Lucene search
K

3577 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/04/06 5:40 p.m.9 views

Security Bulletin: IBM Operations Analytics - Log Analysis is affected by denial of service (DoS), server-side request forgery (SSRF) protections, leak or corrupt request data, and security by-pass due to the use of Eclipse Jetty

Summary Eclipse Jetty in Apache Solr, and Apache ZooKeeper is used by IBM Operations Analytics - Log Analysis as Solr's HTTP endpoints and admin UI, and on Zookeeper as AdminServer HTTP interface. CVE-2024-8184, CVE-2024-6763, CVE-2024-13009, CVE-2025-11143 Vulnerability Details CVEID:CVE-2024-81...

7.2CVSS6.9AI score0.01037EPSS
Exploits1Affected Software1
Veracode
Veracode
added 2026/03/31 9:31 a.m.4 views

Improper Input Validation

github.com/eclipse/paho.mqtt.golang is vulnerable to improper input validation. The vulnerability is due to unsafe conversion of string length from int32/int64 to int16 without overflow checks, which allows an attacker to craft oversized UTF-8 inputs that cause packet corruption or unintended dat...

6.3CVSS7.2AI score0.00197EPSS
Exploits0References6Affected Software1
RedHat Linux
RedHat Linux
added 2026/03/30 11:0 a.m.6 views

org.eclipse.jgit: XXE vulnerability in Eclipse JGit

A flaw was found in Eclipse JGit. This vulnerability can allow information disclosure, denial of service, and other security issues when parsing XML files...

6.8CVSS6.9AI score0.0104EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2026/03/30 11:0 a.m.15 views

Critical: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.17 security update

An update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability scoring System CVSS base score, which gives a detailed severity rating, ...

9.8CVSS7AI score0.01256EPSS
Exploits2References9
Tenable Nessus
Tenable Nessus
added 2026/03/30 12:0 a.m.9 views

RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.3.17 (RHSA-2026:6011)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:6011 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...

9.8CVSS7.1AI score0.01256EPSS
Exploits2References15
Rapid7 Blog
Rapid7 Blog
added 2026/03/27 8:48 p.m.7 views

Metasploit Wrap-Up 03/27/2026

Better NTLM Relaying Functionality This week’s release brings an improvement to the SMB NTLM relay server. In the past, it’s support has been expanded with modules for relaying to HTTP ESC8, MSSQL and LDAP while still receiving connections over the humble SMB service. Prior to this release, clien...

9.8CVSS7.3AI score0.00447EPSS
Exploits0
The Hacker News
The Hacker News
added 2026/03/27 1:57 p.m.9 views

Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks

Cybersecurity researchers have disclosed details of a now-patched bug impacting Open VSX's pre-publish scanning pipeline to cause the tool to allow a malicious Microsoft Visual Studio Code VS Code extension to pass the vetting process and go live in the registry. "The pipeline had a single boolea...

6AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/27 12:47 a.m.7 views

Security Bulletin: IBM Storage Protect Server is affected by a vulnerability in the Eclipse Jetty web server library that could lead to request data corruption or leakage between sessions (CVE-2024-13009).

Summary IBM Storage Protect Server uses the Eclipse Jetty web server library in certain components. Jetty is vulnerable to improper handling of malformed gzip requests, which may lead to request data corruption or inadvertent leakage of request data between sessions under certain conditio...

7.2CVSS7.1AI score0.00432EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/03/27 12:0 a.m.12 views

IBM WebSphere eXtreme Scale 8.6.1.0 < 8.6.1.6 (7267689)

The version of IBM WebSphere eXtreme Scale installed on the remote host is prior to 8.6.1.6. It is, therefore, affected by multiple vulnerabilities as referenced in the 7267689 advisory. - In the Eclipse OMR port library component since release 0.2.0, an API function to return the textual names o...

