CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

34 matches found

IBM Security Bulletins•added 2026/03/27 9:11 a.m.•8 views

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for March 2026.

Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed with IBM Cloud Pak for Business Automation. Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue...

8.8CVSS7.4AI score0.00762EPSS

Exploits6Affected Software2

IBM Security Bulletins•added 2026/01/27 6:59 a.m.•6 views

Security Bulletin: IBM Engineering Lifecycle Management - Global Configuration Management is vulnerable to cross-site scripting

Summary Cross-site scripting vulnerability has been identified in IBM Engineering Lifecycle Management - Global Configuration Management. Vulnerability Details CVEID:CVE-2025-36033 DESCRIPTION: IBM Global Configuration Management is vulnerable to cross-site scripting. This vulnerability allows an...

5.4CVSS5.5AI score0.00036EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2025/09/15 7:4 a.m.•5 views

Security Bulletin: security vulnerabilities are addressed with IBM Business Automation Insights iFixes for August 2025.

Summary Security vulnerabilities are addressed with IBM Business Automation Insights 25.0.0-IF001 Vulnerability Details CVEID:CVE-2023-5752 DESCRIPTION: When installing a package from a Mercurial VCS URL ie "pip install hg+..." with pip prior to v23.3, the specified Mercurial revision could be us...

9.8CVSS7.3AI score0.03834EPSS

Exploits1Affected Software1

IBM AIX•added 2025/04/25 8:23 a.m.•11 views

AIX is vulnerable to a denial of service due to libxml2 (CVE-2022-49043)

IBM SECURITY ADVISORY First Issued: Fri Apr 25 08:23:03 CDT 2025 |Updated: Mon May 5 14:46:26 CDT 2025 |Update: New iFixes provided for AIX 7.2 TL5 SP7, 7.3 TL1 SP2 and SP3, | 7.3 TL2 SP1, and VIOS 3.1.4.31. The new iFixes include a packaging | change to clarify that the iFixes are cumulative and...

8.1CVSS7AI score0.00222EPSS

Exploits0

IBM Security Bulletins•added 2025/02/28 10:6 a.m.•11 views

Security Bulletin: IBM Sterling External Authentication Server is vulnerable to multiple issues

Summary Multple vulnerabilities affect IBM Sterling External Authentication Server and are addressed in the latest iFixes Vulnerability Details CVEID:CVE-2024-29857 DESCRIPTION: The Bouncy Castle Crypto Package For Java is vulnerable to a denial of service, caused by improper input validation. By...

7.5CVSS7.2AI score0.00259EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2024/02/02 8:25 a.m.•51 views

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for January 2024.

Summary Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 21.0.3-IF029 and 23.0.2-IF001. Vulnerability Details CVEID:CVE-2023-33008 DESCRIPTION: Apache Johnzon is vulnerable to a denial of service, caused by an unsafe deserialization flaw in BigDecimal. By...

8.8CVSS10AI score0.02718EPSS

Exploits6Affected Software1

IBM Security Bulletins•added 2023/11/02 5:31 p.m.•153 views

Security Bulletin: AIX is vulnerable to sensitive information exposure due to Perl (CVE-2023-31484 and CVE-2023-31486)

Summary UPDATED Nov 2: iFixes are now available for Perl 5.28.1 and 5.34.1. Perl version 5.28.1.7 and higher, and Perl version 5.34.1.4 and higher, have a dependency on OpenSSL 3.0. The iFixes are offered in lieu of updating to OpenSSL 3.0 and Perl 5.28.1.8 and 5.34.1.4. The iFixes may be...

8.1CVSS7.2AI score0.01523EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2023/10/04 8:22 a.m.•21 views

Security Bulletin: Vulnerability in commons-codec-1.8.jar have affected IBM Engineering Lifecycle Optimization - Publishing

Summary This security bulletin addresses security vulnerabilities with Apache Commons Codec that have been remediated in latest iFixes of IBM Engineering Lifecycle Optimization - Publishing Vulnerability Details IBM X-Force ID: 177835 DESCRIPTION: Apache Commons Codec could allow a remote attacke...

6.8AI score

Exploits0Affected Software1

IBM Security Bulletins•added 2023/10/04 8:4 a.m.•36 views

Security Bulletin: A vulnerability in JDOM affects IBM Engineering Lifecycle Optimization - Publishing

Summary A vulnerability in JDOM affects IBM Engineering Lifecycle Optimization - Publishing Vulnerability Details CVEID:CVE-2021-33813 DESCRIPTION: JDOM is vulnerable to a denial of service, caused by an XXE issue in SAXBuilder. By sending a specially-crafted HTTP request, a remote attacker could...

7.5CVSS7.4AI score0.01393EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2023/09/01 7:56 p.m.•95 views

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for August 2023

Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 21.0.3-IF024 and 23.0.1-IF002. Vulnerability Details CVEID:CVE-2021-33813 DESCRIPTION: JDOM is vulnerable to a denial of service,...

