Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by a remote code execution vulnerability (CVE-2026-9311, CVE-2026-9330)

Summary IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by a remote code execution. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products and Versions|...

Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is affected by multiple vulnerabilities when using Web Server Plug-ins (CVE-2026-8633, CVE-2026-8620)

Summary IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is affected by remote code execution and HTTP request smuggling when using the optional and separately installable Web Server Plug-ins for IBM WebSphere Application Server component...

Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by multiple vulnerabilities when using Web Server Plug-ins (CVE-2026-8633, CVE-2026-8620)

Summary IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by remote code execution and HTTP request smuggling when using the optional and separately installable Web Server Plug-ins for IBM WebSphere Application Server component. Vulnerability...

Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by a remote code execution vulnerability (CVE-2026-9319)

Summary IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by a remote code execution vulnerability when using JAX-WS endpoints with WS-Security. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected...

Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is affected by an identity spoofing vulnerability (CVE-2026-3621)

Summary IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is affected by an identity spoofing vulnerability when the appSecurity feature appSecurity-1.0, appSecurity-2.0, appSecurity-3.0, appSecurity-4.0, or appSecurity-5.0 is not enabled on the serve...

Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is affected by a prototype pollution vulnerability due to immutable (CVE-2026-29063)

Summary IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is affected by a prototype pollution vulnerability in the immutable library with the openapi-3.0, openapi-3.1, mpOpenAPI-1.0, mpOpenAPI-1.1, mpOpenAPI-2.0, mpOpenAPI-3.0 mpOpenAPI-3.1,...

Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by a denial of service vulnerability due to jose4j (CVE-2024-29371)

Summary IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by a denial of service vulnerability due to jose4j. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected...

CVE-2026-20057 Cisco Secure Firewall Threat Defense Software Snort 3 Visual Basic for Application Denial of Service Vulnerability

Multiple Cisco products are affected by a vulnerability in the Snort 3 Visual Basic for Applications VBA feature which could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash. This vulnerability is due to lack of proper error checking when decompressing VBA...

CVE-2026-20054

Cisco CVE-2026-20054 affects Snort 3 VBA feature. The vulnerability stems from improper error checking when decompressing VBA data, allowing an unauthenticated attacker to send crafted VBA to the Snort 3 Detection Engine and force an infinite loop, resulting in DoS. CVSS‑3.1 metrics: AV:N/AC:L/PR...

Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is affected by an SMTP injection vulnerability due to Jakarta Mail (CVE-2025-7962)

Summary IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is affected by an SMTP injection vulnerability in the Jakarta Mail library with the javaMail-1.5, javaMail-1.6, mail-2.0, or mail-2.1 feature enabled. Vulnerability Details Refer to the securit...

EUVD-2010-0168

Malware in sbrugna...

EUVD-1999-0384

Malware in sbrugna...

EUVD-2000-0593

Malware in sbrugna...

EUVD-2011-1020

Malware in sbrugna...

EUVD-2012-1864

Malware in sbrugna...

EUVD-2021-1574

Malware in sbrugna...

EUVD-2021-29270

Malicious code in bioql PyPI...

Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is affected by a vulnerability that could provide weaker than expected security due to crypto.js (CVE-2020-36732)

Summary IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is affected by a vulnerability in the crypto.js library with the openidConnectServer-1.0 feature enabled. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes...

Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by a security bypass vulnerability (CVE-2024-56339)

Summary IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by a security bypass caused by a failure to honor security configuration. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and...

Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by a denial of service (CVE-2025-36097)

Summary IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by a denial of service. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products and Versions| Affectin...