Lucene search
K

93 matches found

IBM Security Bulletins
IBM Security Bulletins
added 3 days ago3 views

Security Bulletin: Vulnerabilities in kernel library (CVE-2025-68724, CVE-2026-31431) affect Power HMC.

Summary The kernel library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2025-68724 DESCRIPTION: In the Linux kernel, the following vulnerability has been resolved: crypto: asymmetrickeys - prevent overflow in...

7.8CVSS6.8AI score0.96267EPSS
Exploits228Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/18 6:29 p.m.5 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to an out-of-memory condition in spdystream Go [CVE-2026-35469]

Summary IBM Watson Speech Services Cartridge is vulnerable to an out-of-memory condition in spdystream Go, caused by a flaw in SPDY/3 frame parser that does not validate attacker-controlled counts and lengths before allocating memory CVE-2026-35469. Spdystream Go is used in our speech utilities...

8.7CVSS5.2AI score0.00656EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/12 6:47 p.m.9 views

Security Bulletin: Security Vulnerability in Spring Boot Affects IBM Sterling B2B Integrator and IBM Sterling File Gateway (CVE-2025-22235)

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway have addressed the security vulnerability in Spring Boot Vulnerability Details CVEID:CVE-2025-22235 DESCRIPTION: EndpointRequest.to creates a matcher for null/ if the actuator endpoint, for which the EndpointRequest has been create...

7.3CVSS7.1AI score0.00358EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/08 7:14 p.m.9 views

Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM WebSphere Hybrid Edition, is affected by multiple vulnerabilities when using Web Server Plug-ins (CVE-2026-8633, CVE-2026-8620)

Summary IBM WebSphere Application Server, which is bundled with IBM WebSphere Hybrid Edition, is affected by remote code execution and HTTP request smuggling when using the optional and separately installable Web Server Plug-ins for IBM WebSphere Application Server component. Vulnerability Detail...

9.8CVSS6.3AI score0.00847EPSS
Exploits0Affected Software1
CVE
CVE
added 2026/05/22 9:17 p.m.37 views

CVE-2026-41075

RT (Request Tracker) is affected by an SQL injection in the JSON search path via the entry_aggregator parameter. Affected versions: 5.0.0–5.0.9 and 6.0.0–6.0.2. Root cause: input incorporated into queries without proper validation, enabling authenticated users to read or modify RT database data. ...

8.8CVSS5.8AI score0.00344EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/21 3:35 p.m.7 views

Security Bulletin: IBM® Db2® is vulnerable to a denial of service with a specially crafted query when running an AUTONOMOUS procedure (CVE-2026-1718)

Summary IBM® Db2® is vulnerable to a denial of service with a specially crafted query when autonomous transactions are enabled. Vulnerability Details CVEID:CVE-2026-1718 DESCRIPTION: IBM Db2 is vulnerable to a denial of service with a specially crafted query when autonomous transactions are...

7.5CVSS5.8AI score0.00362EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/22 1:18 p.m.10 views

Security Bulletin: Vulnerability in FreeIPA affects IBM Netezza Appliance

Summary The FreeIPA package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2025-7493 Vulnerability Details CVEID:CVE-2025-7493 DESCRIPTION: A privilege escalation flaw from host to domain administrator was found in FreeIPA. This vulnerability is...

9.1CVSS5.7AI score0.01827EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/22 12:26 p.m.7 views

Security Bulletin: Vulnerabilities in kernel affects IBM Netezza Appliance

Summary The kernel package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEs CVE-2023-52355, CVE-2023-52356 Vulnerability Details CVEID:CVE-2023-52355 DESCRIPTION: An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff...

7.5CVSS5.8AI score0.02187EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/06 12:20 p.m.6 views

Security Bulletin: IBM DataPower Gateway affected by integer overflow in OS kernel

Summary This flaw may affect TCP networking. Vulnerability Details CVEID:CVE-2022-50865 DESCRIPTION: In the Linux kernel, the following vulnerability has been resolved: tcp: fix a signed-integer-overflow bug in tcpaddbacklog The type of skrcvbuf and sksndbuf in struct sock is int, and in...

6.2AI score0.00168EPSS
Exploits0Affected Software1
Snyk
Snyk
added 2026/04/02 8:59 p.m.4 views

Replay Attack

Overview @openclaw/zalo is an OpenClaw Zalo channel plugin Affected versions of this package are vulnerable to Replay Attack in the replay deduplication process. An attacker can bypass intended access restrictions by reusing messageId values across authenticated sibling-target delivery paths...

