Lucene search
K

14 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/05/16 7:21 p.m.27 views

Security Bulletin: Vulnerabilities in Pivota Spring Framework, VMware Tanzu Spring Framework, VMware Spring Framework might affect IBM Storage Defender Copy Data Management.

Summary IBM Storage Defender Copy Data Management can be affected by vulnerabilities in Pivota Spring Framework, VMware Tanzu Spring Framework, VMware Spring Framework. Vulnerabilities include an attacker and remote attacker could exploit these vulnerabilities to execute arbitrary code on the...

9.8CVSS8.8AI score0.32257EPSS
Exploits8Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.37 views

RHEL 7 : ibm_jdk (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - IBM JDK: unsafe deserialization flaw in the Object Request Broker ORB CVE-2022-40609 - IBM JDK: Object...

8.2AI score0.01827EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2024/05/06 4:53 p.m.49 views

Security Bulletin: VMware Tanzu Spring Framework is vulnerable to multiple security CVEs used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses VMWare Tanzu Spring Framework which is vulnerable to multiple security CVEs. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-22262 DESCRIPTION: VMware Tanzu Spring Framewo...

9.8CVSS8.8AI score0.32257EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/11/29 3:31 p.m.65 views

Security Bulletin: A vulnerability in IBM Java SDK and IBM Java Runtime affects IBM® Db2® (CVE-2022-40609)

Summary There was a vulnerability in IBM® Runtime Environment Java™ Version 7.1.5.18 and earlier, 8.0.8.4 and earlier used by IBM® Db2®. Vulnerability Details CVEID:CVE-2022-40609 DESCRIPTION: IBM SDK, Java Technology Edition 7.1.5.18 and 8.0.8.0 could allow a remote attacker to execute arbitrary...

9.8CVSS9AI score0.01827EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/05 3:25 p.m.34 views

Security Bulletin: IBM SDK, Java Technology Edition, Security Update August 2023

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, 8 that is used by Rational Application Developer®. These issues were disclosed as part of the IBM Java SDK updates up to August 2023. IBM 8 SR8 FP5 1.8.0371. Vulnerability Details CVEID:CVE-2022-40609 DESCRIPTION: IB...

9.8CVSS9.2AI score0.01827EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/08/25 9:25 p.m.37 views

Security Bulletin: IBM Java SDK and IBM Java Runtime for IBM i are vulnerable to arbitrary code execution due to an unsafe deserialization flaw (CVE-2022-40609).

Summary IBM® SDK Java™ Technology Edition and IBM® Runtime Environment Java™ used by IBM i are vulnerable to an attacker executing arbitrary code due to an unsafe deserialization flaw as described in the vulnerability details section. The vulnerability is fixed by applying an IBM i Group PTF for...

9.8CVSS9.1AI score0.01827EPSS
Exploits0Affected Software4
IBM Security Bulletins
IBM Security Bulletins
added 2023/08/16 6:50 p.m.30 views

Security Bulletin: Vulnerability in IBM Java SDK and IBM Java Runtime affect Rational Functional Tester

Summary There is vulnerability in IBM® SDK Java™ Technology Edition, Version 1.8 and IBM® Runtime Environment Java™ Version 1.8 used by Rational Functional Tester. Rational Functional Tester has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2022-40609 DESCRIPTION: IBM SDK, Java...

9.8CVSS8.9AI score0.01827EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/04/27 11:5 p.m.46 views

Security Bulletin: IBM InfoSphere Information Server is affected by multiple vulnerabilities in XStream

Summary Multiple vulnerabilities in XStream that is used by IBM InfoSphere Information Server were addressed. Vulnerability Details CVEID:CVE-2021-39145 DESCRIPTION: XStream could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization...

8.8CVSS7.5AI score0.98124EPSS
Exploits17Affected Software1
CloudLinux
CloudLinux
added 2022/02/10 1:49 p.m.328 views

Fix of CVE: CVE-2022-23307, CVE-2022-23302

CVE-2022-23307: Fix Unsafe deserialization flaw in Chainsaw log viewer - CVE-2022-23302: Fix remote code execution when application is configured to use JMSSink...

9CVSS3.2AI score0.61785EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2022/02/07 1:43 p.m.54 views

Moderate: Red Hat Security Advisory: Red Hat Single Sign-On 7.4.10 security update

A security update is now available for Red Hat Single Sign-On 7.4 from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS7.5AI score0.81147EPSS
Exploits10References7
Tenable Nessus
Tenable Nessus
added 2022/02/04 12:0 a.m.157 views

RHEL 7 / 8 : Red Hat JBoss Enterprise Application Platform 7.4 (RHSA-2022:0436)

The remote Redhat Enterprise Linux 7 / 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0436 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This...

9.8CVSS8.5AI score0.81147EPSS
Exploits10References12
RedHat Linux
RedHat Linux
added 2022/01/26 2:48 p.m.74 views

Important: Red Hat Security Advisory: parfait:0.5 security update

An update for the parfait:0.5 module is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

9.8CVSS7.5AI score0.81147EPSS
Exploits10References6
AlmaLinux
AlmaLinux
added 2022/01/26 2:27 p.m.60 views

Important: parfait:0.5 security update

Parfait is a Java performance monitoring library that collects metrics and exposes them through a variety of outputs. It provides APIs for extracting performance metrics from the JVM and other sources. It interfaces to Performance Co-Pilot PCP using the Memory Mapped Value MMV machinery for...

9.8CVSS10.3AI score0.81147EPSS
Exploits10References5
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/10 8:38 p.m.45 views

Security Bulletin: Vulnerabilities in XStream affect IBM Spectrum Protect Plus

Summary Multiple vulnerabilities in XStream, such as execution of arbitrary code, denial of service, and server-side request forgery, may affect IBM Spectrum Protect Plus. Vulnerability Details CVEID: CVE-2021-39146 DESCRIPTION: XStream could allow a remote authenticated attacker to execute...

8.8CVSS8.8AI score0.98124EPSS
Exploits16Affected Software1
Rows per page
Query Builder