9.8CVSS9.6AI score0.60417EPSS

Exploits31Affected Software2

IBM Security Bulletins•added 2023/04/28 2:9 p.m.•64 views

Security Bulletin: Security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for April 2023

Summary In addition to many updates of operating system level packages, the following security vulnerability is addressed with IBM Cloud Pak for Business Automation 21.0.3-IF020 and 22.0.2-IF004. Vulnerability Details CVEID:CVE-2023-24998 DESCRIPTION: Apache Commons FileUpload and Tomcat are...

9.8CVSS8.5AI score0.94055EPSS

Exploits14Affected Software2

IBM Security Bulletins•added 2023/03/10 6:29 p.m.•51 views

Security Bulletin: Security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for Febuary 2023

Summary In addition to many updates of operating system level packages, the following security vulnerability is addressed with IBM Cloud Pak for Business Automation 21.0.3-IF018 and 22.0.2-IF002. Vulnerability Details CVEID:CVE-2022-38749 DESCRIPTION: SnakeYAML is vulnerable to a denial of servic...

7.5CVSS8.4AI score0.83506EPSS

Exploits13Affected Software2

IBM Security Bulletins•added 2023/03/02 2:18 p.m.•30 views

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Oct 2022 - Includes Oracle October 2022 CPU and IBM Java - OpenJ9 CVE-2022-3676

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 8 that are used by Rational Software Architect Designer and Rational Software Architect Designer for Websphere Software. These issues were disclosed as part of the IBM Java SDK updates in Oct 2022 and IBM Ja...

6.5CVSS6AI score0.00341EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2022/12/30 10:25 a.m.•94 views

Security Bulletin: Security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for December 2022

Summary In addition to many updates of operating system level packages, the following security vulnerability is addressed with IBM Cloud Pak for Business Automation 21.0.3-IF016 and 22.0.1-IF006. Vulnerability Details CVEID:CVE-2017-10355 DESCRIPTION: An unspecified vulnerability in Oracle Java S...

9.8CVSS8.4AI score0.06365EPSS

Exploits2Affected Software2

IBM Security Bulletins•added 2022/07/26 7:54 a.m.•55 views

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for June 2022

Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 21.0.2-IF012 and 21.0.3-IF010. Vulnerability Details CVEID:CVE-2021-43138 DESCRIPTION: Async could allow a remote attacker to...

8.2CVSS8.6AI score0.03234EPSS

Exploits4Affected Software1

IBM Security Bulletins•added 2022/04/01 5:39 p.m.•26 views

Security Bulletin: Cross-Site Scripting and information disclosure vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for March 2022 (CVE-2021-29835, CVE-39046)

Summary In addition to many updates of open source packages, the following security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 21.0.2-IF009 and 21.0.3-IF007. Vulnerability Details CVEID: CVE-2021-29835 DESCRIPTION: IBM Business Automation Workflow 18.0, 19.0, 20.0, a...

6.1CVSS1.1AI score0.00157EPSS

Exploits0Affected Software1

IBM AIX•added 2022/03/04 8:54 a.m.•149 views

There is a vulnerability in the AIX nimsh daemon for VIOS.,There is a vulnerability in the AIX nimsh daemon.

IBM SECURITY ADVISORY First Issued: Fri Mar 4 08:54:35 CST 2022 |Updated: Thu Mar 24 15:53:49 CDT 2022 |Update: New iFixes provided for all levels. The new iFixes resolve a | technical failure with the previous iFixes when running NIM commands | of extended length, resulting in a...

8.6CVSS8.4AI score0.00268EPSS

Exploits0

IBM Security Bulletins•added 2022/02/28 5:3 a.m.•78 views

Security Bulletin: Due to use of Apache Log4j, IBM Datacap is vulnerable to arbitrary code execution (CVE-2021-4104)

Summary Apache Log4j was used by 2 of the third party components used in Datacap as part of its logging infrastructure. The fix includes Apache Log4j v.2.17.1 for one of these third party component used in Datacap. The fix removes Apache Log4j for second third party component used in Datacap...

7.5CVSS1.2AI score0.72202EPSS

Exploits9Affected Software1

IBM Security Bulletins•added 2021/11/04 5:50 p.m.•35 views

Security Bulletin: Vulnerabilities in the AIX kernel (CVE-2021-29727, CVE-2021-29801, CVE-2021-29862)

Summary There are multiple vulnerabilities in the AIX kernel. Update 2: Wed Sep 1 16:11:34 CDT 2021 Update: Additional iFixes are now available. Additional iFixes are now available for: AIX 7100-05-06 and 7100-05-07 AIX 7200-03-05 and 7200-03-06 AIX 7200-04-02 and 7200-04-03 AIX 7200-05-01 VIOS...

8.4CVSS0.1AI score0.00041EPSS

Exploits0Affected Software2

IBM Security Bulletins•added 2021/09/15 12:53 p.m.•75 views

Security Bulletin: IBM has released AIX and VIOS iFixes in response to the vulnerabilities known as Spectre and Meltdown.

Summary IBM has released the following fixes for AIX and VIOS in response to CVE-2017-5715, CVE-2017-5753, and CVE-2017-5754. Vulnerability Details CVEID: CVE-2017-5715 CVEID: CVE-2017-5753 CVEID: CVE-2017-5754 iFixes released on August 17, 2018: Updated AIX and VIOS fixes for CVE-2017-5715, know...

5.6CVSS0.9427EPSS

Exploits14Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by