Lucene search
K

38 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/06/29 5:47 p.m.4 views

Security Bulletin: IBM Integration Designer is vulnerable to multiple CVEs

Summary Multiple vulnerabilities are resolved: CVE-2026-22007, CVE-2026-22013, CVE-2026-22016, CVE-2026-22018, CVE-2026-22021, CVE-2026-34268 Vulnerability Details CVEID:CVE-2026-22016 DESCRIPTION: Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

7.5CVSS7.1AI score0.00702EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/04 4:53 p.m.31 views

Security Bulletin: Vulnerability in jackson-core-2.15.2.jar

Summary Vulnerability in jackson-core-2.15.2.jar Vulnerability Details ID:WS-2026-0003 DESCRIPTION: The non-blocking async JSON parser in jackson-core bypasses the maxNumberLength constraint default: 1000 characters defined in StreamReadConstraints. This allows an attacker to send JSON with...

5.8AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/24 5:26 p.m.9 views

Security Bulletin: IBM Integration Designer is vulnerable to incorrect Calculation of Buffer Size (CVE-2026-1188)

Summary Vulnerability in the IBM® Runtime Environment Java™ Version 8 used by IBM Integration Designer. IBM Integration Designer has addressed CVE-2026-1188. Vulnerability Details CVEID:CVE-2026-1188 DESCRIPTION: In the Eclipse OMR port library component since release 0.2.0, an API function to...

9.8CVSS5.8AI score0.00491EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/12 2:42 p.m.10 views

Security Bulletin: IBM Integration Designer is vulnerable to improper access control (CVE-2026-21945, CVE-2026-21932, CVE-2026-21933, CVE-2026-21925 )

Summary Vulnerability in the IBM® Runtime Environment Java™ Version 8 used by IBM Integration Designer. IBM Integration Designer has addressed the following CVEs. Vulnerability Details CVEID:CVE-2026-21945 DESCRIPTION: Java SE is vulnerable to a denial of service, caused by an easily exploitable...

7.5CVSS5.7AI score0.00864EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/07 5:42 p.m.6 views

Security Bulletin: IBM Integration Designer is vulnerable to denial of service (CVE-2025-53057)

Summary Vulnerability in the IBM® Runtime Environment Java™ Version 8 used by IBM Integration Designer. IBM Integration Designer has addressed CVE-2025-53057. Vulnerability Details CVEID:CVE-2025-53057 DESCRIPTION: An unspecified vulnerability in Java SE related to the Security component could...

5.9CVSS6.3AI score0.00487EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/08/11 4:24 p.m.11 views

Security Bulletin: IBM Integration Designer is vulnerable to Deserialization of Untrusted Data (CVE-2025-6420 )

Summary Vulnerability in Apache Commons Collections used by IBM Integration Designer. IBM Integration Designer has addressed CVE-2025-6420. Vulnerability Details CVEID:CVE-2015-6420 DESCRIPTION: Serialized-object interfaces in certain Cisco Collaboration and Social Media; Endpoint Clients and...

9.8CVSS8AI score0.18763EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/07/04 8:48 p.m.4 views

Security Bulletin: IBM Integration Designer is vulnerable to improper access control (CVE-2025-48734)

Summary Vulnerability in Apache Commons BeanUtils used by IBM Integration Designer. IBM Integration Designer has addressed CVE-2025-48734. Vulnerability Details CVEID:CVE-2025-48734 DESCRIPTION: Improper Access Control vulnerability in Apache Commons. A special BeanIntrospector class was added in...

8.8CVSS8.8AI score0.01548EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/06/03 4:1 p.m.12 views

Security Bulletin: Multiple CVEs - Vulnerabilities in IBM Java Runtime affect IBM Integration Designer

Summary Vulnerabilities in IBM® Runtime Environment Java™ Version 8 used by IBM Integration Designer. IBM Integration Designer has addressed the following CVEs. Vulnerability Details CVEID:CVE-2025-21587 DESCRIPTION: An unspecified vulnerability in Java SE related to the Server: DDL component cou...

7.8CVSS7.3AI score0.0073EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/03 10:45 p.m.25 views

Security Bulletin: Information disclosure vulnerability affects IBM Business Automation Workflow - CVE-2024-38321

Summary IBM Business Automation Workflow is vulnerable to an information disclosure attack. Vulnerability Details CVEID:CVE-2024-38321 DESCRIPTION: IBM Business Automation Workflow 22.0.2, 23.0.1, 23.0.2, and 24.0.0 stores potentially sensitive information in log files under certain situations th...

6.5CVSS5.7AI score0.00417EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 9:51 p.m.15 views

Security Bulletin: IBM Integration Designer is vulnerable to a denial of service (CVE-2024-21208, CVE-2024-27267)

Summary Vulnerability in IBM® Runtime Environment Java™ Version 8 used by IBM Integration Designer. IBM Integration Designer has addressed the following CVEs. Vulnerability Details CVEID:CVE-2024-27267 DESCRIPTION: The Object Request Broker ORB in IBM SDK, Java Technology Edition 7.1.0.0 through...

