Lucene search
K

23 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:37 p.m.11 views

CVE-2026-3676

IBM Cloud APM, Base Private 8.1.4 and IBM Cloud APM, Advanced Private 8.1.4 IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in the data query logic of the Fenced...

6.5CVSS5.4AI score0.00402EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.17 views

IBM Cloud APM 安全漏洞

IBM Cloud APM is an application performance monitoring and operations analysis platform provided by the American multinational company IBM. There are security vulnerabilities in the IBM Cloud APM Base Private 8.1.4 version and the IBM Cloud APM Advanced Private 8.1.4 version. These vulnerabilitie...

6.5CVSS5.8AI score0.00402EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-25966

Malware in sbrugna...

4.9CVSS5.2AI score0.00832EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/25 8:33 a.m.24 views

Security Bulletin: Multiple vulnerabilities in Akka affect IBM Application Performance Management products.

Summary Akka actor jar is used by IBM Application Performance Management. The vulnerabilities in the product component have been addressed. Vulnerability Details CVEID:CVE-2017-1000034 DESCRIPTION: Akka could allow a remote attacker to execute arbitrary code on the system, caused by a Java...

9.3CVSS8.6AI score0.05666EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/25 8:30 a.m.49 views

Security Bulletin: Multiple vulnerabilities in Apache POI affect IBM Application Performance Management products

Summary Apache POI is used by IBM Application Performance Management. The vulnerabilities in the product component have been addressed. Vulnerability Details CVEID:CVE-2017-12626 DESCRIPTION: Apache POI is vulnerable to a denial of service, caused by an error while parsing malicious WMF, EMF, MSG...

7.5CVSS9.3AI score0.10248EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/13 8:1 a.m.29 views

Security Bulletin: Multiple vulnerabilities in Lightbend Spray spray-json affect IBM Application Performance Management products.

Summary Lightbend Spray spray-json is used by IBM Application Performance Management. Vulnerability Details CVEID:CVE-2018-18854 DESCRIPTION: Lightbend Spray spray-json is vulnerable to a denial of service, caused by an error during the parsing of many JSON object fields. By sending a...

7.5CVSS7.4AI score0.01897EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/13 7:54 a.m.46 views

Security Bulletin: Multiple vulnerabilities in Apache Xerces2 Java XML Parser affect IBM Application Performance Management products

Summary Apache Xerces2 Java XML Parser is used by IBM Application Performance Management. Vulnerability Details CVEID:CVE-2022-23437 DESCRIPTION: Apache Xerces2 Java XML Parser is vulnerable to a denial of service, caused by an infinite loop in the XML parser. By persuading a victim to open a...

7.8CVSS7.1AI score0.24738EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/13 7:48 a.m.40 views

Security Bulletin: Multiple vulnerabilities in Apache Commons IO affect IBM Application Performance Management products

Summary Apache Commons IO is used by IBM Application Performance Management. Vulnerability Details CVEID:CVE-2021-29425 DESCRIPTION: Apache Commons IO could allow a remote attacker to traverse directories on the system, caused by improper input validation by the FileNameUtils.normalize method. An...

5.8CVSS6.4AI score0.10608EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/11 2:15 p.m.44 views

Security Bulletin: Due to use of, IBM Application Performance Management is vulnerable to a local authenticated attacker to obtain sensitive information.

Summary Google Guava is used within IBM Application Performance Management. CVE-2023-2976. Vulnerability Details CVEID:CVE-2023-2976 DESCRIPTION: Google Guava could allow a local authenticated attacker to obtain sensitive information, caused by a flaw with using Java's default temporary directory...

7.1CVSS6AI score0.00248EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/07 6:49 a.m.43 views

Security Bulletin: Multiple vulnerabilities in hadoop-mapreduce-client-core-2.7.3.jar affect IBM Application Performance Management products

Summary There are multiple vulnerabilities in hadoop-mapreduce-client-core-2.7.3.jar used by IBM Application Performance Management. IBM Applicatoon Performance Management has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2017-3166 DESCRIPTION: Apache Hadoop could allow a remote...

