Lucene search
K

18 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/03/27 4:33 p.m.10 views

Security Bulletin: Multiple vulnerabilities in IBM Event Endpoint Management.

Summary Multiple vulnerabilities were addressed in IBM Event Endpoint Management 11.7.3 Vulnerability Details CVEID:CVE-2025-68470 DESCRIPTION: React Router is a router for React. In versions 6.0.0 through 6.30.1 and 7.0.0 through 7.9.5, an attacker-supplied path can be crafted so that when a Rea...

9.2CVSS6.1AI score0.00743EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/04 5:50 a.m.5 views

Security Bulletin: IBM Event Endpoint Management is vulnerable to unauthorized access

Summary IBM Event Endpoint Management is vulnerable to unauthorized access due to improper restriction of hidden directories CVE-2025-11965 Vulnerability Details CVEID:CVE-2025-11965 DESCRIPTION: In Eclipse Vert.x versions 4.0.0, 4.5.21 and 5.0.0, 5.0.4, a StaticHandler configuration for...

7.5CVSS5.8AI score0.00459EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/10 7:18 a.m.11 views

Security Bulletin: IBM Event Endpoint Management is vulnerable to improper input validation( CVE-2025-12758)

Summary IBM Event Endpoint Management is vulnerable to improper input validation due to incorrect Unicode string length calculation. Vulnerability Details CVEID:CVE-2025-12758 DESCRIPTION: Versions of the package validator before 13.15.22 are vulnerable to Incomplete Filtering of One or More...

8.7CVSS5.8AI score0.00454EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/29 7:39 a.m.8 views

Security Bulletin:IBM Event Endpoint Management is vulnerable to Sensitive Information Leakage and Request Smuggling (CVE-2025-4673,CVE-2025-22871)

Summary Operator of IBM Event Endpoint Management is vulnerable to Sensitive Information Leakage and Request Smuggling due to apache HTTP pomponents. IBM Event Endpoint Management uses HTTP components to expose secure event APIs via its Event Gateway, enabling client applications to interact with...

9.1CVSS6.6AI score0.00778EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/29 7:33 a.m.4 views

Security Bulletin: IBM Event Endpoint Management is vulnerable to Remote Code Execution and Server-Side Request Forgery attacks (CVE-2025-27818,CVE-2025-27817)

Summary Operator of IBM Event Endpoint Management is vulnerable to remote code execution and server-side request forgery due to unsafe deserialization and misconfigured OAuthBearer endpoints in SASL JAAS configuration. Vulnerability Details CVEID:CVE-2025-27818 DESCRIPTION: A possible security...

8.8CVSS7.9AI score0.62368EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/29 7:32 a.m.3 views

Security Bulletin: IBM Event Endpoint Management is vulnerable to HTTP Parameter Pollution (HPP) attack (CVE-2025-7783)

Summary Operator of IBM Event Endpoint Management is vulnerable to an HTTP Parameter Pollution HPP attack due to the use of random values in the form-data module. This vulnerability affects how data from HTML forms is processed, particularly during form submission or when interacting with event...

9.4CVSS6.6AI score0.01735EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/08/15 9:39 a.m.8 views

Security Bulletin: IBM Event Endpoint Management is affected by multiple vulnerabilities.

Summary Multiple vulnerabilities were addressed in IBM Event Endpoint Management v11.6.3. Vulnerability Details CVEID:CVE-2025-30698 DESCRIPTION: An unspecified vulnerability in Java SE related to the 2D component could allow a remote attacker to cause low confidentiality, low integrity and low...

5.6CVSS5.9AI score0.0095EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/07/07 10:1 a.m.4 views

Security Bulletin: IBM Event Endpoint Management is affected by multiple vulnerabilities.

Summary IBM Event Endpoint Management is affected by multiple vulnerabilities. Vulnerability Details CVEID:CVE-2025-21587 DESCRIPTION: An unspecified vulnerability in Java SE related to the Server: DDL component could allow a remote attacker to cause high confidentiality and high integrity impact...

7.5CVSS6.3AI score0.0073EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/07/01 10:22 a.m.11 views

Security Bulletin: IBM Event Endpoint Management is vulnerable to a Cross-site scripting (XSS) attack (CVE-2024-11831).

Summary IBM Event Endpoint Management is vulnerable to a Cross-site scripting XSS attack due to a flaw in npm-serialize-javascript. It is used for safely serialize complex JavaScript objects for storage or transmission. Vulnerability Details CVEID:CVE-2024-11831 DESCRIPTION: A flaw was found in...