9.8CVSS6.3AI score0.00864EPSS
Exploits1References6
Metasploit
Metasploit
added 2026/03/25 6:58 p.m.207 views

Eclipse Che machine-exec Unauthenticated RCE

This module exploits an unauthenticated remote code execution vulnerability in the Eclipse Che machine-exec service CVE-2025-12548. The machine-exec service, exposed on port 3333 within Red Hat OpenShift DevSpaces developer workspace containers, accepts WebSocket connections without authenticatio...

9CVSS6.6AI score0.01164EPSS
Exploits2
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.5 views

PT-2026-28108

Name of the Vulnerable Software and Affected Versions Netty versions prior to 4.1.132.Final and versions prior to 4.2.10.Final Description Netty, an asynchronous, event-driven network application framework, is susceptible to a Denial of Service DoS attack. A remote user can exploit this by sendin...

9.8CVSS5.9AI score0.01125EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.8 views

PT-2026-28107

Name of the Vulnerable Software and Affected Versions Netty versions prior to 4.1.132.Final and 4.2.10.Final Description Netty incorrectly parses quoted strings in HTTP/1.1 chunked transfer encoding extension values, enabling request smuggling attacks. Specifically, Netty terminates chunk header...

8.7CVSS5.8AI score0.01125EPSS
Exploits1References490
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/24 2:25 p.m.6 views

Security Bulletin: Communications Server (CS) for Data Center Deployment, CS for Linux, and CS for Linux on System z are affected by: IBM Java: Buffer overflow vulnerability in OMR allows denial-of-service

Summary Communications Server CS for Data Center Deployment, CS for Linux, and CS for Linux on System z install a local Java JRE in its product directories. This JRE is used solely for the IBM Key Manager ikeyman tool which is called by the snakeyman script used for managing the SSL key database...

9.8CVSS6.2AI score0.00491EPSS
Exploits0Affected Software3
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/24 11:41 a.m.5 views

Security Bulletin: SOAR App Host is using a component with a known vulnerability (CVE-2026-1188)

Summary IBM SOAR App Host uses an older version of the OMR component in OpenJ9 JVM that may be identified and exploited. Updates for supported versions have been released which address the issue. It is recommended to upgrade to version 1.15.7.0 Vulnerability Details CVEID:CVE-2026-1188 DESCRIPTIO...

9.8CVSS7.5AI score0.00491EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/20 7:32 a.m.5 views

Security Bulletin: IBM Engineering Lifecycle Management - Jazz Foundation is impacted by vulnerabilities in Eclipse Paho Java client library

Summary A vulnerability has been identified in Eclipse Paho Java client library, which is used in IBM Engineering Lifecycle Management - Jazz Foundation. Vulnerability Details CVEID:CVE-2019-11777 DESCRIPTION: In the Eclipse Paho Java client library version 1.2.0, when connecting to an MQTT serve...

7.5CVSS6.6AI score0.00827EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2026/03/18 1:54 p.m.7 views

org.eclipse.jgit: XXE vulnerability in Eclipse JGit

A flaw was found in Eclipse JGit. This vulnerability can allow information disclosure, denial of service, and other security issues when parsing XML files...

6.8CVSS6.8AI score0.0104EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2026/03/18 1:19 p.m.6 views

org.eclipse.jgit: XXE vulnerability in Eclipse JGit

A flaw was found in Eclipse JGit. This vulnerability can allow information disclosure, denial of service, and other security issues when parsing XML files...

6.8CVSS6.8AI score0.0104EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2026/03/18 1:19 p.m.6 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.24 security update

A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

9.8CVSS7.1AI score0.02772EPSS
Exploits4References13
RedHat Linux
RedHat Linux
added 2026/03/18 1:17 p.m.4 views

org.eclipse.jgit: XXE vulnerability in Eclipse JGit

A flaw was found in Eclipse JGit. This vulnerability can allow information disclosure, denial of service, and other security issues when parsing XML files...

6.8CVSS6.8AI score0.0104EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2026/03/18 1:17 p.m.10 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.24 security update

A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

9.8CVSS7.1AI score0.02772EPSS
Exploits4References13
Rows per page
Query Builder