5.9CVSS6AI score0.01018EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/04 12:59 p.m.28 views

Security Bulletin: Denial of Service vulnerability affect IBM Business Automation Workflow - CVE-2023-51775

Summary IBM Business Automation Workflow is vulnerable to a Denial of Service attack. Vulnerability Details CVEID:CVE-2023-51775 DESCRIPTION: jose4j is vulnerable to a denial of service, caused by improper input validation. By sending a specially crafted p2c value, a remote attacker could exploit...

6.5CVSS6.6AI score0.00879EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2024/05/17 8:57 p.m.32 views

Security Bulletin: IBM Integration Designer is vulnerable to a denial of service (CVE-2023-38264)

Summary Vulnerability in IBM® Runtime Environment Java™ Version 8 used by IBM Integration Designer. IBM Integration Designer has addressed the following CVE. Vulnerability Details CVEID:CVE-2023-38264 DESCRIPTION: The IBM SDK, Java Technology Edition's Object Request Broker ORB 7.1.0.0 through...

7.5CVSS5.8AI score0.00848EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/05/03 7:20 a.m.46 views

Security Bulletin: OpenSSH vulnerability affects IBM WebSphere Adapter for FTP shipped with IBM Business Automation Workflow - CVE-2021-37533

Summary IBM WebSphere Adapter for FTP is shipped with IBM Business Automation Workflow bundles a vulnerable copy of Apache commons-net. Vulnerability Details CVEID:CVE-2021-37533 DESCRIPTION: Apache Commons Net could allow a remote attacker to obtain sensitive information, caused by an issue with...

6.5CVSS6.4AI score0.01858EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2024/04/04 1:25 p.m.30 views

Security Bulletin: Denial of service vulnerability in Johnzon affects IBM Business Automation Workflow - CVE-2023-33008

Summary IBM Business Automation Workflow is vulnerable to a denial of service attack. Vulnerability Details CVEID:CVE-2023-33008 DESCRIPTION: Apache Johnzon is vulnerable to a denial of service, caused by an unsafe deserialization flaw in BigDecimal. By sending a specially crafted JSON input, a...

5.3CVSS5.6AI score0.01454EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2024/03/13 7:58 p.m.28 views

Security Bulletin: Multiple CVEs - Vulnerabilities in IBM Java Runtime affect IBM Integration Designer

Summary Vulnerabilities in IBM® Runtime Environment Java™ Version 8 used by IBM Integration Designer. IBM Integration Designer has addressed the following CVEs. Vulnerability Details CVEID:CVE-2024-20952 DESCRIPTION: An unspecified vulnerability in Java SE related to the Security component could...

7.5CVSS7.3AI score0.00918EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/01/15 4:4 p.m.29 views

Security Bulletin: Multiple CVEs - Vulnerabilities in IBM Java Runtime affect IBM Integration Designer

Summary Vulnerabilities in IBM® Runtime Environment Java™ Version 8 used by IBM Integration Designer. IBM Integration Designer has addressed the following CVEs. Vulnerability Details CVEID:CVE-2023-22049 DESCRIPTION: An unspecified vulnerability in Java SE related to the Libraries component could...

5.9CVSS5.6AI score0.014EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/06 6:33 p.m.30 views

Security Bulletin: IBM Integration Designer is vulnerable to a denial of service (CVE-2023-35116)

Summary The fix includes a new version of the jackson-databind runtime that resolves the specified vulnerability. Vulnerability Details CVEID:CVE-2023-35116 DESCRIPTION: Fasterxml jackson-databind is vulnerable to a denial of service, caused by a stack-based overflow. By persuading a victim to op...

4.7CVSS5.8AI score0.00352EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/05 9:45 p.m.22 views

Security Bulletin: IBM Integration Designer is vulnerable to a denial of service (CVE-2023-21967)

Summary The fix includes a new version of the IBM Runtime Environment Java 8 that resolve the specified vulnerability. Vulnerability Details CVEID:CVE-2023-21967 DESCRIPTION: An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the Hotspot component could...

5.9CVSS6.5AI score0.01523EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/15 5:19 p.m.51 views

Security Bulletin: Denial of Service vulnerability in Apache commons-fileupload may affect IBM Business Automation Workflow (CVE-2023-24998)

Summary IBM Business Automation Workflow packages a vulnerable copy of Apache commons-fileupload in its /BPM/Lombardi/lib directory. Vulnerability Details CVEID:CVE-2023-24998 DESCRIPTION: Apache Commons FileUpload and Tomcat are vulnerable to a denial of service, caused by not limit the number o...

7.5CVSS7.6AI score0.46836EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2023/04/27 12:23 a.m.42 views

Security Bulletin: IBM Integration Designer is vulnerable to a denial of service due to commons-fileupload-1.4.jar (CVE-2023-24998)

Summary The fix includes a new version of the commons-fileupload jar file that resolves the specified vulnerability. Vulnerability Details CVEID:CVE-2023-24998 DESCRIPTION: Apache Commons FileUpload and Tomcat are vulnerable to a denial of service, caused by not limit the number of request parts ...

7.5CVSS7.6AI score0.46836EPSS
Exploits1Affected Software1
Rows per page
Query Builder