5.4CVSS6.1AI score0.01081EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/27 3:24 a.m.9 views

Security Bulletin: IBM Event Endpoint Management is vulnerable to a Directory Traversal (or path traversal) attack (CVE-2024-21540).

Summary Operator of IBM Event Endpoint Management is vulnerable to a Directory Traversal or path traversal attack due to the source-map-support library. It helps to show original source code in error stack traces for better debugging. Vulnerability Details CVEID:CVE-2024-21540 DESCRIPTION: All...

6.6AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/11/13 11:48 a.m.24 views

Security Bulletin: Multiple Vulnerabilities in IBM Event Endpoint Management

Summary Multiple vulnerabilities were addressed in IBM Event Endpoint Management version 11.3.2 Vulnerability Details CVEID:CVE-2024-47176 DESCRIPTION: OpenPrinting cups-browsed could allow a remote attacker to obtain sensitive information, caused by the binding on UDP INADDRANY:631 and trusting...

9.8CVSS9.9AI score0.76959EPSS
Exploits17Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/11/12 10:48 a.m.14 views

Security Bulletin: Multiple Vulnerabilities in IBM Event Endpoint Management

Summary Multiple vulnerabilities were addressed in IBM Event Endpoint Management version 11.3.1 Vulnerability Details CVEID:CVE-2024-47561 DESCRIPTION: Apache Avro could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a flaw in schema parsing in the Java...

9.2CVSS8AI score0.03256EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/04/25 5:20 a.m.24 views

Security Bulletin: IBM Event Endpoint Management is vulnerable to a denial of service attack (CVE-2023-51074).

Summary IBM Event Endpoint Management is vulnerable to a denial of service due to json-path component, caused by a stack-based buffer overflow in the Criteria.parse method.It is a query language for JSON, similar to XPath for XML. It allows you to select and extract data from a JSON document...

5.3CVSS5.7AI score0.0067EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/16 8:14 a.m.36 views

Security Bulletin: IBM Event Endpoint Management is vulnerable to a denial of service (CVE-2023-4043).

Summary IBM Event Endpoint Management is vulnerable to a denial of service due to parsson-1.1.2.jar component. Parsson is an implementation of Jakarta JSON Processing specification. Vulnerability Details CVEID:CVE-2023-4043 DESCRIPTION: Eclipse Parsson is vulnerable to a denial of service, caused...

7.5CVSS6.4AI score0.00764EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/01/24 9:24 a.m.25 views

Security Bulletin: IBM Event Endpoint Management is vulnerable to a man-in-the-middle (MITM) attack due to the Hot Rod Client (CVE-2023-4586).

Summary Operator of IBM Event Endpoint Management is vulnerable to a man-in-the-middle MITM attack in Netty-handler-4.1.94.Final.jar in the Hot Rod client. Hot Rod is a binary, platform-independent protocol that was developed in the open as a part of Infinispan. Infinispan is as a shared store fo...

7.4CVSS7.1AI score0.00448EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/11/29 10:32 p.m.39 views

Security Bulletin: IBM Event Endpoint Management is vulnerable to a denial of service in Netty (CVE-2023-44487)

Summary Operator of IBM Event Endpoint Management is vulnerable to a denial of service in Netty 4.1.94 CVE-2023-44487 Vulnerability Details CVEID:CVE-2023-44487 DESCRIPTION: Multiple vendors are vulnerable to a denial of service, caused by a flaw in handling multiplexed streams in the HTTP/2...

7.5CVSS7.7AI score0.99999EPSS
Exploits19Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/31 2:34 a.m.24 views

Security Bulletin: IBM Event Endpoint Management is vulnerable to a denial of service

Summary Operator of IBM Event Endpoint Management is vulnerable to an unauthorized endpoint access and possibly a denial of service. CVE-2023-4853 Vulnerability Details CVEID: CVE-2023-4853 DESCRIPTION: Quarkus could allow a remote attacker to bypass security restrictions, caused by improper...

8.1CVSS6.6AI score0.01215EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/31 2:32 a.m.21 views

Security Bulletin: IBM Event Endpoint Management is vulnerable to a denial of service

Summary Operator of IBM Event Endpoint Management is vulnerable to a denial of service of the Okio client CVE-2023-3635 Vulnerability Details CVEID: CVE-2023-3635 DESCRIPTION: Okio GzipSource is vulnerable to a denial of service, caused by unhandled exception. By sending a specially crafted gzip...

7.5CVSS6.6AI score0.01254EPSS
Exploits1Affected Software1
Rows per page
Query Builder