Lucene search
K

14 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/02/03 6:14 a.m.9 views

Security Bulletin: Vulnerablity in Apache Log4j may affect IBM APM Internet Service Monitoring Agent

Summary There is a vulnerability in the Apache log4j library used by IBM APM Internet Service Monitoring Agent. Vulnerability Details CVEID:CVE-2025-68161 DESCRIPTION: The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname verification of the peer...

6.3CVSS5.5AI score0.00743EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/08/28 10:52 a.m.21 views

Security Bulletin: There are multiple vulnerabilities in IBM DB2 bundled with IBM Application Performance Management products.

Summary IBM Application Performance Management is vulnerable to denial of service, remote code execution, information disclosures and other vulnerabilities due to bundled product IBM ® Db2. This bulletin identifies the steps to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-318...

7.5CVSS8.2AI score0.011EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/25 9:11 a.m.84 views

Security Bulletin: Multiple vulnerabilities in The Bouncy Castle Crypto Package For Java affect IBM Application Performance Management products

Summary The Bouncy Castle Crypto Package For Java is used by IBM Application Performance Management. The vulnerabilities below have been addressed. Vulnerability Details CVEID:CVE-2023-33201 DESCRIPTION: The Bouncy Castle Crypto Package For Java bc-java could allow a remote attacker to obtain...

9.8CVSS8.9AI score0.08878EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/25 8:35 a.m.57 views

Security Bulletin: Multiple vulnerabilities in Apache Log4j affect IBM Application Performance Management products

Summary Apache Log4j is used by IBM Application Performance Management. The vulnerabilities in the product component have been addressed. Vulnerability Details CVEID:CVE-2020-9488 DESCRIPTION: Apache Log4j is vulnerable to a man-in-the-middle attack, caused by improper certificate validation with...

10CVSS10AI score0.99999EPSS
Exploits359Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/25 8:30 a.m.49 views

Security Bulletin: Multiple vulnerabilities in Apache POI affect IBM Application Performance Management products

Summary Apache POI is used by IBM Application Performance Management. The vulnerabilities in the product component have been addressed. Vulnerability Details CVEID:CVE-2017-12626 DESCRIPTION: Apache POI is vulnerable to a denial of service, caused by an error while parsing malicious WMF, EMF, MSG...

7.5CVSS9.3AI score0.10248EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/13 8:2 a.m.43 views

Security Bulletin: Multiple vulnerabilities in libthrift affect IBM Application Performance Management products

Summary libthrift jar is used by IBM Application Performance Management. Vulnerability Details CVEID:CVE-2018-1320 DESCRIPTION: Apache Thrift could allow a remote attacker to bypass security restrictions, caused by the disablement of an assert used to determine if the SASL handshake had...

7.8CVSS7.5AI score0.09082EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/13 7:56 a.m.29 views

Security Bulletin: Multiple vulnerabilities in apache batik affect IBM Application Performance Management products.

Summary Apache batik is used by IBM Application Performance Management. Vulnerability Details CVEID:CVE-2019-17566 DESCRIPTION: Apache Batik is vulnerable to server-side request forgery, caused by improper input validation by the "xlink:href" attributes. By using a specially-crafted argument, an...

7.5CVSS7.5AI score0.1074EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/13 7:52 a.m.49 views

Security Bulletin: Vulnerabilities in IBM DB2 affects IBM Application Performance Management.

Summary IBM DB2 is used by IBM Application Performance Management. Vulnerability Details CVEID:CVE-2023-30447 DESCRIPTION: IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query on certain tables. IBM...

8.8CVSS9.2AI score0.01378EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/07 6:30 a.m.128 views

Security Bulletin: Multiple vulnerabilities in gson-2.2.4.jar affect IBM Application Performance Management products

Summary There are multiple vulnerabilities in gson-2.2.4.jar used by IBM Application Performance Management. IBM Application Performance Management has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2022-25647 DESCRIPTION: Google Gson is vulnerable to a denial of service, caused b...

7.7CVSS7.8AI score0.1158EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/01/14 12:39 p.m.39 views

Security Bulletin: Vulnerability in Apache Log4j affects some features of Internet Service Monitoring Agent for IBM Application Performance Management(CVE-2021-4104)

Summary Apache Log4j open source library used by "Internet Service Monitoring Agent" ISM Agent is affected by a vulnerability that could allow a remote attacker to execute arbitrary code on the system. ISM Agent has addressed the applicable CVE. As a part of solution log4j has been upgraded to...

7.5CVSS2.3AI score0.81147EPSS
Exploits9Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/02/26 5:14 p.m.21 views

Security Bulletin: Multiple vulnerabilities affect the IBM Performance Management product

Summary Multiple vulnerabilities affect the IBM Performance Management product. Vulnerability Details CVEID: CVE-2020-4726 DESCRIPTION: The IBM Application Performance Monitoring UI allows web pages to be stored locally which can be read by another user on the system. CVSS Base score: 4 CVSS...

6.1CVSS0.5AI score0.00832EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/10 11:24 a.m.21 views

Security Bulletin: Multiple vulnerabilities in the IBM SDK, Java Technology Edition affects IBM Performance Management products

Summary CVE-2019-2949 deferred from Oracle Oct 2019 CPU Vulnerability Details CVEID: CVE-2019-2949 DESCRIPTION: An unspecified vulnerability in Java SE related to the Kerberos component could allow an unauthenticated attacker to obtain sensitive information resulting in a high confidentiality...

6.8CVSS0.5AI score0.03603EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/10/24 5:19 p.m.36 views

Security Bulletin: IBM Application Performance Management could allow a remote attacker to hijack the clicking action of the victim (CVE-2019-4086)

Summary IBM Application Performance Management could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attac...

6.1CVSS1.9AI score0.01194EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 3:37 p.m.24 views

Security Bulletin: A vulnerability in the Firefox component of the Synthetic Playback agent affects IBM Performance Management products.

Summary Multiple browsers could allow a remote attacker to obtain sensitive information, caused by the failure to consider the role of the TCP congestion window in providing information about content length by the HTTPS protocol or by the HTTP/2 protocol. By visiting a Web site owned by a malicio...

5.3CVSS5.7AI score0.13983EPSS
Exploits0Affected Software1
Rows per page
Query Builder