Lucene search
K

57 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/06/29 4:12 p.m.4 views

Security Bulletin: Vulnerability in github.com/jackc/pgx/v5 bundled with IBM Fusion, IBM Fusion HCI, IBM Fusion Content-Aware Storage

Summary IBM Fusion, IBM Fusion HCI, IBM Fusion Content-Aware Storage include github.com/jackc/pgx/v5. It is vulnerable to memory-safety vulnerability. CVE-2026-33816 Vulnerability Details CVEID:CVE-2026-33816 DESCRIPTION: Memory-safety vulnerability in github.com/jackc/pgx/v5. CVSS Source: CISA A...

9.8CVSS5.8AI score0.00561EPSS
Exploits0Affected Software2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Ceph

IBM Spectrum Fusion HCI versions 2.5.2 through 2.7.2 may allow attackers to perform unauthorized actions in the RGW for Ceph due to improper bucket access. IBM X-Force ID: 266807...

9.8CVSS6.8AI score0.02539EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/17 1:55 p.m.4 views

Security Bulletin: Multiple Vulnerabilities in NLTK bundled with IBM Fusion, IBM Fusion HCI, and IBM Fusion Content-Aware Storage

Summary IBM Fusion, IBM Fusion HCI, and IBM Fusion Content-Aware Storage include the Natural Language Toolkit NLTK library, which is susceptible to several critical security vulnerabilities. These flaws could allow a remote attacker to execute arbitrary code, perform arbitrary file reads via path...

10CVSS6.8AI score0.00924EPSS
Exploits9Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/17 12:16 p.m.9 views

Security Bulletin: Vulnerability in Python-Multipart bundled with IBM Fusion, IBM Fusion HCI and IBM Fusion Content-Aware Storage

Summary IBM Fusion Content-Aware Storage includes the python-multipart library, which is susceptible to a Path Traversal vulnerability. This flaw exists when specific non-default configuration options, such as UPLOADKEEPFILENAME=True, are utilized. A remote attacker could exploit this vulnerabili...

8.6CVSS5.7AI score0.02228EPSS
Exploits5Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/13 10:58 a.m.10 views

Security Bulletin: Vulnerability in pypdf bundled with IBM Fusion, IBM Fusion HCI and Content-Aware Storage

Summary IBM Fusion, IBM Fusion HCI and Content-Aware Storage include pypdf which could cause infinite loop vulnerability. CVE-2026-24688. Vulnerability Details CVEID:CVE-2026-24688 DESCRIPTION: pypdf is a free and open-source pure-python PDF library. An attacker who uses an infinite loop...

5.1CVSS5.7AI score0.00388EPSS
Exploits2Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/13 10:55 a.m.17 views

Security Bulletin: Vulnerability in google.protobuf with IBM Fusion, IBM Fusion HCI and Content-Aware Storage.

Summary IBM Fusion, IBM Fusion HCI and Content-Aware Storage includes google.protobuf, which could cause denial-of-service DoS vulnerability. CVE-2026-0994. Vulnerability Details CVEID:CVE-2026-0994 DESCRIPTION: A denial-of-service DoS vulnerability exists in google.protobuf.jsonformat.ParseDict ...

8.2CVSS6.6AI score0.00613EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/13 10:46 a.m.18 views

Security Bulletin: Vulnerability in DiskCache with IBM Fusion, IBM Fusion HCI and IBM Fusion Content-Aware Storage.

Summary IBM Fusion, IBM Fusion HCI and IBM Fusion Content-Aware Storage includes DiskCache python-diskcache. Following vulnerability can achieve arbitrary code execution. CVE-2025-69872. Vulnerability Details CVEID:CVE-2025-69872 DESCRIPTION: DiskCache python-diskcache through 5.6.3 uses Python...

9.8CVSS7.8AI score0.0051EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/08 8:4 a.m.10 views

Security Bulletin: Vulnerability in golang.org/x/crypto bundled with IBM Fusion, IBM Fusion HCI and IBM Fusion Content-Aware Storage

Summary IBM Fusion, IBM Fusion HCI and IBM Fusion Content-Aware Storage include golang.org/x/crypto which could cause early termination of client process. CVE-2025-47913. Vulnerability Details CVEID:CVE-2025-47913 DESCRIPTION: SSH clients receiving SSHAGENTSUCCESS when expecting a typed response...

7.5CVSS5.9AI score0.00591EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/21 12:44 a.m.7 views

Security Bulletin: IBM Fusion HCI is vulnerable to potential container escapes

Summary An OpenShift or Fusion administrator, or potentially an attacker who gains access to a certain Storage Fusion containers, can gain access to underlying node linux capabilities, increasing the possibility of a container escape such as CVE-2022-0185. Vulnerability Details CVEID:CVE-2022-018...

