CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

929 matches found

IBM Security Bulletins•added 2024/05/13 3:7 p.m.•23 views

Security Bulletin: A vulnerability exists in IBM® SDK, Java™ Technology Edition affect IBM Tivoli Network Configuration Manager.

Summary Java on z/OS properties files not read correctly under certain locales / codepages vulnerability exists in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Network Configuration Manager IP Edition v6.4.2 Vulnerability Details IBM X-Force ID: PSIRT-ADV0103951...

6.4AI score

Exploits0Affected Software1

IBM Security Bulletins•added 2024/05/13 2:27 p.m.•34 views

Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect IBM WebSphere Application Server and IBM WebSphere Application Server Liberty due to April 2024 CPU

Summary There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVEs listed in this document might affect some configurations of IBM WebSphere Application Server traditiona...

7.5CVSS5.2AI score0.00339EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2024/05/13 11:52 a.m.•32 views

Security Bulletin: Multiple vulnerabilities exists in IBM® SDK, Java™ Technology Edition affect IBM Tivoli Network Configuration Manager.

Summary Multiple vulnerabilities exists in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Network Configuration Manager IP Edition v6.4.2. CVE-2024-20952, CVE-2024-20918, CVE-2024-20921, CVE-2024-20919, CVE-2024-20926, CVE-2024-20945, CVE-2023-33850 Vulnerability Detail...

7.5CVSS6.9AI score0.00319EPSS

Exploits0Affected Software1

Cvelist•added 2024/05/10 5:21 p.m.•15 views

CVE-2023-38264 IBM SDK, Java Technology Edition denial of service

The IBM SDK, Java Technology Edition's Object Request Broker ORB 7.1.0.0 through 7.1.5.21 and 8.0.0.0 through 8.0.8.21 is vulnerable to a denial of service attack in some circumstances due to improper enforcement of the JEP 290 MaxRef and MaxDepth deserialization filters. IBM X-Force ID: 260578...

5.9CVSS5.7AI score0.00199EPSS

Exploits0References2

Vulnrichment•added 2024/05/10 5:21 p.m.•22 views

CVE-2023-38264 IBM SDK, Java Technology Edition denial of service

5.9CVSS6.3AI score0.00199EPSS

Exploits0References2

IBM Security Bulletins•added 2024/05/10 3:4 p.m.•30 views

Security Bulletin: IBM Security Guardium is affected by an IBM SDK, Java Technology Edition Quarterly CPU - Oct 2023 vulnerability (CVE-2023-22081, CVE-2023-22067, CVE-2023-5676)

Summary IBM Security Guardium has addressed these vulnerabilities with updates. Vulnerability Details CVEID:CVE-2023-22081 DESCRIPTION: An unspecified vulnerability in Java SE related to the JSSE component could allow a remote attacker to cause no confidentiality impact, no integrity impact, and...

5.9CVSS6.2AI score0.00172EPSS

Exploits0Affected Software1

RedhatCVE•added 2024/05/10 8:27 a.m.•47 views

CVE-2023-38264

The IBM SDK, Java Technology Edition's Object Request Broker ORB is vulnerable to a denial of service attack in some circumstances due to improper enforcement of the JEP 290 MaxRef and MaxDepth deserialization filters...

5.9CVSS7AI score0.00199EPSS

Exploits0References6

Positive Technologies•added 2024/05/10 12:0 a.m.•1 views

PT-2024-12693 · Ibm +3 · Ibm Sdk +4

Name of the Vulnerable Software and Affected Versions: IBM SDK, Java Technology Edition versions 7.1.0.0 through 7.1.5.21 IBM SDK, Java Technology Edition versions 8.0.0.0 through 8.0.8.21 Description: The issue is related to a denial of service attack due to improper enforcement of the JEP 290...

7.5CVSS5.6AI score0.00669EPSS

Exploits0References50

CNNVD•added 2024/05/10 12:0 a.m.•1 views

IBM SDK, Java Technology Edition 代码问题漏洞

IBM SDK, Java Technology Edition is a software development kit for Java application development from International Business Machines IBM. A code issue vulnerability exists in IBM SDK, Java Technology Edition that stems from the fact that under certain circumstances, the JEP 290 MaxRef and MaxDept...

7.5CVSS6.8AI score0.00199EPSS

Exploits0References4

IBM Security Bulletins•added 2024/05/09 7:33 p.m.•69 views

Security Bulletin: Multiple vulnerabilities affect IBM® SDK, Java™ Technology Edition

Summary This bulletin for IBM SDK, Java Technology Edition covers all applicable Java SE CVEs published by Oracle as part of their April 2024 Critical Patch Update, plus CVE-2023-38264. For more information please refer to Oracle's April 2024 CPU Advisory and the X-Force database entries referenc...

5.9CVSS4.8AI score0.00417EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2024/04/26 7:53 p.m.•44 views

Security Bulletin: IBM MQ is affected by multiple vulnerabilities in the IBM Runtime Environment, Java Technology Edition (CVE-2024-20952 and CVE-2023-33850)

Summary Multiple issues were identified with IBM Runtime Environment, Java Technology Edition, Version 8 which is shipped with IBM MQ. CVE-2023-33850 covers the GSKIT-Crypto ICC package used by IBM Runtime Environment, Java Technology Edition. This is separate to the GSKit-SSL package which is...