5.4CVSS5.8AI score0.00274EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/27 8:3 a.m.6 views

Security Bulletin: Due to the use of hibernate-core. IBM webMethods BPM is vulnerable to a second-order SQL injection

Summary IBM webMethods BPM tool is dependant on hibernate-core which is affected by known vulnerability - CVE-2026-0603. Vulnerability Details CVEID:CVE-2026-0603 DESCRIPTION: A flaw was found in Hibernate. A remote attacker with low privileges could exploit a second-order SQL injection...

8.3CVSS6.1AI score0.00782EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/16 10:33 a.m.6 views

Security Bulletin: Optional Mongo DB images in IBM Cloud Pak for Business Automation 24.0.x are affected by CVE-2025-14847

Summary CVE-2025-14847 has been reported for the Mongo DB images shipped with IBM Cloud Pak for Business Automation 24.0.x. An updated version of the image is available. Vulnerability Details CVEID:CVE-2025-14847 DESCRIPTION: Mismatched length fields in Zlib compressed protocol headers may allow ...

8.7CVSS5.7AI score0.83007EPSS
Exploits39Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/09 2:40 p.m.7 views

Security Bulletin: IBM® Db2® is vulnerable to sensitive information disclosure under specific HADR configuration (CVE-2025-36425)

Summary IBM® Db2® could allow an authenticated user to obtain sensitive information under specific HADR configuration. Vulnerability Details CVEID:CVE-2025-36425 DESCRIPTION: IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server could allow an authenticated user to obtain sensitive...

6.5CVSS5.5AI score0.00174EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/29 3:41 p.m.11 views

Security Bulletin: IBM® Db2® Federated server is affected by a vulnerability in bcprov-jdk18on and bcpkix-jdk18on (CVE-2025-8916)

Summary IBM® Db2® Federated server is affected by a vulnerability in bcprov-jdk18on and bcpkix-jdk18on. Vulnerability Details CVEID:CVE-2025-8916 DESCRIPTION: Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. BC Java bcpkix on All API modules,...

6.3CVSS5.9AI score0.0043EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/13 7:39 a.m.6 views

Security Bulletin: Vulnerability in protobuf-c affects IBM Netezza Appliance

Summary The protobuf-c package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2022-48468 Vulnerability Details CVEID:CVE-2022-48468 DESCRIPTION: protobuf-c before 1.4.1 has an unsigned integer overflow in parserequiredmember. CWE:CWE-190: Integer...

5.5CVSS6.8AI score0.00366EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/16 6:16 a.m.5 views

Security Bulletin: Vulnerability in spring-core affects IBM Netezza Appliance

Summary The spring-core package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2025-41249 Vulnerability Details CVEID:CVE-2025-41249 DESCRIPTION: The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods...

7.5CVSS6.2AI score0.0046EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/31 6:4 p.m.11 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a Node DOS vulnerability in Kubernetes [CVE-2025-0426]

Summary IBM Watson Speech Services Cartridge is vulnerable to a Node DOS vulnerability in Kubernetes, due to a flaw in the kubelet read-only HTTP endpoint CVE-2025-0426. Kubernetes is used in our speech-utilities. This vulnerabilitiy has been addressed. Please read the details for remediation...

6.2CVSS6.5AI score0.00349EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/27 3:24 a.m.7 views

Security Bulletin: A vulnerability has been identified in OPUPI0 AMQP/MQTT (All versions < V5.30).

Summary A vulnerability has been identified in OPUPI0 AMQP/MQTT All versions V5.30. Vulnerability Details CVEID:CVE-2024-31486 DESCRIPTION: A vulnerability has been identified in OPUPI0 AMQP/MQTT All versions V5.30. The affected devices stores MQTT client passwords without sufficient protection o...

6CVSS6.5AI score0.00497EPSS
Exploits2Affected Software1
Positive Technologies
Positive Technologies
added 2025/08/21 12:0 a.m.8 views

PT-2025-34218 · Jsherp · Jsherp

Name of the Vulnerable Software and Affected Versions: jshERP version 3.5 Description: An incorrect access control issue exists in the controllerUserController.java component of jshERP version 3.5. This allows attackers to arbitrarily reset user account passwords and perform a horizontal privileg...

5.3CVSS7.4AI score0.00334EPSS
Exploits1References7
IBM Security Bulletins
IBM Security Bulletins
added 2025/08/05 6:37 p.m.7 views

Security Bulletin: IBM Tivoli Monitoring is affected by heap buffer overflow vulnerabilities

Summary IBM Tivoli Monitoring has addressed heap buffer overflow vulnerabilities CVE-2025-3354, CVE-2025-3320 Vulnerability Details CVEID:CVE-2025-3354 DESCRIPTION: IBM Tivoli Monitoring is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. A remote attacker could...

9.8CVSS7.6AI score0.00453EPSS
Exploits0Affected Software1
Rows per page
Query Builder