Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to VMware Tanzu Spring Framework denial of service vulnerabilitiy [CVE-2023-20863]

Summary Potential VMware Tanzu Spring Framework denial of service vulnerabilitiy have been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. CVE-2023-20863 Vulnerability Details...

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to Mozilla Network Security Services (NSS) arbitrary code execution vulnerability( CVE-2023-0767)

Summary Potential Mozilla Network Security Services NSS arbitrary code execution vulnerability CVE-2023-0767 has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. Refer to details for additional information. Vulnerability Details CVEID:CVE-2023-0767 DESCRIPTION:...

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to multiple Freedesktop D-Bus denial of service vulnerability

Summary Potential Freedesktop D-Buss denial of service vulnerabilities has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. Refer to details for additional information. Vulnerability Details CVEID:CVE-2022-42010 DESCRIPTION: Freedesktop D-Bus is vulnerable to a...

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to Node.js fast-csv modules denial of service vulnerability( CVE-2020-26256)

Summary Potential Node.js fast-csv modules denial of service vulnerability CVE-2020-26256 has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. Refer to details for additional information. Vulnerability Details CVEID:CVE-2020-26256 DESCRIPTION: Node.js fast-csv...

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to Libksba abitrary code execution vulnerability( CVE-2022-47629)

Summary Potential Libksba abitrary code executionvulnerability CVE-2022-47629 has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. Refer to details for additional information. Vulnerability Details CVEID:CVE-2022-47629 DESCRIPTION: Libksba could allow a remote...

Security Bulletin: Watson CP4D Data Stores is vulnerable to Golang Go to a denial of service (CVE-2022-1962)

Summary Potential Golang Go to a denial of service vulnerability CVE-2022-1962 has been identified that may affect Watson CP4D Data Stores Refer to details for additional information. Vulnerability Details CVEID:CVE-2022-1962 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by ...

CVE-2022-43376

A CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists that could cause code and session manipulation when malicious code is inserted into the browser. Affected Products: NetBotz 4 - 355/450/455/550/570 V4.7.0 and prior...

CVE-2022-43377

A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that could cause account takeover when a brute force attack is performed on the account. Affected Products: NetBotz 4 - 355/450/455/550/570 V4.7.0 and prior...

CVE-2022-43376

CVE-2022-43376 is a Cross-site Scripting (CWE-79) vulnerability in Schneider Electric NetBotz NetBotz 4 series (versions 4.7.0 and prior; affected models include 355/450/455/550/570). The issue arises from improper neutralization of input during web page generation, enabling code and session mani...

CVE-2020-35514

An insecure modification flaw in the /etc/kubernetes/kubeconfig file was found in OpenShift. This flaw allows an attacker with access to a running container which mounts /etc/kubernetes or has local access to the node, to copy this kubeconfig file and attempt to add their own node to the OpenShif...