentiality and loss of integrity due to [CVE-2023-31124], [CVE-2023-31130], [CVE-2023-31147]

Summary c-ares is cross-compiled with the Node.js runtime in the Red Hat Universal Base Images used by IBM App Connect Enterprise Certified Container. IBM App Connect Enterprise Certified Container Dashboard and DesignerAuthoring operands are vulnerable to loss of confidentiality and loss of...

6.5CVSS6.1AI score0.00936EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/28 2:33 p.m.26 views

Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use mapping assistance are vulnerable to loss of confidentiality due to [CVE-2023-2976]

Summary Google Guava is used by IBM App Connect Enterprise Certified Container by mapping assistance. IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use mapping assistance are vulnerable to loss of confidentiality. This bulletin provides patch information to addres...

7.1CVSS5.9AI score0.00248EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/28 2:31 p.m.29 views

Security Bulletin: IBM App Connect Enterprise Certified Container operands are vulnerable to denial of service and arbitrary code execution due to [CVE-2022-4904], [CVE-2023-32067]

Summary c-ares is cross-compiled with the Node.js runtime in the Red Hat Universal Base Images used by IBM App Connect Enterprise Certified Container. IBM App Connect Enterprise Certified Container Dashboard and DesignerAuthoring operands are vulnerable to denial of service and arbitrary code...

8.6CVSS8.6AI score0.01577EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/28 1:39 p.m.50 views

Security Bulletin: Multiple OpenSSL vulnerabilities affect IBM Safer Payments

Summary OpenSSL is used by IBM Safer Payments as part of all secure network communications. These are addressed. Vulnerability Details CVEID:CVE-2023-0466 DESCRIPTION: OpenSSL could allow a remote attacker to bypass security restrictions, caused by a flaw in the X509VERIFYPARAMadd0policy function...

7.5CVSS7AI score0.73461EPSS
Exploits0Affected Software1
Circl
Circl
added 2023/07/28 12:29 p.m.7 views

CVE-2023-3990

creationtimestamp| type| source ---|---|--- 2023-07-28 12:29:15+00:00| seen| https://t.me/cibsecurity/67359 2024-12-05 13:57:04+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2023/CVE-2023-3990.yaml...

6.1CVSS5.8AI score0.01365EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/27 4:1 p.m.46 views

Security Bulletin: IBM App Connect Enterprise Certified Container operator and operands are vulnerable to privilege escalation due to [CVE-2023-29403]

Summary The IBM App Connect Enterprise Certified Container operator is written in Golang Go, as are parts of the ace-server application. IBM App Connect Enterprise Certified Container operator and operands are vulnerable to privilege escalation. This bulletin provides patch information to address...

7.8CVSS8.5AI score0.00432EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/27 3:44 p.m.33 views

Security Bulletin: IBM App Connect Enterprise Certified Container operands are vulnerable to security restriction bypass due to [CVE-2023-24329]

Summary Python is used by IBM App Connect Enterprise Certified Container for mapping assistance, and is present in the images as part of the base operating system. IBM App Connect Enterprise Certified Container operands are vulnerable to security restriction bypass. This bulletin provides patch...

7.5CVSS7.6AI score0.20459EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/27 3:40 p.m.41 views

Security Bulletin: IBM App Connect Enterprise Certified Container operands are vulnerable to denial of service and security restriction bypass due to [CVE-2023-2283], [CVE-2023-1667]

Summary libssh is found in the IBM App Connect Enterprise Certified Container images as part of the base operating system. IBM App Connect Enterprise Certified Container operands are vulnerable to denial of service and security restriction bypass. This bulletin provides patch information to addre...

6.5CVSS7.2AI score0.01314EPSS
Exploits2Affected Software1
OpenVAS
OpenVAS
added 2023/07/26 12:0 a.m.26 views

Fedora: Security Advisory for kernel-tools (FEDORA-2023-3661f028b8)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.2AI score0.02163EPSS
Exploits2References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/25 1:39 p.m.35 views

Security Bulletin: IBM App Connect Enterprise Certified Container operands are vulnerable to denial of service due to [CVE-2022-40897]

Summary Python setuptools is present in the IBM App Connect Enterprise Certified Container operand images. Python setuptools is vulnerable to denial of service. This bulletin provides patch information to address the reported vulnerability in Python setuptools. CVE-2022-40897 Vulnerability Detail...

5.9CVSS6.3AI score0.02617EPSS
Exploits1Affected Software1
Wallarm Lab
Wallarm Lab
added 2023/07/24 2:26 p.m.13 views

API Security in 2023: Major Insights from Postman’s State of the API Report

📣 Good news for all tech enthusiasts! The highly anticipated 2023 State of the API Report, conducted by Postman - one of the leading dev tools for building APIs, is now available. This comprehensive report, produced annually, is backed by an extensive survey and offers a deep dive into the...

7AI score
Exploits0
Fedora
Fedora
added 2023/07/23 1:30 a.m.23 views

[SECURITY] Fedora 38 Update: kernel-tools-6.4.4-200.fc38

This package contains the tools/ directory from the kernel source and the supporting documentation...

7.8CVSS7.4AI score0.02163EPSS
Exploits2
Fedora
Fedora
added 2023/07/23 1:25 a.m.24 views

[SECURITY] Fedora 37 Update: kernel-tools-6.4.4-100.fc37

This package contains the tools/ directory from the kernel source and the supporting documentation...

7.8CVSS7.4AI score0.02163EPSS
Exploits2
Code423n4
Code423n4
added 2023/07/21 12:0 a.m.11 views

Collateralization ratio manipulation can cause a denial of service

Lines of code Vulnerability details Impact Stablecoin redeeming and profit accruing in the SavingsVest contract can be blocked when the collateralization ratio has overflown. Proof of Concept The mitigation recommended in 31 and implemented by the sponsor in this commit doesn't resolve the root...

7AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/18 2:2 p.m.41 views

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to Node.js Request module denial of service vulnerabilitiy [ CVE-2023-28155]

Summary Potential Node.js Request module denial of service vulnerabilitiy have been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. CVE-2023-28155 Vulnerability Details...

6.1CVSS6.3AI score0.00719EPSS
Exploits1Affected Software1
RedHat Linux
RedHat Linux
added 2023/07/18 7:48 a.m.61 views

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security...

7.8CVSS6.7AI score0.12966EPSS
Exploits7References5
Rows per page
Query Builder