7.8CVSS7.8AI score0.00347EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/07 6:46 a.m.58 views

Security Bulletin: Multiple vulnerabilities in hadoop-hdfs-2.7.3.jar affect IBM Application Performance Management products

Summary There are multiple vulnerabilities in hadoop-hdfs-2.7.3.jar used by IBM Application Performance Management. IBM Application Performance Management has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2018-11768 DESCRIPTION: Apache Hadoop is vulnerable to a denial of service,...

8.8CVSS8.4AI score0.06554EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/07 6:30 a.m.128 views

Security Bulletin: Multiple vulnerabilities in gson-2.2.4.jar affect IBM Application Performance Management products

Summary There are multiple vulnerabilities in gson-2.2.4.jar used by IBM Application Performance Management. IBM Application Performance Management has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2022-25647 DESCRIPTION: Google Gson is vulnerable to a denial of service, caused b...

7.7CVSS7.8AI score0.1158EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/13 1:51 p.m.61 views

Security Bulletin: IBM Performance Management is affected by multiple vulnerabilities in IBM Websphere Application Server (CVE-2021-39031, CVE-2022-22393, and CVE-2022-22476)

Summary Multiple vulnerabilities in IBM Websphere Application Server - Liberty could allow a remote autheticated attacker to conduct an LDAP injection; issue a request to obtain the status of HTTP/HTTPS ports; and/or use a specially crafted request. Details are described in CVE-2021-39031,...

8.8CVSS7.2AI score0.02017EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/18 2:14 a.m.39 views

Security Bulletin: Multiple vulnerabilities in IBM Websphere Application Server affect the IBM Performance Management product

Summary Multiple vulnerabilities in IBM Websphere Application Server - Liberty could allow a remote attacker to exploit them to cause a denial of service condition against services that use Compress' zip package. IBM Performance Management has addressed the applicable CVEs. Vulnerability Details...

7.5CVSS7.8AI score0.13292EPSS
Exploits0Affected Software1
OSV
OSV
added 2021/03/02 5:15 p.m.2 views

CVE-2020-4719

The IBM Cloud APM 8.1.4 server will issue a DNS request to resolve any hostname specified in the Cloud Event Management Webhook URL configuration definition. This could enable an authenticated user with admin authorization to create DNS query strings that are not hostnames. IBM X-Force ID: 187861...

4.9CVSS5.9AI score0.00832EPSS
Exploits0References2
Prion
Prion
added 2021/03/02 5:15 p.m.15 views

Authorization

The IBM Cloud APM 8.1.4 server will issue a DNS request to resolve any hostname specified in the Cloud Event Management Webhook URL configuration definition. This could enable an authenticated user with admin authorization to create DNS query strings that are not hostnames. IBM X-Force ID: 187861...

4CVSS4.7AI score0.00832EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2021/03/02 4:55 p.m.48 views

CVE-2020-4725

CVE-2020-4725 affects IBM Cloud APM (IBM Monitoring) 8.1.4. An authenticated user can modify HTML content via a specially crafted HTTP request to the APM UI, potentially misleading another user. Root cause: UI content modification without proper access segregation. Impact is limited to HTML conte...

4.3CVSS4.4AI score0.00661EPSS
Exploits0References2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/04/14 11:48 a.m.38 views

Security Bulletin: A vulnerability in Netty affects the IBM Performance Management product (CVE-2019-16869)

Summary Netty is vulnerable to HTTP request smuggling, caused by a flaw when handling unusual whitespaces before the colon in HTTP headers. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and...

7.5CVSS0.4AI score0.08415EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/04/14 11:37 a.m.14 views

Security Bulletin: A vulnerability in IBM Websphere Application Server affects the IBM Performance Management product (CVE-2019-4304)

Summary A vulnerability in IBM Websphere Application Server - Liberty could allow a remote attacker to bypass security restrictions caused by improper session validation. IBM Performance Management has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2019-4304 DESCRIPTION: IBM...

6.5CVSS1AI score0.01011EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/04/14 11:27 a.m.39 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Performance Management products

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition used by IBM Performance Management. IBM Performance Management has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2020-2604 DESCRIPTION: An unspecified vulnerability in Java SE could allow an...

8.1CVSS1.2AI score0.04903EPSS
Exploits0Affected Software1
Rows per page
Query Builder