Lucene search
K

206 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/01/30 12:42 p.m.19 views

Security Bulletin: Vulnerability in snappy-java affects watsonx.data

Summary snappy-java is vulnerable to denial of service attacks, which could affect watsonx.data. Vulnerability Details CVEID:CVE-2023-34453 DESCRIPTION: snappy-java is vulnerable to a denial of service, caused by an integer overflow in the shuffle function. By sending a specially crafted request,...

7.5CVSS6.8AI score0.01707EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/30 11:29 a.m.19 views

Security Bulletin: Vulnerability in expressjs serve-static affects watsonx.data

Summary expressjs serve-static is vulnerable to cross-site scripting, and this could affect watsonx.data. Vulnerability Details CVEID:CVE-2024-43800 DESCRIPTION: expressjs serve-static is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker...

5CVSS6.1AI score0.00595EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/30 11:26 a.m.8 views

Security Bulletin: Vulnerability in VMware Tanzu Spring Security affects watsonx.data

Summary VMware Tanzu Spring Security could allow a remote attacker to obtain sensitive information, which could affect watsonx.data. Vulnerability Details CVEID:CVE-2024-38810 DESCRIPTION: VMware Tanzu Spring Security could allow a remote attacker to obtain sensitive information, caused by missin...

7.5CVSS6.3AI score0.00432EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/30 11:11 a.m.8 views

Security Bulletin: Vulnerability in Psf Requests affects watsonx.data

Summary Psf Requests is vulnerable to bypass security restrictions, which could affect watsonx.data. Vulnerability Details CVEID:CVE-2024-35195 DESCRIPTION: Psf Requests could allow a local authenticated attacker to bypass security restrictions, caused by an incorrect control flow implementation...

5.6CVSS6.2AI score0.0034EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/30 11:8 a.m.30 views

Security Bulletin: Vulnerabilities in jQuery affect watsonx.data

Summary jQuery is vulnerable to cross site scripting attacks and to untrusted code execution attacks. These could affect watsonx.data. Vulnerability Details CVEID:CVE-2015-9251 DESCRIPTION: jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remot...

6.9CVSS6.9AI score0.99019EPSS
Exploits15Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/30 11:4 a.m.10 views

Security Bulletin: Vulnerabiity in Async Http Client affects watsonx.data

Summary Async Http Client aka async-http-client could allow a remote attacker to bypass security restrictions. This could affect watsonx.data. Vulnerability Details CVEID:CVE-2017-14063 DESCRIPTION: Async Http Client aka async-http-client could allow a remote attacker to bypass security...

7.5CVSS6.5AI score0.03046EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/30 7:2 a.m.12 views

Security Bulletin: Vulnerability in zipp affects watsonx.data

Summary zipp is vulnerable to a denial of service attack, which could affect watsonx.data. Vulnerability Details CVEID:CVE-2024-5569 DESCRIPTION: zipp is vulnerable to a denial of service, caused by an infinite loop flaw in the Path module. By using a specially crafted zip file, a local attacker...

6.2CVSS6.2AI score0.00236EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/29 5:38 p.m.21 views

Security Bulletin: Vulnerabilities in zlib can affect watsonx.data

Summary zlib is vulnerable to denial of service attacks. This can affect watsonx.data. Vulnerability Details CVEID:CVE-2016-9842 DESCRIPTION: zlib is vulnerable to a denial of service, caused by an undefined left shift of negative number. By persuading a victim to open a specially crafted documen...

8.8CVSS9.3AI score0.05161EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/25 7:9 p.m.45 views

Security Bulletin: Vulnerability in Python affects IBM watsonx.data

Summary Requests have been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This is a product of how we use rebuildproxies to reattach the Proxy-Authorization header to requests. For HTTP connections sent through the tunnel, the proxy will identify...

6.1CVSS7.2AI score0.02974EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/25 7:7 p.m.28 views

Security Bulletin: Vulnerabilities in gRPC affect watsonx.data

Summary gRPC is vulnerable to a denial of service attack as well as possibly allowing a remote attack to obtain sensitive information. This can affect watsonx.data. Vulnerability Details CVEID:CVE-2023-1428 DESCRIPTION: gRPC is vulnerable to a denial of service. By sending a specially crafted...

