Lucene search
+L

2991 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:25 p.m.37 views

Security Bulletin: A vulnerability in GSKit affects IBM Security Network Protection (CVE-2015-1788)

Summary A security vulnerability has been discovered in GSKit used with IBM Security Network Protection. Vulnerability Details CVE ID: CVE-2015-1788 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by an error when processing an ECParameters structure over a specially crafted...

4.3CVSS1.5AI score0.23222EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:25 p.m.48 views

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Security Network Protection (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects IBM Security Network Protection. Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to...

4.3CVSS0.4AI score0.9986EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:25 p.m.41 views

Security Bulletin: Vulnerabilities in unzip affect IBM Security Network Protection (CVE-2014-8139, CVE-2014-8140, CVE-2014-8141, and CVE-2014-9636 )

Summary The unzip utility is used to list, test, or extract files from a zip archive. Security vulnerabilities have been discovered in unzip used with IBM Security Network Protection. Vulnerability Details CVE ID: CVE-2014-8139 DESCRIPTION: Info-ZIP UnZip is vulnerable to a heap-based buffer...

7.8CVSS0.5AI score0.11779EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:25 p.m.34 views

Security Bulletin: Vulnerabilities in GNU glibc affect IBM Security Network Protection (CVE-2013-7423, and CVE-2015-1781)

Summary The GNU glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the Name Server Caching Daemon nscd used by multiple programs on the system. Security vulnerabilities have been discovered in glibc used with IBM Security...

6.8CVSS0.2AI score0.05808EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:25 p.m.46 views

Security Bulletin: Multiple vulnerabilities in IBM Java affect IBM Security Network Protection

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 7 that is used by IBM Security Network Protection. These issues were disclosed as part of the IBM Java SDK updates in June 2015. CVE-2015-0138, CVE-2015-0192, CVE-2015-0204, CVE-2015-0458,...

10CVSS0.6AI score0.98685EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:24 p.m.16 views

Security Bulletin: IBM Security Network Protection contains a Cross-Site Request Forgery vulnerability.

Summary IBM Security Network Protection is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading an authenticated user to visit a malicious Web site, a remote attacker could send a malformed HTTP request. An attacker could exploit this...

6.8CVSS1.2AI score0.00824EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:23 p.m.37 views

Security Bulletin: Vulnerability in GSKit affects IBM Security Network Protection (CVE-2015-0138)

Summary GSKit is an IBM component that is used by IBM Security Network Protection. The GSKit that is shipped with IBM Security Network Protection contains multiple security vulnerabilities including the FREAK: Factoring Attack on RSA-EXPORT keys" TLS/SSL client and server vulnerability. IBM...

4.3CVSS1.5AI score0.03239EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:22 p.m.17 views

Security Bulletin: IBM Security Network Protection is vulnerable to Cross-Site Scripting. (CVE-2014-6189)

Summary IBM Security Network Protection contains a Cross-Site Scripting vulnerability. Vulnerability Details CVEID:CVE-2014-6189 DESCRIPTION: IBM Security Network Protection is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploi...

6.1CVSS0.8AI score0.01165EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:22 p.m.38 views

Security Bulletin: IBM Security Network Protection is affected by a NSS vulnerability (CVE-2014-3566)

Summary A security vulnerability has been discovered in Network Security Services NSS used with IBM Security Network Protection. This update adds support for the TLS Fallback Signaling Cipher Suite Value TLSFALLBACKSCSV, which can be used to prevent protocol downgrade attacks against applications...

4.3CVSS1.1AI score0.99999EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:22 p.m.34 views

Security Bulletin: IBM Security Network Protection is affected by OpenSSL vulnerabilities (CVE-2014-3569, CVE-2014-3570, CVE-2014-3571, CVE-2014-3572, CVE-2014-8275, CVE-2015-0204, CVE-2015-0205, and CVE-2015-0206)

Summary Security vulnerabilities have been discovered in OpenSSL used with IBM Security Network Protection. Vulnerability Details CVEID:CVE-2014-3569 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by the failure to properly handle attempts to use unsupported protocols by the...

5CVSS0.5AI score0.98685EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:22 p.m.33 views

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Security Network Protection (CVE-2014-6512, CVE-2014-6457, CVE-2014-6558, CVE-2014-3065)

Summary There are multiple vulnerabilities in IBM Runtime Environment Java Technology Edition, Version 7 that is used by IBM Security Network Protection. These issues were disclosed as part of the IBM Java SDK updates in October 2014. Vulnerability Details CVEID:CVE-2014-6512 DESCRIPTION:An...

