Lucene search
K

206 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2024/09/25 7:1 p.m.41 views

Security Bulletin: Vulnerabilities in netplex JSON Smart affect watsonx.data

Summary Netplex JSON Smart is vulnerable to a denial of service, caused by either a flaw in the indexOf function of JSONParserByteArray or by not limiting the nesting of arrays or objects. This can affect watsonx.data. Vulnerability Details CVEID:CVE-2021-31684 DESCRIPTION: netplex JSON Smart is...

7.5CVSS8.3AI score0.023EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/25 7:0 p.m.30 views

Security Bulletin: Vulnerability in Guava affects IBM watsonx.data

Summary Guava could allow a remote authenticated attacker to bypass security restrictions, caused by a temp directory creation vulnerability in com.google.common.io.Files.createTempDir. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass access...

3.3CVSS6.3AI score0.00964EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/25 7:0 p.m.21 views

Security Bulletin: Vulnerablity in Okio GzipSource affects watsonx.data

Summary Okio GzipSource is vulnerable to a denial of service, caused by unhandled exception. This can affect watsonx.data. Vulnerability Details CVEID:CVE-2023-3635 DESCRIPTION: Okio GzipSource is vulnerable to a denial of service, caused by unhandled exception. By sending a specially crafted gzi...

7.5CVSS7.4AI score0.01254EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/25 6:59 p.m.24 views

Security Bulletin: Vulnerability in pytest-dev py affects IBM watsonx.data

Summary pytest-dev py is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS flaw by the InfoSvnCommand argument. By sending a specially-crafted regex info data, a remote attacker could exploit this vulnerability to cause a denial of service condition. This c...

7.5CVSS7.8AI score0.01546EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/25 6:58 p.m.27 views

Security Bulletin: Vulnerability in Apache Solr affects IBM watsonx.data

Summary Apache Solr could allow a remote attacker to bypass security restrictions, caused by improper access control by the Configsets API. The checks in place to prevent such features can be circumvented by using a combination of UPLOAD/CREATE actions. This vulnerability can be exploited when...

9.8CVSS6.4AI score0.78874EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/25 6:57 p.m.26 views

Security Bulletin: Vulnerability in Google Guava affects IBM watsonx.data

Summary Google Guava could allow a local authenticated attacker to obtain sensitive information, caused by a flaw with using Java's default temporary directory for file creation in FileBackedOutputStream. By sending a specially crafted request, an attacker could exploit this vulnerability to acce...

7.1CVSS6.7AI score0.00248EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/25 6:56 p.m.23 views

Security Bulletin: Vulnerabilities in Protobuf-java affect IBM watsonx.data

Summary Protobuf-java core and lite are vulnerable to denial of service attacks which can affect watsonx.data. Vulnerability Details CVEID:CVE-2022-3171 DESCRIPTION: protobuf-java core and lite are vulnerable to a denial of service, caused by a flaw in the parsing procedure for binary and text...

7.5CVSS7.7AI score0.01048EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/25 6:55 p.m.27 views

Security Bulletin: Vulnerability in Protobuf-core affects IBM watsonx.data

Summary Protobuf-java core and lite are vulnerable to a denial of service, caused by a flaw in the parsing procedure for Message-Type Extensions. By sending non-repeated embedded messages with repeated or unknown fields, a remote authenticated attacker could exploit this vulnerability to cause lo...

7.5CVSS8.2AI score0.00483EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/25 6:55 p.m.45 views

Security Bulletin: Vulnerabilities in Netty affect watsonx.data

Summary Netty has multiple vulnerabilities such as HTTP request smuggling, weaker than expected security, and denial of service attacks. These can affect watsonx.data. Vulnerability Details CVEID:CVE-2019-20444 DESCRIPTION: Netty is vulnerable to HTTP request smuggling, caused by a flaw in the...

9.1CVSS9AI score0.13474EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/25 6:54 p.m.26 views

Security Bulletin: Vulnerability in Async Http Client affects IBM watsonx.data

Summary Async Http Client aka async-http-client could allow a remote attacker to bypass security restrictions, caused by the failure to parse the fragment identifier of the URL when handling '?' character. By using a specially-crafted URL with '?' character, an attacker could exploit this...

