Lucene search
K

370 matches found

NVD
NVD
added 2026/06/22 4:16 p.m.11 views

CVE-2026-7253

IBM Watson Speech Services Cartridge is vulnerable to Server-Side Request Forgery SSRF in Sterling File Gateway, due to a flaw which may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks...

8.8CVSS0.002EPSS
Exploits0References1
CVE
CVE
added 2026/06/22 3:21 p.m.22 views

CVE-2026-7253

CVE-2026-7253 summary: IBM Watson Speech Services Cartridge is affected by a Server-Side Request Forgery (SSRF) in Sterling File Gateway. Affected versions are 4.0.0–5.3.1. The root cause is SSRF allowing an authenticated attacker to issue unauthorized requests from the system, with potential net...

8.8CVSS5.8AI score0.002EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/06/22 3:21 p.m.10 views

EUVD-2026-38266

IBM Watson Speech Services Cartridge is vulnerable to Server-Side Request Forgery SSRF in Sterling File Gateway, due to a flaw which may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks...

5.3CVSS5.8AI score0.002EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/22 3:21 p.m.35 views

CVE-2026-7253 IBM Watson Speech Services Cartridge is vulnerable to Server-Side Request Forgery (SSRF) in Sterling File Gateway

IBM Watson Speech Services Cartridge is vulnerable to Server-Side Request Forgery SSRF in Sterling File Gateway, due to a flaw which may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks...

5.3CVSS0.002EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/18 7:51 p.m.5 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to privilege escalation in Sudo [CVE-2026-35535]

Summary IBM Watson Speech Services Cartridge is vulnerable to privilege escalation in Sudo, due to a failure of a setuid, setgid, or setgroups call, during a privilege drop before running the mailer, which is not recognised as a fatal error and can lead to privilege escalation. CVE-2026-35535. Su...

7.8CVSS5.1AI score0.00173EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/18 7:40 p.m.8 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a privilege validation bypass in Moby [CVE-2026-33997]

Summary IBM Watson Speech Services Cartridge is vulnerable to a privilege validation bypass in Moby, due to an error in the daemon's privilege comparison logic, which allows the daemon to incorrectly accept a privilege set that differs from the one approved by the user CVE-2026-33997. Moby is use...

8.4CVSS5.1AI score0.00387EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/18 7:35 p.m.6 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to Server-Side Request Forgery (SSRF) in Sterling File Gateway [GHSA-rr7j-v2q5-chgv] [CVE-2026-7253]

Summary IBM Watson Speech Services Cartridge is vulnerable to Server-Side Request Forgery SSRF in Sterling File Gateway, due to a flaw which may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks...

8.8CVSS5.3AI score0.002EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/18 7:15 p.m.7 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to multiple issues in Cryptography [CVE-2026-34073] [CVE-2026-39892]

Summary IBM Watson Speech Services Cartridge is vulnerable to Improper Certificate Validation and Improper Restriction of Operations within the Bounds of a Memory Buffer in Cryptography CVE-2026-34073 CVE-2026-39892. Cryptography is used in our speech runtimes. This vulnerabilitiy has been...

9.8CVSS5.6AI score0.00652EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/18 6:29 p.m.6 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to an out-of-memory condition in spdystream Go [CVE-2026-35469]

Summary IBM Watson Speech Services Cartridge is vulnerable to an out-of-memory condition in spdystream Go, caused by a flaw in SPDY/3 frame parser that does not validate attacker-controlled counts and lengths before allocating memory CVE-2026-35469. Spdystream Go is used in our speech utilities...

8.7CVSS5.2AI score0.00656EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/10 6:6 p.m.28 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to multiple Operator package issues

Summary IBM Watson Speech Services Cartridge is vulnerable to multiple Operator package issues. We have performed updates to the Operators used by our Speech Services. The following vulnerabilities have been addressed in this update. Please read the details for remediation below. Vulnerability...

7.5CVSS6.6AI score0.00882EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/21 3:48 p.m.8 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a runtime panic condition in go-git [CVE-2026-33762]

Summary IBM Watson Speech Services Cartridge is vulnerable to a runtime panic condition in go-git, due to a flaw in the index decoder for format version 4 that fails to validate the path name prefix length before applying it to the previously decoded path name CVE-2026-33762. Go-git is used as pa...

