Lucene search
+L

337 matches found

Vulnrichment
Vulnrichment
added 2025/07/07 4:15 p.m.6 views

CVE-2025-36014 IBM Integration Bus for z/OS code injection

IBM Integration Bus for z/OS 10.1.0.0 through 10.1.0.5 is vulnerable to code injection by a privileged user with access to the IIB install directory...

8.2CVSS7.3AI score0.00217EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/07 4:15 p.m.16 views

CVE-2025-36014 IBM Integration Bus for z/OS code injection

IBM Integration Bus for z/OS 10.1.0.0 through 10.1.0.5 is vulnerable to code injection by a privileged user with access to the IIB install directory...

8.2CVSS0.00217EPSS
Exploits0References1
CVE
CVE
added 2025/07/07 4:15 p.m.37 views

CVE-2025-36014

CVE-2025-36014 affects IBM Integration Bus for z/OS, versions 10.1.0.0–10.1.0.5. The issue is a code injection vulnerability that can be exploited by a privileged user with access to the IIB install directory. The IBM bulletin identifies CWE-94 (Code Injection) and provides a CVSS v3.1 vector of ...

8.2CVSS6.7AI score0.00217EPSS
Exploits0References1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/07/07 12:11 p.m.6 views

Security Bulletin: IBM Integration Bus for z/OS is vulnerable to a privilege escalation attack ( CVE-2025-36014 )

Summary IBM Integration Bus for z/OS is vulnerable to a privilege escalation attack. Vulnerability Details CVEID:CVE-2025-36014 DESCRIPTION: IBM App Connect Enterprise Integration Bus is vulnerable to code injection by a privileged user with access to the IIB install directory. CWE:CWE-94: Improp...

8.2CVSS7.6AI score0.00217EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2025/07/07 12:0 a.m.7 views

IBM Integration Bus for z/OS 代码注入漏洞

IBM Integration Bus for z/OS is an enterprise service bus product from International Business Machines IBM that runs on z/OS systems. A code injection vulnerability exists in IBM Integration Bus for z/OS versions 10.1.0.0 through 10.1.0.5, which originates from privileged user executable code...

8.2CVSS7.2AI score0.00217EPSS
Exploits0References3
CNVD
CNVD
added 2025/06/11 12:0 a.m.8 views

IBM Db2 Denial of Service Vulnerability (CNVD-2025-12295)

IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. A denial of service vulnerability exists in IBM Db2, which can be exploited by an attacker to cause a...

7.5CVSS6.5AI score0.00283EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/06/09 11:53 a.m.8 views

Security Bulletin: IBM Java: Two OpenJ9 internal ASCII to EBCDIC string wrapper vulnerabilities on z/OS (CVE-2025-1470,CVE-2025-1471,CWE-787)

Summary IBM Java: Two OpenJ9 internal ASCII to EBCDIC string wrapper vulnerabilities on z/OS CVE-2025-1470,CVE-2025-1471,CWE-787 Vulnerability Details CVEID:CVE-2025-1470 DESCRIPTION: In Eclipse OMR, from the initial contribution to version 0.4.0, some OMR internal port library and utilities...

7.8CVSS8.2AI score0.00173EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2025/05/29 12:0 a.m.4 views

IBM Db2 安全漏洞

IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. IBM Db2 suffers from a Resource Management Error vulnerability that stems from improper allocation of C...

6.5CVSS6.7AI score0.00303EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 12:38 p.m.4 views

CVE-2010-1182

Multiple unspecified vulnerabilities in the administrative console in IBM WebSphere Application Server WAS 7.0.x before 7.0.0.9 on z/OS have unknown impact and attack vectors...

7.5CVSS6.9AI score0.01607EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/05/21 5:9 a.m.17 views

Security Bulletin: IBM Integration Bus for z/OS is vulnerable to Incomplete Cleanup and Improper Encoding or Escaping of Output due to Apache Tomcat (CVE-2025-31650 & CVE-2025-31651)

Summary IBM Integration Bus for z/OS is vulnerable to Incomplete Cleanup and Improper Encoding or Escaping of Output due to Apache Tomcat. Vulnerability Details CVEID:CVE-2025-31650 DESCRIPTION: Improper Input Validation vulnerability in Apache Tomcat. Incorrect error handling for some invalid HT...