7.5CVSS7.5AI score0.03046EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/25 6:54 p.m.17 views

Security Bulletin: Vulnerability in Node.js affects IBM watsonx.data

Summary Node.js follow-redirects module could allow a remote authenticated attacker to obtain sensitive information, caused by the leakage of credentials when clearing authorization header during cross-domain redirect, but keeping the proxy-authentication header. An attacker could exploit this...

6.5CVSS6.7AI score0.01044EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/25 6:53 p.m.41 views

Security Bulletin: Vulnerabilities in Jettison affect IBM watsonx.data

Summary Jettison is vulerable to denial of service attacks. This can affect watsonx.data. Vulnerability Details CVEID:CVE-2022-40150 DESCRIPTION: jettison-json Jettison is vulnerable to a denial of service, caused by an out of memory flaw. By sending a specially-crafted XML or JSON data, a remote...

7.5CVSS8.6AI score0.01395EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/25 6:52 p.m.22 views

Security Bulletin: Vulnerability in PyArrow Affects IBM watsonx.data

Summary PyArrow could allow a remote authenticated attacker to execute arbitrary code on the system. This can affect IBM watsonx.data Vulnerability Details CVEID:CVE-2023-47248 DESCRIPTION: PyArrow could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an...

9.8CVSS9.6AI score0.14414EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/25 6:52 p.m.35 views

Security Bulletin: Vulnerability in Oracle MySQL Connectors Affects IBM watsonx.data

Summary An unspecified vulnerability in Oracle MySQL Connectors related to the Connector/J component could allow a remote attacker to cause high confidentiality, integrity and availability impacts. This can affect IBM watsonx.data. Vulnerability Details CVEID:CVE-2023-22102 DESCRIPTION: An...

8.3CVSS8.2AI score0.00872EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/25 6:50 p.m.34 views

Security Bulletin: Vulnerabilityies in Google Guava affect IBM watsonx.data

Summary Google Guava has vulnerabilities that could allow a local authenticated attacker to obtain sensitive information, allow a remote authenticated attacker to bypass security restrictions and be vulnerable to demial of service attacks. This can affect watsonx.data. Vulnerability Details...

7.1CVSS7.9AI score0.05119EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/25 6:48 p.m.23 views

Security Bulletin: Vulnerabilities in Netty affect IBM watsonx.data

Summary Netty is vulnerable to a denial of service attcaks and could allow a local authenticated attacker to obtain sensitive information. This can affect watsonx.data. Vulnerability Details CVEID:CVE-2023-34462 DESCRIPTION: Netty is vulnerable to a denial of service, caused by a flaw with...

6.5CVSS7.5AI score0.02459EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/25 6:46 p.m.41 views

Security Bulletin: Vulnerabilities in Apache ZooKeeper affect IBM watsonx.data

Summary Apache ZooKeeper could allow a remote authenticated attacker to obtain sensitive information or allow a remote attacker to bypass security restrictions. These can affect IBM watsonx.data. Vulnerability Details CVEID:CVE-2024-23944 DESCRIPTION: Apache ZooKeeper could allow a remote...

9.1CVSS7.8AI score0.01713EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/25 6:0 p.m.13 views

Security Bulletin: Vulnerability in Apache Tomcat affects IBM watsonx.data

Summary Apache Tomcat is vulnerable to a denial of service, caused by a flaw when processing an HTTP/2 stream. By sending specially crafted HTTP headers, a remote attacker could exploit this vulnerability to cause a denial of service condition. This can affect watsonx.data. Vulnerability Details...

7.5CVSS7.4AI score0.04602EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/25 6:0 p.m.9 views

Security Bulletin: Vulnerability in dnsjava affects IBM watsonx.data

Summary dnsjava could allow a remote attacker to bypass security restrictions, caused by improper response validation. By sending a specially crafted request, an attacker could exploit this vulnerability to perform DNSSEC bypass. This may affect watsonx.data. Vulnerability Details...

8.9CVSS8.7AI score0.00392EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/25 5:59 p.m.19 views

Security Bulletin: Vulnerability in Gorilla Web Toolkit affects IBM watsonx.data

Summary Gorilla web toolkit schema is vulnerable to a denial of service, caused by a memory exhaustion flaw due to sparse slice deserialization. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. This can affect...

7.5CVSS7.5AI score0.01105EPSS
Exploits0Affected Software1
Rows per page
Query Builder