8.4CVSS6.6AI score0.25151EPSS
Exploits11Affected Software2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-28994

Malicious code in bioql PyPI...

9.8CVSS6.5AI score0.00351EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-19876

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00218EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.22 views

EUVD-2023-55677

Malicious code in bioql PyPI...

9.8CVSS9.1AI score0.00497EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/11 6:18 p.m.27 views

Security Bulletin: There are multiple vulnerabilities that can affect IBM Fusion

Summary Multiple vulnerabilities affecting IBM Fusion and IBM Fusion HCI could have resulted in reduced security. These issues have since been resolved. CVE-2025-36222, CVE-2025-47273, CVE-2025-26791, CVE-2025-22870, CVE-2025-27817, CVE-2024-31141, CVE-2025-27818, CVE-2024-47081, CVE-2025-48379,...

9.8CVSS8.3AI score0.62368EPSS
Exploits12Affected Software3
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/11 6:16 p.m.5 views

Security Bulletin: IBM Fusion and IBM Fusion HCI are vulnerable to the Use of Insufficiently Random Values due to form_data.Js (CVE-2025-7783)

Summary The Data Cataloging Service in IBM Fusion and IBM Fusion HCI uses the formdata.js package which is vulnerable to the use of insufficiently random values which allows an attacker to deduce the state of the pseudo-random number generator in formdata and to craft payloads that include...

9.4CVSS6.7AI score0.01735EPSS
Exploits1Affected Software3
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/11 6:9 p.m.3 views

Security Bulletin: IBM Fusion and IBM Fusion HCI are vulnerable to cross-site scripting due to DOMPurify (WS-2024-0017)

Summary The Fusion Web UI uses DOMPurify which is vulnerable to an attacker bypassing sanitizers and executing JavaScript code. WS-2024-0017 Vulnerability Details WSID: WS-2024-0017 DESCRIPTION: Insufficient checks in DOMPurify allows an attacker to bypass sanitizers and execute arbitrary...

6.8AI score
Exploits0Affected Software3
CNNVD
CNNVD
added 2025/09/11 12:0 a.m.2 views

IBM多款产品 安全漏洞

IBM Fusion and others are a hybrid cloud application data platform from International Business Machines IBM. A security vulnerability exists in various IBM products that stems from the use of insecure default configurations that could lead to an attacker performing unauthorized operations. The...

9.8CVSS6.3AI score0.00351EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/06/17 5:43 p.m.9 views

Security Bulletin: IBM Fusion and IBM Fusion HCI are vulnerable to request smuggling due to python package h11 (CVE-2025-43859)

Summary The python package h11 is used by IBM Fusion and IBM Fusion HCI as part of the Content Aware Storage service and the Backup and Restore service agent and is vulnerable to request smuggling under certain conditions due to CVE-2025-43859 in h11. Vulnerability Details CVEID:CVE-2025-43859...

9.1CVSS6.7AI score0.00522EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2025/05/31 2:7 p.m.25 views

Security Bulletin: There are multiple vulnerabilities that can affect IBM Fusion HCI and IBM Fusion HCI for watsonx

Summary Multiple vulnerabilities affecting IBM Fusion HCI and IBM Fusion HCI for watsonx could have resulted in reduced security. These issues have since been resolved. CVE-2023-5115, CVE-2023-5764, CVE-2024-9902, CVE-2024-8775, CVE-2024-11079, CVE-2024-9506, CVE-2024-43799, CVE-2024-6119,...

9.8CVSS9.6AI score0.66594EPSS
Exploits6Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 3:23 a.m.28 views

Security Bulletin: IBM Fusion and IBM Fusion HCI are vulnerable to lack of egress restriction

Summary IBM Fusion and IBM Fusion HCI are vulnerable to allowing data to be sent to the external network due to the lack of egress restriction. CVE-2024-22315. Vulnerability Details CVEID:CVE-2024-22315 DESCRIPTION: IBM Storage Fusion is vulnerable to insecure network connection by allowing an...

6.5CVSS4.1AI score0.00218EPSS
Exploits0Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/02/03 12:0 a.m.5 views

The vulnerability of the high-convergence infrastructure of IBM Storage Fusion HCI arises from insufficient channel restrictions for specific endpoints, allowing attackers to gain unauthorized access to protected information.

The vulnerability of the high-convergence infrastructure of IBM Storage Fusion HCI lies in the insufficient restrictions on communication channels for specified endpoints. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information...

4CVSS5.5AI score0.00218EPSS
Exploits0References2Affected Software2
Rows per page
Query Builder