Security Bulletin: IBM Integration Designer is vulnerable to incorrect Calculation of Buffer Size (CVE-2026-1188)

Summary Vulnerability in the IBM® Runtime Environment Java™ Version 8 used by IBM Integration Designer. IBM Integration Designer has addressed CVE-2026-1188. Vulnerability Details CVEID:CVE-2026-1188 DESCRIPTION: In the Eclipse OMR port library component since release 0.2.0, an API function to...

CVE-2025-47285

Vyper is the Pythonic Programming Language for the Ethereum Virtual Machine. In versions up to and including 0.4.2rc1, concat may skip evaluation of side effects when the length of an argument is zero. This is due to a fastpath in the implementation which skips evaluation of argument expressions...

Security Bulletin: IBM Security Verify Directory products have multiple security vulnerabilities (CVE-2022-33164, CVE-2022-33168, CVE-2022-33161, CVE-2022-32755)

Summary Several vulnerabilities have been addressed in IBM Security Directory Server, IBM Security Directory Suite, and IBM Security Verify Directory products. Vulnerability Details CVEID:CVE-2022-33164 DESCRIPTION: IBM Security Directory Server 7.2.0 could allow a remote attacker to traverse...

CVE-2025-25194

Lemmy, a link aggregator and forum for the fediverse, is vulnerable to server-side request forgery via a dependency on activitypubfederation, a framework for ActivityPub federation in Rust. This vulnerability, which is present in versions 0.6.2 and prior of activitypubfederation and versions 0.19...

PT-2025-6232 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: No information is available about the vulnerable software and its affected versions. Description: The provided information does not contain details about the issue. There is a mention of a rejected reason, but no further explanation is given...

Security Bulletin: A Security Vulnerability was discovered in IBM Runtime Environment, Java Technology Edition provided with IBM Security Directory Suite (CVE-2023-33850)

Summary A Security Vulnerability was addressed in IBM Semeru Runtime Certified Edition provided with IBM Security Verify Directory and IBM Runtime Environment, Java Technology Edition provided with IBM Security Directory Suite. Vulnerability Details CVEID:CVE-2023-33850 DESCRIPTION: IBM...

PT-2024-12511 · Unknown · The Events Calendar

Name of the Vulnerable Software and Affected Versions: The Events Calendar versions through 6.1.2.2 Description: The issue is related to missing authorization in The Events Calendar, allowing exploitation of incorrectly configured access control security levels. Recommendations: For versions...

Security Bulletin: Security Vulnerabilities discovered in IBM Security Verify Access.

Summary IBM Security Verify Access could disclose sensitive information in the snapshot file due to reuse of encryption keys. Vulnerability Details CVEID:CVE-2024-25027 DESCRIPTION: IBM Security Verify Access could disclose sensitive snapshot information due to missing encryption. CVSS Base score...

Security Bulletin: IBM Security Directory Suite has multiple vulnerabilities [CVE-2022-33163 and CVE-2022-33168]

Summary The following vulnerabilties in IBM Security Directory Suite have been addressed. Please apply the fixes shown below. CVE-2022-33163 and CVE-2022-33168 Vulnerability Details CVEID:CVE-2022-33163 DESCRIPTION: IBM Security Directory Suite VA 8.0.1 specifies permissions for a security-critic...

PT-2023-13077 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: No information is available about the vulnerable software and its affected versions. Description: The provided information does not contain details about the issue. It appears to be a notification about a candidate number that is not in use...

PT-2023-12925 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: No information is available about the vulnerable software and its affected versions. Description: The provided information does not contain details about a specific vulnerability. It appears to be a notification about a rejected CVE candidate...

Security Bulletin: IBM Security Directory Integrator as shipped with IBM Security Directory Suite is affected by Apache Log4j vulnerability (CVE-2021-4104)

Summary The IBM Security Directory Integrator component of IBM Security Directory Server is affected by, but not vulnerable to arbitrary code execution due to Apache Log4j CVE-2021-4104. Apache Log4j is used as part of the logging infrastructure. IBM Security Directory Server has shipped an...

Security Bulletin: OpenSSL vulnerability affects IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2019-1559)

Summary An OpenSSL vulnerability was disclosed on February 26, 2019 by the OpenSSL Project. OpenSSL, used by IBM Spectrum Control formerly Tivoli Storage Productivity Center, has addressed the applicable CVE. Vulnerability Details CVE-ID: CVE-2019-1559 Description: OpenSSL could allow a remote...

PT-2021-5161 · Microsoft · Azure Rtos

Name of the Vulnerable Software and Affected Versions: Azure RTOS affected versions not specified Description: The issue exists due to insufficient input validation in the Azure RTOS operating system. Exploitation of this issue may allow an attacker to elevate their privileges. Recommendations: A...

Security Bulletin: IBM® Java™ SDK Technology Edition affects IBM Security Identity Manager Virtual Appliance (CVE-2020-14782, CVE-2020-14781)

Summary There are multiple vulnerabilities in IBM® Java™ SDK Technology Edition used by IBM Security Identity Manager Virtual Appliance. IBM Security Identity Manager Virtual Appliance has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2020-14782 DESCRIPTION: An unspecified...

Security Bulletin: A security vulnerability has been fixed in IBM Security Identity Manager Virtual Appliance (CVE-2020-4576)

Summary IBM Security Identity Manager Virtual Appliance ISIM VA has addressed the following vulnerability due to a remote attacker's ability to obtain sensitive information with a specially-crafted sequence of serialized objects. This vulnerability is in IBM WebSphere Application Server, which is...

Security Bulletin: A security vulnerability has been fixed in IBM Security Identity Manager (CVE-2019-4561)

Summary IBM Security Identity Manager ISIM has addressed the following vulnerability due to a remote attacker's ability to execute arbitrary code on the system. Vulnerability Details CVEID: CVE-2019-4561 DESCRIPTION: IBM Security Identity Manager 6.0.0 could allow a remote attacker to execute...

Security Bulletin: Speculative Store Bypass (SSB) vulnerability also known as SpectreNG or Variant 4 affects IBM Spectrum Protect Plus (CVE-2018-3639)

Summary IBM Spectrum Protect Plus may be affected by the Speculative Storage Bypass SSB vulnerability which is also known as SpetreNG or Variant 4. Vulnerability Details CVEID: CVE-2018-3639 DESCRIPTION: Multiple Intel CPU''s could allow a local attacker to obtain sensitive information, caused by...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Security Directory Integrator (CVE-2018-2800, CVE-2018-2783)

Summary There are multiple vulnerabilities in IBM Runtime Environment Java Technology Edition Version 7.0 and Version 8.0 that is used by Security Directory Integrator. These issues were disclosed as part of the IBM Java SDK updates in Oct 2018 and Jan 2019 Vulnerability Details CVEID:...

Security Bulletin: Multiple DB2 vulnerabilities affect IBM Spectrum Protect (formerly Tivoli Storage Manger) Server (CVE-2017-1434, CVE-2017-1438, CVE-2017-1439, CVE-2017-1451, CVE-2017-1452)

Summary IBM Spectrum Protect formerly Tivoli Storage Manager Server is affected by multiple IBM DB2 vulnerabilities that could allow exposure of sensitive information to the local user or elevation of privileges. Vulnerability Details CVEID: CVE-2017-1434 DESCRIPTION: IBM DB2 for Linux, UNIX and...