Lucene search
+L

395 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/05/30 8:59 a.m.15 views

Security Bulletin: IBM InfoSphere Optim Archive Viewer is affected by a vulnerability in axios (CVE-2026-25639)

Summary A Denial of Service vulnerability in the axios library CVE-2026-25639 used by IBM InfoSphere Optim Archive Viewer has been addressed by upgrading the library to version 1.15.0. Vulnerability Details CVEID:CVE-2026-25639 DESCRIPTION: Axios is a promise based HTTP client for the browser and...

7.5CVSS6.9AI score0.025EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/22 6:11 a.m.7 views

Security Bulletin: IBM InfoSphere Optim Archive Viewer is affected by a vulnerability in requests (CVE-2024-47081)

Summary A vulnerability in the requests library CVE-2024-47081 used by IBM InfoSphere Optim Archive Viewer has been addressed by upgrading to version 2.32.5. Vulnerability Details CVEID:CVE-2024-47081 DESCRIPTION: Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to...

5.3CVSS5.7AI score0.00845EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/17 12:10 p.m.9 views

Security Bulletin: IBM Sterling Secure Proxy is vulnerable to multiple issues

Summary Multiple vulnerabilities affect IBM Sterling Secure Proxy and are addressed in the latest release and fixpack Vulnerability Details CVEID:CVE-2025-8885 DESCRIPTION: Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. BC Java bcprov on All...

7.5CVSS5.7AI score0.0106EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/18 6:5 p.m.17 views

Security Bulletin: IBM OpenPages fixes multiple Spring vulnerabilities

Summary Multiple vulnerabilities on Spring library with have been addressed in the latest IBM OpenPages fixpack for 9.0 and 9.1 Vulnerability Details CVEID:CVE-2025-41249 DESCRIPTION: The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type...

7.5CVSS6.6AI score0.01916EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/17 5:14 p.m.6 views

Security Bulletin: IBM Sterling Secure Proxy is vulnerable to multiple issues

Summary Multple vulnerabilities affect IBM Sterling Secure Proxy and are addressed in the latest fixpack Vulnerability Details CVEID:CVE-2025-50106 DESCRIPTION: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: 2D...

9.4CVSS6AI score0.01735EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/06 7:37 a.m.4 views

Security Bulletin: IBM OpenPages fixes multer package vulnerability (CVE-2025-7338)

Summary Vulnerability in the multer-2.0.1.tgz package with IBM OpenPages has been addressed in the latest IBM OpenPages fix pack version for 9.0 and 9.1 Vulnerability Details CVEID:CVE-2025-7338 DESCRIPTION: Multer is a node.js middleware for handling multipart/form-data. A vulnerability that is...

7.5CVSS6.7AI score0.00649EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/08 1:25 p.m.11 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to tar-fs-1.16.4.tgz CVE-2025-48387

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to tar-fs-1.16.4.tgz CVE-2025-48387. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2025-48387 DESCRIPTION: tar-fs provides filesystem bindings for tar-stream. Versio...

8.7CVSS6.8AI score0.00474EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/05/15 2:29 p.m.9 views

Security Bulletin: IBM MQ for HPE NonStop Server is affected by denial of service vulnerability (CVE-2025-23225)

Summary IBM MQ for HPE NonStop Server has addressed a denial of service vulnerability CVE-2025-23225, when a message without an MQXQH header is put to an XMITQ. Vulnerability Details CVEID:CVE-2025-23225 DESCRIPTION: IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD could allow an authenticated user to...

6.5CVSS6.3AI score0.00408EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/05/13 7:17 a.m.9 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to netty-handler-4.1.117.Final.jar CVE-2025-24970

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to netty-handler-4.1.117.Final.jar CVE-2025-24970. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2025-24970 DESCRIPTION: Netty, an asynchronous, event-driven network...

