Lucene search
K

36 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2016-0358

Malware in sbrugna...

6.5CVSS6.6AI score0.00778EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2015-0216

Malware in sbrugna...

4.3CVSS6.4AI score0.01546EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2018/08/09 4:20 a.m.20 views

Security Bulletin: Vulnerabilities in OpenSSL affect IBM® SDK for Node.js™ in IBM Bluemix (CVE-2017-3735 CVE-2017-14919)

Summary OpenSSL vulnerabilities were disclosed on November 2, 2017 by the OpenSSL Project. OpenSSL is used by IBM SDK for Node.js. IBM SDK for Node.js has addressed the applicable CVEs.A vulnerability was disclosed in October 2017 by the Node.js project. IBM SDK for Node.js has addressed the CVE...

7.5CVSS0.2AI score0.17699EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/08/09 4:20 a.m.35 views

Security Bulletin: IBM® SDK for Node.js™ in IBM Bluemix may be affected by CVE-2016-1669

Summary Buffer overflow in the Google V8 Javascript implementation used by IBM SDK for Node.js Vulnerability Details CVEID: CVE-2016-1669 DESCRIPTION: Google Chrome is vulnerable to a buffer overflow, caused by an error in V8. By persuading a victim to visit a specially-crafted Web site, a remote...

9.3CVSS1.8AI score0.04227EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/08/09 4:20 a.m.29 views

Security Bulletin: Vulnerability in OpenSSL affects IBM® SDK for Node.js™ in IBM Bluemix (CVE-2015-1793)

Summary OpenSSL alternate chains certificate forgery vulnerability CVE-2015-1793 disclosed by the OpenSSL Project on July 9 2015. IBM SDK for Node.js in IBM Bluemix has addressed this CVE. Vulnerability Details CVEID: CVE-2015-1793 DESCRIPTION: OpenSSL could allow a remote attacker to bypass...

6.5CVSS1AI score0.61798EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/08/09 4:20 a.m.27 views

Security Bulletin: Vulnerabilities in OpenSSL and ReDoS vulnerability in semver module affect IBM® SDK for Node.js™ in IBM Bluemix (CVE-2016-2107, CVE-2016-2105, CVE-2015-8855)

Summary OpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by IBM SDK for Node.js. IBM SDK for Node.js has addressed the applicable CVEs. The "semver" module is vulnerable to regular expression denial of service ReDoS when extremely long version strings...

7.8CVSS0.6AI score0.89058EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/08/09 4:20 a.m.33 views

Security Bulletin: Vulnerabilities in OpenSSL affect IBM® SDK for Node.js™ in IBM Bluemix (CVE-2017-3731 CVE-2017-3732 CVE-2016-7055)

Summary OpenSSL vulnerabilities were disclosed on January 26, 2017 by the OpenSSL Project. OpenSSL is used by IBM SDK for Node.js. IBM SDK for Node.js has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2017-3731 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by...

7.5CVSS1AI score0.57595EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/08/09 4:20 a.m.24 views

Security Bulletin: Multiple vulnerabilities may affect IBM® SDK for Node.js™ in IBM Bluemix

Summary OpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL is used by IBM SDK for Node.js. IBM SDK for Node.js has addressed the applicable CVEs, plus three additional vulnerabilities unrelated to the OpenSSL release. Vulnerability Details CVEID:...

9.8CVSS1.2AI score0.95707EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/08/09 4:20 a.m.40 views

Security Bulletin: Multiple vulnerabilities in current releases of IBM® SDK for Node.js™ in IBM Bluemix (CVE-2015-3197, CVE-2016-2086, CVE-2016-2216)

Summary This bulletin describes CVE-2015-3197 that was reported on January 26, 2015 by the OpenSSL Project, plus two additional vulnerabilities. Vulnerability Details CVEID: CVE-2015-3197 DESCRIPTION: OpenSSL could allow a remote attacker to conduct man-in-the-middle attacks, caused by the use of...

7.5CVSS0.6AI score0.10731EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 1:7 p.m.20 views

Security Bulletin: Weakness in generated service credentials affects multiple Watson Developer Cloud services (CVE-2016-0391)

Summary A weakness in generated service credentials that affects multiple Watson Developer Cloud offered through IBM Bluemix has been identified and fixed. Replacement of previously generated credentials is recommended. Vulnerability Details CVEID: CVE-2016-0391 DESCRIPTION: Multiple Watson...

