CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

IBM Security Bulletins•added 2024/04/02 11:7 a.m.•23 views

Security Bulletin: Multiple Vulnerabilities in IBM Application Performance Management Core Framework.

Summary Multiple vulnerabilities were addressed in IBM Application Performance Management 8.1.4.0 Core Framework IF26 patch. Vulnerability Details CVEID:CVE-2023-21930 DESCRIPTION: An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the JSSE component coul...

9.1CVSS9.8AI score0.02474EPSS

IBM Security Bulletins•added 2024/04/01 4:26 p.m.•47 views

Security Bulletin: Vulnerability with OpenJDK, commons-compress and spring-web-5.3.27/spring-web-5.3.32 affect IBM Cloud Object Storage Systems (April 2024v1)

Summary Vulnerability with OpenJDK- CVE-2024-20952, CVE-2024-20918, CVE-2024-20921, CVE-2024-20945, CVE-2024-20932, CVE-2024-20919, CVE-2024-20926, commons-compress CVE-2024-25710, CVE-2024-26308 , spring-web-5.3.27 CVE-2024-22243, spring-web-5.3.32CVE-2024-22259. This vulnerability has been...

8.1CVSS7.2AI score0.03967EPSS

IBM Security Bulletins•added 2024/03/28 4:4 p.m.•74 views

Security Bulletin: Multiple vulnerabilities in IBM Semeru Runtime affect z/Transaction Processing Facility

Summary There are multiple vulnerabilities in IBM® Semeru Runtime Certified Edition 11 that is used by the z/TPF system. z/TPF has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2024-20918 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow...

7.5CVSS7.2AI score0.01026EPSS

IBM Security Bulletins•added 2024/03/27 9:25 a.m.•23 views

Security Bulletin: Enterprise Content Manager System Monitor For March 2024 - Multiple CVE adressed

Summary Enterprise Content Manager System Monitor is vulnerable to multiple remote code execution and denial of service attacks in third party and open source used in the product for various functions. See full list below. The vulnerabilities have been addressed. Vulnerability Details...

9.8CVSS7.4AI score0.02921EPSS

RedHat Linux•added 2024/03/25 6:35 p.m.•41 views

Moderate: Red Hat Security Advisory: java-1.8.0-ibm security update

An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.4CVSS6.7AI score0.01026EPSS

Exploits0References1

RedHat Linux•added 2024/03/25 6:35 p.m.•2 views

OpenJDK: range check loop optimization issue (8314307)

Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or...

5.9CVSS7.2AI score0.00857EPSS

RedHat Linux•added 2024/03/25 6:35 p.m.•6 views

OpenJDK: RSA padding issue and timing side-channel attack against TLS (8317547)

7.4CVSS7.2AI score0.00911EPSS

RedHat Linux•added 2024/03/25 6:14 p.m.•2 views

OpenJDK: logging of digital signature private keys (8316976)

Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition executes to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks o...

4.7CVSS7.2AI score0.00411EPSS

RedHat Linux•added 2024/03/25 6:14 p.m.•43 views

Moderate: Red Hat Security Advisory: java-1.8.0-ibm security update

An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

7.4CVSS6.7AI score0.01026EPSS

Exploits0References1

RedHat Linux•added 2024/03/25 6:14 p.m.•3 views

OpenJDK: arbitrary Java code execution in Nashorn (8314284)

5.9CVSS7.2AI score0.01026EPSS

RedHat Linux•added 2024/03/25 6:14 p.m.•2 views

OpenJDK: range check loop optimization issue (8314307)

5.9CVSS7.2AI score0.00857EPSS

IBM Security Bulletins•added 2024/03/25 3:56 p.m.•41 views

Security Bulletin: There are multiple vulnerabilities in IBM Semeru Runtime that is shipped with IBM App Connect Enterprise

Summary There are multiple vulnerabilities in IBM Semeru Runtime used by IBM App Connect Enterprise. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-20932 DESCRIPTION: An unspecified vulnerability in Java SE related to the Security...

7.5CVSS6.9AI score0.01026EPSS

IBM Security Bulletins•added 2024/03/19 1:36 p.m.•63 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM License Metric Tool v9.

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 used by IBM License Metric Tool. These issues were disclosed as part of the IBM Java SDK updates in Jan 2024. Vulnerability Details CVEID:CVE-2024-20952 DESCRIPTION: An unspecified vulnerability in Java SE...

7.5CVSS7.1AI score0.01026EPSS

IBM Security Bulletins•added 2024/03/19 8:48 a.m.•35 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation Application Manager (CVE-2024-20952, CVE-2024-20918, CVE-2024-20921, CVE-2024-20919, CVE-2024-20926, CVE-2024-20945, CVE-2023-33850)

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition used by IBM Tivoli System Automation Application Manager. Vulnerability Details CVEID:CVE-2024-20952 DESCRIPTION: An unspecified vulnerability in Java SE related to the Security component could allow a remote attacker t...

7.5CVSS6.9AI score0.01026EPSS

Tenable Nessus•added 2024/03/18 12:0 a.m.•30 views

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 : OpenJDK 8 vulnerabilities (USN-6696-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6696-1 advisory. Yi Yang discovered that the Hotspot component of OpenJDK 8 incorrectly handled array accesses in the C1 compiler. An...

7.4CVSS7.2AI score0.01026EPSS

Exploits0References7

IBM Security Bulletins•added 2024/03/15 6:48 p.m.•45 views

Security Bulletin: Multiple vulnerabilities in Open JDK affecting Rational Functional Tester / DevOps Test UI

Summary There are multiple vulnerabilities in Open JDK Version 8, OpenJ9 used by Rational Functional Tester RFT / DevOps Test UI. RFT has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2024-20952 DESCRIPTION: An unspecified vulnerability in Java SE related to the Security componen...

7.4CVSS6.7AI score0.01026EPSS

IBM Security Bulletins•added 2024/03/15 1:21 p.m.•54 views

Security Bulletin: IBM Observability with Instana for Synthetic PoP is affected by Multiple Security Vulnerabilities

Summary Multiple vulnerabilities were addressed in IBM Observability with Instana for Synthetic PoP build 268 Vulnerability Details CVEID:CVE-2023-22041 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow a local attacker to cause high confidentiality...

9.8CVSS8.1AI score0.01613EPSS

IBM Security Bulletins•added 2024/03/14 9:39 a.m.•38 views

Security Bulletin: IBM Sterling Connect:Direct for Microsoft Windows is vulnerable to multiple issues due to IBM Runtime Environment Java Technology Edition

Summary IBM Sterling Connect:Direct for Microsoft Windows uses IBM Runtime Environment Java Technology Edition Version 8. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-20952 DESCRIPTION: An unspecified vulnerability in Java SE...

7.5CVSS6.5AI score0.01026EPSS