2.8CVSS5.7AI score0.00153EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/21 3:46 p.m.19 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a denial of service in go-git [CVE-2026-34165]

Summary IBM Watson Speech Services Cartridge is vulnerable to a denial of service in go-git, due to a flaw which can allow a maliciously crafted .idx file to cause asymmetric memory consumption, potentially exhausting available memory and resulting in a denial-of-service DoS condition...

5CVSS7.1AI score0.00147EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/21 3:39 p.m.9 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a Server-Side Request Forgery in LangChain [CVE-2026-26013]

Summary IBM Watson Speech Services Cartridge is vulnerable to a Server-Side Request Forgery in LangChain, due to a faulty method that fetches arbitrary imageurl values without validation when computing token counts for vision-enabled models. CVE-2026-26013. LangChain is used in our speech runtime...

3.7CVSS5.9AI score0.00379EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/21 3:36 p.m.8 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to path-traversal in golang os module [CVE-2026-27139]

Summary IBM Watson Speech Services Cartridge is vulnerable to path-traversal in golang os module, due to ability of a FileInfo action to reference a file outside of the Root in which the File was opened. CVE-2026-27139. Golang os module is used in our speech utilities. This vulnerabilitiy has bee...

2.5CVSS7.3AI score0.00201EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/21 3:32 p.m.18 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to insufficient validation in url.Parse [CVE-2026-25679]

Summary IBM Watson Speech Services Cartridge is vulnerable to insufficient validation in url.Parse, which may cause acceptance of some invalid URLs CVE-2026-25679. url.Parse is used in our speech utilities. This vulnerabilitiy has been addressed. Please read the details for remediation below...

7.5CVSS7.1AI score0.00728EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/21 3:21 p.m.14 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a denial of service in Pillow [CVE-2026-40192]

Summary IBM Watson Speech Services Cartridge is vulnerable to a denial of service in Pillow, due to a failure to limit the amount of GZIP-compressed data read when decoding a FITS image, making them vulnerable to decompression bomb attack CVE-2026-40192. Pillow is used in our speech runtimes. Thi...

8.7CVSS7AI score0.00671EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/21 3:13 p.m.8 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a memory leak or buffer overflow in UltraJSON [CVE-2026-32874, CVE-2026-32875]

Summary IBM Watson Speech Services Cartridge is vulnerable to a memory leak or buffer overflow in UltraJSON due to multiple issues CVE-2026-32874, CVE-2026-32875. UltraJSON is used in our speech runtimes. This vulnerabilitiy has been addressed. Please read the details for remediation below...

7.5CVSS6AI score0.00479EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/21 3:0 p.m.8 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a path traversal vulnerability in ONNX [CVE-2026-27489]

Summary BM Watson Speech Services Cartridge is vulnerable to a path traversal vulnerability in ONNX due to an issue in symlink that allows the package to read arbitrary files outside model or user-provided directory CVE-2026-27489. ONNX is used in our speech runtimes. This vulnerabilitiy has been...

8.7CVSS5.8AI score0.00593EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/21 2:56 p.m.10 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a security control bypass in ONNX [CVE-2026-28500]

Summary IBM Watson Speech Services Cartridge is vulnerable to a security control bypass in onnx.hub.load due to improper logic in the repository trust verification mechanismCVE-2026-28500. ONNX is used in our speech runtimes. This vulnerabilitiy has been addressed. Please read the details for...

9.1CVSS5.6AI score0.00318EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/21 2:46 p.m.11 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to an Uncontrolled Resource Consumption in pygments [CVE-2026-4539]

Summary IBM Watson Speech Services Cartridge is vulnerable to an Uncontrolled Resource Consumption in pygments, due to a flaw in function AdlLexer of the file pygments/lexers/archetype.py that results in inefficient regular expression complexity CVE-2026-4539. Pygments is used in our speech...

4.8CVSS5.3AI score0.00156EPSS
Exploits0Affected Software1
Rows per page
Query Builder