9.8CVSS7.2AI score0.66933EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/05/08 2:28 p.m.24 views

Security Bulletin: IBM Integration Bus for z/OS is vulnerable to NULL Pointer Dereference and Out-of-bounds Write due to IBM Java ( CVE-2025-1470 & CVE-2025-1471)

Summary IBM Integration Bus for z/OS runtime is vulnerable to NULL Pointer Dereference and Out-of-bounds Write due to IBM Java. Vulnerability Details CVEID:CVE-2025-1470 DESCRIPTION: In Eclipse OMR, from the initial contribution to version 0.4.0, some OMR internal port library and utilities...

7.8CVSS6.6AI score0.00173EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/05/08 9:16 a.m.15 views

Security Bulletin: The IBM® Engineering Lifecycle Engineering products using IBM Java: Two OpenJ9 internal ASCII to EBCDIC string wrapper has vulnerabilities on z/OS (CVE-2025-1470, CVE-2025-1471)

Summary IBM WebSphere Application Server is vulnerable to server-side request forgery. Following IBM® Engineering Lifecycle Engineering products are vulnerable to this attack, it has been addressed in this bulletin: IBM Engineering Test Management, IBM Engineering Lifecycle Optimization -...

7.8CVSS6.3AI score0.00173EPSS
Exploits0Affected Software1
NVD
NVD
added 2025/05/05 9:15 p.m.15 views

CVE-2025-1000

IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server 11.5.0 through 11.5.9 and 12.1.0 through 12.1.1 could allow an authenticated user to cause a denial of service when connecting to a z/OS database due to improper handling of automatic client rerouting...

6.5CVSS0.00315EPSS
Exploits0References2
OSV
OSV
added 2025/05/05 9:15 p.m.4 views

CVE-2025-1000

IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server 11.5.0 through 11.5.9 and 12.1.0 through 12.1.1 could allow an authenticated user to cause a denial of service when connecting to a z/OS database due to improper handling of automatic client rerouting...

6.5CVSS5.8AI score0.00315EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/05/05 8:55 p.m.13 views

CVE-2025-1000 IBM Db2 denial of service

IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server 11.5.0 through 11.5.9 and 12.1.0 through 12.1.1 could allow an authenticated user to cause a denial of service when connecting to a z/OS database due to improper handling of automatic client rerouting...

5.3CVSS6.6AI score0.00315EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/05 8:55 p.m.25 views

CVE-2025-1000 IBM Db2 denial of service

IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server 11.5.0 through 11.5.9 and 12.1.0 through 12.1.1 could allow an authenticated user to cause a denial of service when connecting to a z/OS database due to improper handling of automatic client rerouting...

5.3CVSS0.00315EPSS
Exploits0References1
CVE
CVE
added 2025/05/05 8:55 p.m.76 views

CVE-2025-1000

CVE-2025-1000 (IBM Db2) affects IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0–11.5.9 and 12.1.0–12.1.1. An authenticated user can cause a denial of service when connecting to a z/OS database due to improper handling of automatic client rerouting. The IBM security bullet...

6.5CVSS6.8AI score0.00315EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/05/05 12:0 a.m.7 views

PT-2025-19799 · Ibm · Ibm Db2

Name of the Vulnerable Software and Affected Versions: IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server versions 11.5.0 through 11.5.9 IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server versions 12.1.0 through 12.1.1 Description: The issue allows an authenticated user ...

6.5CVSS6.1AI score0.00315EPSS
Exploits0References8
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 3:18 a.m.27 views

Security Bulletin: IBM Integration Bus for z/OS is vulnerable to memory leaking, segmentation fault or heap-use-after-free due to Eclipse Mosquitto (CVE-2024-8376)

Summary IBM Integration Bus for z/OS is vulnerable to memory leaking, segmentation fault or heap-use-after-free due to Eclipse Mosquitto. Vulnerability Details CVEID:CVE-2024-8376 DESCRIPTION: In Eclipse Mosquitto up to version 2.0.18a, an attacker can achieve memory leaking, segmentation fault o...

7.5CVSS7.4AI score0.00743EPSS
Exploits0Affected Software1
NVD
NVD
added 2025/02/21 10:15 a.m.12 views

CVE-2025-1470

In Eclipse OMR, from the initial contribution to version 0.4.0, some OMR internal port library and utilities consumers of z/OS atoe functions do not check their return values for NULL memory pointers or for memory allocation failures. This can lead to NULL pointer dereference crashes. Beginning i...

5.5CVSS0.00165EPSS
Exploits0References3
Rows per page
Query Builder