7.5CVSS7.7AI score0.00502EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/25 7:7 p.m.48 views

Security Bulletin: Vulnerabilities in Google Protocol Buffers affect IBM watsonx.data

Summary Google Protocol Buffers and protobuf-java core and lite have multiple vulnerabilities that can affect watsonx.data. These vulnerablities include denail of service attacks and remote code executions, Vulnerability Details CVEID:CVE-2015-5237 DESCRIPTION: Google Protocol Buffers could allow...

8.8CVSS8.5AI score0.05106EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/25 7:6 p.m.41 views

Security Bulletin: Vulnerabilities in Netty affect IBM watsonx.data

Summary Netty is vulnerable to HTTP request smuggling and weaker than expected security. These can affect watsonx.data. Vulnerability Details CVEID:CVE-2019-20444 DESCRIPTION: Netty is vulnerable to HTTP request smuggling, caused by a flaw in the HttpObjectDecoder.java. By sending a...

9.1CVSS9.1AI score0.13474EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/25 7:6 p.m.45 views

Security Bulletin: Vulnerabilities in FasterXML jackson-databind and other packages affect IBM watsonx.data

Summary FasterXML jackson-databind, multiple Huawei products, multiple Oracle products, Guava, Google Protocol Buffers, protobuf-core, Netty, JetBrains Kotlin, netplex JSON Smart, Jettison, Eclipse Jetty, SnakeYaml and Perl have vulnerabilities that can affect watsonx.data. Vulnerability Details...

10CVSS10AI score0.49727EPSS
Exploits10Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/25 7:5 p.m.20 views

Security Bulletin: Vulnerability in Okio GzipSource affects watsonx.data

Summary Okio GzipSource is vulnerable to a denial of service, caused by unhandled exception. This can affect watsonx.data. Vulnerability Details CVEID:CVE-2023-3635 DESCRIPTION: Okio GzipSource is vulnerable to a denial of service, caused by unhandled exception. By sending a specially crafted gzi...

7.5CVSS7.4AI score0.01077EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/25 7:5 p.m.24 views

Security Bulletin: Vulnerability in Jettison affects IBM watsonx.data

Summary Jettison is vulnerable to a denial of service, caused by an infinite recursion when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. A remote attacker could exploit this vulnerability to cause a denial of service. This can affect...

7.5CVSS8.3AI score0.01009EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/25 7:4 p.m.29 views

Security Bulletin: Vulnerabilities in Logback, Guava and Apache HTTPClient affect IBM watsonx.data

Summary Logback, Guava and Apache HTTPClient have vulnerabilties that can affect watsonx.data. These vulnerabilities include remote attacks to bypass security restrictions and remote authenticated attacker to execute arbitrary code on the system. Vulnerability Details CVEID:CVE-2021-42550...

8.5CVSS8.2AI score0.08665EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/25 7:3 p.m.31 views

Security Bulletin: Vulnerability in Eclipse Jetty affects IBM watsonx.data

Summary Eclipse Jetty is vulnerable to a denial of service, caused by an integer overflow and buffer allocation in MetaDataBuilder.checkSize. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. This can affect...

7.5CVSS8.3AI score0.03754EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/25 7:3 p.m.40 views

Security Bulletin: Vulnerabilities in Protobuf-java affect IBM watsonx.data

Summary Protobuf-java core and lite are vulnerable to a denial of service attacks which can affect watsonx.data. Vulnerability Details CVEID:CVE-2022-3171 DESCRIPTION: protobuf-java core and lite are vulnerable to a denial of service, caused by a flaw in the parsing procedure for binary and text...

7.5CVSS7.7AI score0.01048EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/25 7:2 p.m.44 views

Security Bulletin: Vulnerability in RabbitMQ Java Client affects IBM watsonx.data

Summary RabbitMQ Java Client is vulnerable to a denial of service, caused by no message size limit in maxBodyLebgth. By sending a specially crafted message, a remote attacker could exploit this vulnerability to cause a memory overflow, and results in a denial of service condition. This can affect...

7.5CVSS7.8AI score0.01061EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/25 7:2 p.m.22 views

Security Bulletin: Vulnerability in Async Http Client affects IBM watsonx.data

Summary Async Http Client aka async-http-client could allow a remote attacker to bypass security restrictions, caused by the failure to parse the fragment identifier of the URL when handling '?' character. By using a specially-crafted URL with '?' character, an attacker could exploit this...

7.5CVSS7.5AI score0.03046EPSS
Exploits0Affected Software1
Rows per page
Query Builder