7.5CVSS7.5AI score0.00319EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2024/04/26 2:47 p.m.•52 views

Security Bulletin: IBM MQ Appliance is affected by multiple vulnerabilities in the IBM Runtime Environment, Java Technology Edition (CVE-2024-20952 and CVE-2023-33850)

Summary Multiple issues were identified with IBM Runtime Environment, Java Technology Edition, Version 8 which is shipped in IBM MQ Appliance. Vulnerability Details CVEID:CVE-2024-20952 DESCRIPTION: An unspecified vulnerability in Java SE related to the Security component could allow a remote...

7.5CVSS7.5AI score0.00319EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2024/04/09 7:59 p.m.•39 views

Security Bulletin: Multiple vulnerabilities may affect IBM® SDK, Java™ Technology Edition used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2023-22036, CVE-2023-22006, CVE-2023-22041, CVE-2023-22049 and CVE-2023-22045)

Summary Multiple vulnerabilities may affect IBM® SDK, Java™ Technology Edition used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2023-22036 DESCRIPTION: An unspecified vulnerability in Java SE related to the Utility component could allow a remo...

5.1CVSS5.5AI score0.00143EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2024/04/09 12:27 p.m.•40 views

Security Bulletin: There are multiple vulnerabilities in the IBM SDK, Java Technology Edition that is shipped with IBM TXSeries for Multiplatforms (CVE-2023-22081, CVE-2023-22067, CVE-2023-5676, CVE-2023-22045 and CVE-2023-22049).

Summary There are multiple vulnerabilities in the IBM SDK, Java Technology Edition that is shipped with IBM TXSeries for Multiplatforms CVE-2023-22081, CVE-2023-22067, CVE-2023-5676, CVE-2023-22045 and CVE-2023-22049. An update to IBM TXSeries for Multiplatforms has been released to address these...

5.9CVSS6.1AI score0.00172EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2024/04/02 8:6 p.m.•57 views

Security Bulletin: IBM Sterling Connect:Direct for UNIX is vulnerable to unspecified vulnerabilities and sensitive information exposure due to IBM Runtime Environment Java Technology Edition Version 8

Summary IBM Java 8 is used by IBM Sterling Connect:Direct for UNIX in product configuration, management, and data transmission. IBM Sterling Connect:Direct for UNIX is impacted by unspecified vulnerabilities and sensitive information exposure due to IBM Java 8. IBM Sterling Connect:Direct for UNI...

7.5CVSS7AI score0.00319EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2024/03/21 1:10 p.m.•35 views

Security Bulletin: Multiple vulnerabilities exists in the IBM® SDK, Java™ Technology Edition affect IBM Tivoli Network Manager.

Summary Multiple vulnerabilities exists in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Network Manager IP Edition . CVE-2024-20952, CVE-2024-20918, CVE-2024-20921, CVE-2024-20919, CVE-2024-20926, CVE-2024-20945, CVE-2023-33850 Vulnerability Details CVEID:CVE-2024-209...

7.5CVSS6.9AI score0.00319EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2024/03/21 11:56 a.m.•19 views

Security Bulletin: Vulnerability in IBM® SDK, Java™ Technology affects IBM Cloud Pak System [CVE-2022-3676]

Summary Vulnerability in IBM® SDK, Java™ Technology affect Cloud Pak System. Vulnerability Details CVEID:CVE-2022-3676 DESCRIPTION: Eclipse Openj9 could allow a remote attacker to bypass security restrictions, caused by improper runtime type check by the interface calls. By sending a...

6.5CVSS6.5AI score0.00341EPSS

Exploits0Affected Software3

IBM Security Bulletins•added 2024/03/20 6:38 a.m.•28 views

Security Bulletin: The IBM® Engineering Lifecycle Engineering product using IBM SDK, Java Technology Edition Quarterly CPU - Jan 2024 - Includes Oracle January 2024 CPU is vulnerable to CVE-2023-33850

Summary This bulletin covers all applicable Java SE CVEs published by Oracle as part of their January 2024 Critical Patch Update, plus CVE-2023-33850. Following IBM® Engineering Lifecycle Engineering products are vulnerable to this attack: IBM Engineering Test Management, ELM Installer...

7.5CVSS7.3AI score0.00057EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2024/03/14 7:16 p.m.•20 views

Security Bulletin: Multiple security vulnerabilities in IBM SDK, Java Technology Edition affects IBM OpenPages

Summary IBM® SDK, Java™ Technology Edition is shipped as a supporting program of IBM OpenPages. Information about a security vulnerability affecting IBM SDK, Java Technology Edition has been published in multiple security bulletins. These products have addressed the applicable CVEs. For a complet...

7AI score

Exploits0Affected Software1

IBM Security Bulletins•added 2024/03/14 9:39 a.m.•36 views

Security Bulletin: IBM Sterling Connect:Direct for Microsoft Windows is vulnerable to multiple issues due to IBM Runtime Environment Java Technology Edition

Summary IBM Sterling Connect:Direct for Microsoft Windows uses IBM Runtime Environment Java Technology Edition Version 8. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-20952 DESCRIPTION: An unspecified vulnerability in Java SE...

7.5CVSS6.5AI score0.00319EPSS

Exploits0Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by