6.9CVSS1.5AI score0.03422EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:22 p.m.76 views

Security Bulletin: GNU C library (glibc) vulnerability affects IBM Security Network Protection (CVE-2015-0235)

Summary GNU C library glibc vulnerability that has been referred to as GHOST affects IBM Security Network Protection. Vulnerability Details CVEID: CVE-2015-0235 DESCRIPTION: The gethostbyname functions of the GNU C Library glibc are vulnerable to a buffer overflow. By sending a specially crafted,...

10CVSS0.9AI score0.94859EPSS
Exploits29Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:22 p.m.43 views

Security Bulletin: Multiple vulnerabilities in IBM Security Network Protection (CVE-2014-3567, CVE-2014-4877, CVE-2014-3513, CVE-2014-3566, CVE-2014-3567, CVE-2014-3568)

Summary An OpenSSL and a Wget vulnerability have been discovered in IBM Security Network Protection. Vulnerability Details CVEID: CVE-2014-4877 DESCRIPTION: GNU Wget could allow a remote attacker to launch a symlink attack. Temporary files are created insecurely. A remote attacker could exploit...

9.3CVSS1.1AI score0.99999EPSS
Exploits11Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:21 p.m.42 views

Security Bulletin: TLS padding vulnerability affects IBM Security Network Protection (CVE-2014-8730)

Summary Transport Layer Security TLS padding vulnerability via a POODLE Padding Oracle On Downgraded Legacy Encryption like attack affects IBM Security Network Protection. Vulnerability Details CVE-ID: CVE-2014-8730 DESCRIPTION: Product could allow a remote attacker to obtain sensitive informatio...

4.3CVSS0.8AI score0.1372EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:20 p.m.19 views

Security Bulletin: IBM Security Network Protection is affected by Shell Command Injection vulnerability (CVE-2014-6183)

Summary A Shell Command Injection vulnerability has been discovered in IBM Security Network Protection. Vulnerability Details CVE-ID: CVE-2014-6183 Description: IBM Security Network Protection could allow a remote attacker to execute arbitrary commands on the system. An authenticated attacker cou...

4CVSS2AI score0.01786EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:19 p.m.41 views

Security Bulletin: Network Protection is affected by multiple OpenSSL vulnerabilities (CVE-2014-3505, CVE-2014-3506, CVE-2014-3507, CVE-2014-3510, CVE-2014-3511)

Summary Multiple security vulnerabilities have been discovered in OpenSSL version used by IBM Security Network Protection. Vulnerability Details CVE-ID: CVE-2014-3505 Description: OpenSSL is vulnerable to a denial of service, caused by a double-free error when handling DTLS packets. A remote...

5CVSS1.8AI score0.51436EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:18 p.m.33 views

Security Bulletin: IBM Security Network Protection System CPU Utilization (CVE-2014-0963)

Summary IBM Security Network Protection System is affected by a problem related to the SSL implementation which, under very specific conditions, can cause CPU utilization to rapidly increase. Vulnerability Details CVE ID: CVE-2014-0963 DESCRIPTION: IBM Security Network Protection System is affect...

7.1CVSS1.1AI score0.03077EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:18 p.m.42 views

Security Bulletin: IBM Security Network Protection is affected by the following OpenSSL vulnerabilities: CVE-2014-0224, CVE-2014-0198, CVE-2010-5298, CVE-2014-3470

Summary Security vulnerabilities have been discovered in OpenSSL that were reported on June 5, 2014 by the OpenSSL Project. Vulnerability Details CVE-ID: CVE-2014-0224 DESCRIPTION: OpenSSL is vulnerable to a man-in-the-middle attack, caused by the use of weak keying material in SSL/TLS clients an...

7.4CVSS1.9AI score0.95326EPSS
Exploits9Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:18 p.m.33 views

Security Bulletin: IBM Security Network Protection System CPU utilization (CVE-2014-0963)

Summary IBM Security Network Protection System is affected by a problem related to the SSL implementation which, under very specific conditions, can cause CPU utilization to rapidly increase. Vulnerability Details CVE ID: CVE-2014-0963 DESCRIPTION: IBM Security Network Protection System is affect...

7.1CVSS1.1AI score0.03077EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:15 p.m.18 views

Security Bulletin: Security Network Protection is affected by a cross-site scripting vulnerability (CVE-2013-5442)

Summary IBM Security Network Protection is affected by a cross-site scripting vulnerability that could be used to impersonate a legitimate user, allowing the impersonator to alter user records, and to perform transactions as that user. Vulnerability Details The IBM Security Network Protection Loc...

4.3CVSS9AI score0.01788EPSS
Exploits0Affected Software1
Rows per page
Query Builder