9.8CVSS0.5AI score0.01348EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:9 a.m.30 views

Security Bulletin: Open Source GNU glibc Vulnerabilities Security Bulletin: Open Source GNU glibc Vulnerabilities which is used by IBM OS Images for RedHat Linux in IBM PureApplication Systems (CVE-2017-12132)

Summary There are vulnerabilities in the Open Source GNU glibc that is used by the OS Images for IBM PureApplication Software Suite, IBM Bluemix Local System and IBM PureApplication System/Software Vulnerability Details CVEID: CVE-2017-12132 DESCRIPTION: GNU C Library aka glibc or libc6 could all...

5.9CVSS0.2AI score0.01881EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:8 a.m.39 views

Security Bulletin: Security vulnerability in Apache Commons FileUpload used by Liberty for Java for IBM Cloud (CVE-2016-1000031)

Summary There is a potential vulnerability in the Apache Commons FileUpload used by WebSphere Application Server traditional and WebSphere Application Server Liberty. Vulnerability Details CVEID: CVE-2016-1000031 DESCRIPTION: Apache Commons FileUpload, as used in several products, could allow a...

9.8CVSS0.8AI score0.34731EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:8 a.m.26 views

Security Bulletin: Information disclosure in Liberty for Java for IBM Cloud (CVE-2017-1681, CVE-2013-6440)

Summary There is a potential information disclosure vulnerability in WebSphere Application Server. There is an information disclosure due to an XML external entity XXE vulnerability when using the OpenSAML features in WebSphere Application Server Liberty. Vulnerability Details CVEID: CVE-2017-168...

5CVSS0.4AI score0.02752EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:8 a.m.26 views

Security Bulletin: Multiple security vulnerabilities affect Liberty for Java for IBM Bluemix (CVE-2017-1583, CVE-2011-4343)

Summary There is a potential infomation disclosure vulnerability that affects the Java Server Faces JSF component used by WebSphere Application Server. There is a potential infomation disclosure vulnerability that affects the MyFaces component used by JSF in WebSphere Application Server...

7.5CVSS7.1AI score0.05334EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:8 a.m.15 views

Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affects Liberty for Java for IBM Bluemix July 2017 CPU

Summary There are multiple vulnerabiltities in the IBM® SDK Java™ Technology Edition that is shipped with IBM WebSphere Application Server. These issues were disclosed as part of the IBM Java SDK updates in July 2017. These may affect some configurations of IBM WebSphere Application Server...

8.3CVSS0.5AI score0.03524EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:7 a.m.41 views

Security Bulletin: Multiple vulnerabilities may affect ASP.NET Core in IBM Bluemix

Summary Vulnerabilities in .NET Core, ASP.NET Core Could Allow Elevation of Privilege. Vulnerabilities in Node.js and the c-ares library were disclosed on July 11 2017 by the Node.js Foundation. IBM SDK for Node.js has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2017-0256...

7.5CVSS7.9AI score0.16911EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:7 a.m.14 views

Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affects Liberty for Java for IBM Bluemix April 2017 CPU

Summary There are multiple vulnerabiltities in the IBM® SDK Java™ Technology Edition that is shipped with IBM WebSphere Application Server. These issues were disclosed as part of the IBM Java SDK updates in April 2017. These may affect some configurations of IBM WebSphere Application Server...

7.7CVSS0.2AI score0.00759EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:5 a.m.18 views

Security Bulletin: Vulnerability in Apache Standard Taglibs affects Liberty for Java for IBM Bluemix (CVE-2015-0254)

Summary There is an XML External Entity Injection XXE vulnerability in the Apache Standard Taglibs that affects IBM WebSphere Application Server. Vulnerability Details CVEID: CVE-2015-0254 DESCRIPTION: Apache Standard Taglibs could allow a remote attacker to execute arbitrary code on the system,...

7.5CVSS1.8AI score0.1326EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:5 a.m.26 views

Security Bulletin: Multiple vulnerabilities in IBM® Java SDK affect Liberty for Java for IBM Bluemix April 2016 CPU (CVE-2016-3426, CVE-2016-3427)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped with IBM WebSphere Application Server. These issues were disclosed in the Oracle April 2016 Critical Patch Update, plus four additional vulnerabilities. These may affect some configurations of Liberty...

10CVSS0.9AI score0.92334EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:5 a.m.21 views

Security Bulletin: Cross-site scripting vulnerability in Liberty for Java for IBM Bluemix (CVE-2016-0283)

Summary There is a cross-site scripting vulnerability in Liberty for Java for IBM Bluemix when using the OpenID Connect OIDC client. Vulnerability Details CVEID: CVE-2016-0283 DESCRIPTION: IBM WebSphere Application Server is vulnerable to cross-site scripting in the OIDC client web application...

6.1CVSS0.7AI score0.01449EPSS
Exploits0Affected Software1
Rows per page
Query Builder