13216 matches found
Security Bulletin: The IBM® Engineering Lifecycle Management products using WebSphere Application Server could provide weaker than expected security due to crypto.js (CVE-2020-36732)
Summary A vulnerability in crypto.js library affects IBM WebSphere Application Server Liberty with the openidConnectServer-1.0 feature enabled. Following IBM® Engineering Lifecycle Management products are vulnerable to this attack, and addressed in this bulletin: Global Configuration Management,...
Security Bulletin: Multiple vulnerabilities reported in YAJSW service shipped in IBM WebSphere eXtreme Scale Liberty Deployment
Summary YAJSWYet Another Java Service Wrapper uses Apache Commons and Netty to manage services, launch and monitor application etc. WebSphere eXtreme Scale Liberty deployments, uses YAJSW to register services with the operating system. CVE-2025-27553, CVE-2025-30474 and CVE-2025-25193...
IBM WebSphere eXtreme Scale 8.6.1.0 < 8.6.1.6 (7247893)
The version of IBM WebSphere eXtreme Scale installed on the remote host is prior to 8.6.1.6 IBM. It is, therefore, affected by a vulnerability as referenced in the 7247893 advisory. - Relative Path Traversal vulnerability in Apache Commons VFS before 2.10.0. The FileObject API in Commons VFS has ...
Security Bulletin: Security vulnerabilities may affect IBM WebSphere Liberty that is shipped with IBM CICS TX Standard.
Summary Security vulnerabilities may affect IBM WebSphere Liberty that is shipped with IBM CICS TX Standard. An update to IBM CICS TX Standard has been released to address these. Vulnerability Details CVEID:CVE-2025-48976 DESCRIPTION: Allocation of resources for multipart headers with insufficien...
Security Bulletin: Security vulnerabilities may affect IBM WebSphere Liberty that is shipped with IBM CICS TX Advanced.
Summary Security vulnerabilities may affect IBM WebSphere Liberty that is shipped with IBM CICS TX Advanced. An update to IBM CICS TX Advanced has been released to address these. Vulnerability Details CVEID:CVE-2025-36124 DESCRIPTION: IBM WebSphere Application Server Liberty 17.0.0.3 through...
Security Bulletin: Security vulnerabilities may affect IBM WebSphere Liberty that is shipped with TXSeries for Multiplatforms.
Summary Security vulnerabilities may affect IBM WebSphere Liberty that is shipped with TXSeries for Multiplatforms. An update to TXSeries for Multiplatforms has been released to address these. Vulnerability Details CVEID:CVE-2025-36000 DESCRIPTION: IBM WebSphere Application Server Liberty 17.0.0....
Security Bulletin: Vulnerability in IBM WebSphere Application (CVE-2025-36097) affects IBM PowerVM Novalink.
Summary IBM WebSphere Libery Profile is used by IBM PowerVM Novalink. IBM PowerVM Novalink has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2025-36097 DESCRIPTION: IBM WebSphere Application Server 9.0 and WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.7 are vulnerab...
Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by a denial of service (CVE-2025-36099)
Summary IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by a denial of service vulnerability. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products and...
Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM Enterprise Application Runtimes, is affected by a denial of service (CVE-2025-36099)
Summary IBM WebSphere Application Server, which is bundled with IBM Enterprise Application Runtimes, is affected by a denial of service vulnerability. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products and...
Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM WebSphere Hybrid Edition, is affected by a denial of service (CVE-2025-36099)
Summary IBM WebSphere Application Server, which is bundled with IBM WebSphere Hybrid Edition, is affected by a denial of service vulnerability. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products and...
Security Bulletin: IBM Rational® Application Developer for WebSphere® Software is vulnerable to a remote attack to take over Java SE
Summary IBM® SDK, Java™ Technology Edition, is used by IBM Rational® Application Developer for WebSphere® Software as the runtime and development kit. CVE-2025-50106 Vulnerability Details CVEID:CVE-2025-50106 DESCRIPTION: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM...
Security Bulletin: WebSphere Application Server Liberty could allow a remote attacker to bypass security restrictions (CVE-2024-56339)
Summary WebSphere Application Server Liberty could allow a remote attacker to bypass security restrictions Vulnerability Details CVEID:CVE-2024-56339 DESCRIPTION: IBM WebSphere Application Server 9.0 and WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.7 could allow a remote attacker ...
Security Bulletin:IBM WebSphere Application Server Liberty shipped with IBM OpenPages is vulnerable to multiple vulnerabilities
Summary IBM WebSphere Application Server Liberty is shipped as a supporting program of IBM OpenPages. Information about multiple vulnerabilities affecting IBM WebSphere Application Server Liberty has been published in a security bulletin. These products have addressed the applicable CVEs. For a...
Security Bulletin: IBM Maximo Application Suite - Predict Component uses WebSphere Application Server could allow a remote attacker to bypass security restrcitions.
Summary Security Bulletin: IBM Maximo Application Suite - Predict Component uses WebSphere Application Server could allow a remote attacker to bypass security restrcitions. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-56339...
Security Bulletin: IBM Maximo Application Suite - Predict Component uses WebSphere Application Server are vulnerable to denial of service.
Summary Security Bulletin: IBM Maximo Application Suite - Predict Component uses WebSphere Application Server are vulnerable to denial of service.This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-36097 DESCRIPTION: IBM WebSphere...
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2025-36099)
Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Industry Solutions including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas, and Maximo for Utilities, Maximo Adapter for Primavera,...
EUVD-2000-0648
Malware in sbrugna...
EUVD-2021-16316
Malware in sbrugna...
EUVD-2013-2968
Malware in sbrugna...
EUVD-2014-6052
Malware in sbrugna...