7.5CVSS7.1AI score0.02112EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/05/05 6:32 a.m.22 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to a possible denial-of- service for Python-idna CVE-2024-3651

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to a possible denial-of- service for Python-idna CVE-2024-3651. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-3651 DESCRIPTION: idna could allow a local user to...

7.5CVSS6.5AI score0.01386EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/29 2:3 a.m.20 views

Security Bulletin: CVE-2018-10886 ant before version 1.9.12 unzip and untar targets allows the extraction of files outside the target directory.

Summary ant before version 1.9.12 unzip and untar targets allows the extraction of files outside the target directory. A crafted zip or tar file submitted to an Ant build could create or overwrite arbitrary files with the privileges of the user running Ant. Vulnerability Details...

7.3AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/01 10:40 a.m.18 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to next-12.3.4.tgz CVE-2024-51479

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to next-12.3.4.tgz CVE-2024-51479. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-51479 DESCRIPTION: Next.js is a React framework for building full-stack web...

7.5CVSS6.8AI score0.03961EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/10 8:22 a.m.11 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to tornado-6.3.3-cp38-abi3-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl CVE-2024-52804

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to tornado-6.3.3-cp38-abi3-manylinux25x8664.manylinux1x8664.manylinux217x8664.manylinux2014x8664.whl CVE-2024-52804. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details...

7.5CVSS7AI score0.01051EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/10 12:59 p.m.6 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to nanoid-3.3.7.tgz CVE-2024-55565

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to nanoid-3.3.7.tgz CVE-2024-55565. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-55565 DESCRIPTION: nanoid aka Nano ID before 5.0.9 mishandles non-integer...

4.3CVSS4.6AI score0.00679EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.13 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to joblib-1.1.1-py2.py3-none-any.whl CVE-2024-34997

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to joblib-1.1.1-py2.py3-none-any.whl CVE-2024-34997. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-34997 DESCRIPTION: joblib could allow a local authenticated...

7.5CVSS7.2AI score0.00664EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.23 views

Security Bulletin: IBM Maximo Application Suite: certifi-2023.7.22-py3-none-any.whl is vulnerable to CVE-2024-39689 used in IBM Maximo Application Suite - Edge Data Collector

Summary IBM Maximo Application Suite - Edge Data Collector is vulnerable to certifi-2023.7.22-py3-none-any.whl CVE-2024-39689. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-39689 DESCRIPTION: Certifi python-certifi could provide...

7.5CVSS6.2AI score0.01049EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.17 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to Web Application Source Code Disclosure Pattern Found (Low) CVE-2024-35144

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to Web Application Source Code Disclosure Pattern Found Low CVE-2024-35144. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-35144 DESCRIPTION: IBM Maximo...

5.3CVSS6.6AI score0.00295EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.26 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to Missing or Insecure "Frame-Ancestors" policy in "Content-Security-Policy" header CVE-2024-39338

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to Missing or Insecure "Frame-Ancestors" policy in "Content-Security-Policy" header CVE-2024-35145. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-35145...

7.5CVSS6.8AI score0.01414EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.35 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to micromatch-4.0.5.tgz CVE-2024-4067

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to micromatch-4.0.5.tgz CVE-2024-4067. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-4067 DESCRIPTION: Node.js micromatch module is vulnerable to a denial of...

5.3CVSS6.6AI score0.01429EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.19 views

Security Bulletin: IBM Maximo Application Suite - Ai-Broker Component component uses nltk-3.8.1-py3-none-any.whl which is vulnerable to this CVE-2024-39705

Summary Security Bulletin: IBM Maximo Application Suite - Ai-Broker Component component uses nltk-3.8.1-py3-none-any.whl which is vulnerable to this CVE-2024-39705 Vulnerability Details CVEID:CVE-2024-39705 DESCRIPTION: Natural Language Toolkit NLTK could allow a remote attacker to execute...

9.8CVSS7.5AI score0.01346EPSS
Exploits0Affected Software1
Rows per page
Query Builder