Lucene search
K
IbmMost viewed

35608 matches found

IBM Security Bulletins
IBM Security Bulletins
•added 2022/09/02 7:54 p.m.•76 views

Security Bulletin: Information Disclosure and Denial of Service Vulnerabilities in the IBM Spectrum Protect Backup-Archive Client may affect IBM Spectrum Protect for Space Management (CVE-2022-22478, CVE-2022-22474)

Summary The IBM Spectrum Protect back-up archive client is vulnerable to information disclosure and denial of service vulnerabilities which may affect IBM Spectrum Protect for Space Management. Vulnerability Details CVEID:CVE-2022-22478 DESCRIPTION: IBM Spectrum Protect Client 8.1.0.0 through...

7.5CVSS6.3AI score0.0103EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2022/08/20 6:32 p.m.•76 views

Security Bulletin: Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak

Summary Security Bulletin: Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak Vulnerability Details CVEID:CVE-2021-3121 DESCRIPTION: An unspecified error with the lack of certain index validation, aka the skippy peanut butter issue in GoGo Protobuf has an...

8.6CVSS9.4AI score0.51733EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2022/08/20 12:54 a.m.•76 views

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Cisco MDS Directors and switches (CVE-2015-3193, CVE-2015-3194, CVE-2015-3195, CVE-2015-3196, CVE-2015-1794)

Summary OpenSSL vulnerabilities were disclosed on December 3, 2015 by the OpenSSL Project. OpenSSL is used by IBM Cisco MDS Directors and switches. IBM Cisco MDS Directors and switches has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2015-3193 DESCRIPTION: OpenSSL could allow a...

7.5CVSS7.3AI score0.44016EPSS
Exploits1Affected Software10
IBM Security Bulletins
IBM Security Bulletins
•added 2022/07/25 7:50 a.m.•76 views

Security Bulletin: IBM Common Licensing is vulnerable by a remote code attack in Spring Framework and Apache Commons(CVE-2022-22970,CVE-2022-22971,CVE-2022-33980)

Summary IBM Common Licensing is vulnerable to a remote code execution in Spring Framework CVE-2022-22970,CVE-2022-22971 as it does have Spring Framework versions 5.3.0 to 5.3.20, 5.2.0 to 5.2.22, and older versions. IBM Common Licensing is vulnerable to a remote code execution in Apache Commons...

9.8CVSS8.9AI score0.42646EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2022/07/11 4:0 p.m.•76 views

Security Bulletin: IBM i Modernization Engine for Lifecycle Integration is vulnerable to multiple vulnerabilities

Summary There are multiple vulnerabilities in components of IBM i Modernization Engine for Lifecycle Integration as described in the Vulnerability Details section. Guava, Red Hat Single Sign-On, Springfox and Spring Security could allow a remote attacker to bypass security restrictions...

9.8CVSS0.9AI score0.99677EPSS
Exploits119Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2022/06/14 10:23 p.m.•76 views

Security Bulletin: Multiple Security Vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM OpenPages with Watson (CVE-2021-45105, CVE-2021-44832)

Summary IBM WebSphere Application Server is shipped as a component of IBM OpenPages with Watson. Information about security vulnerabilities affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the...

8.5CVSS2.7AI score0.99999EPSS
Exploits22Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2022/02/23 7:48 p.m.•76 views

Security Bulletin: A vulnerability in net-snmp affects IBM Security Network Intrusion Prevention System (CVE-2014-3565)

Summary The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol SNMP.One security vulnerability has been discovered in net-snmp used with IBM Security Network Intrusion Prevention System. Vulnerability Details CVEID: CVE-2014-3565 DESCRIPTION: Net-SNMP...

5CVSS8.3AI score0.04619EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2021/11/08 2:32 p.m.•76 views

Security Bulletin: IBM Safer Payments v5.7 to v6.3 releases are affected by an OpenSSL Security Advisory (CVE-2021-3711)

Summary IBM Safer Payments v5.7, v6.0, v6.1, v6.2, v6.3 are affected by an OpenSSL Security Advisory. IBM Safer Payments has resolved this vulnerability. Vulnerability Details CVEID: CVE-2021-3711 DESCRIPTION: OpenSSL is vulnerable to a buffer overflow, caused by improper bounds checking by the...

9.8CVSS9.9AI score0.87816EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2021/09/15 12:53 p.m.•76 views

Security Bulletin: IBM has released AIX and VIOS iFixes in response to the vulnerabilities known as Spectre and Meltdown.

Summary IBM has released the following fixes for AIX and VIOS in response to CVE-2017-5715, CVE-2017-5753, and CVE-2017-5754. Vulnerability Details CVEID: CVE-2017-5715 CVEID: CVE-2017-5753 CVEID: CVE-2017-5754 iFixes released on August 17, 2018: Updated AIX and VIOS fixes for CVE-2017-5715, know...

5.6CVSS0.93838EPSS
Exploits15Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2020/11/19 9:27 p.m.•76 views

Security Bulletin: Vulnerability CVE-2020-4788 in the IBM Power9 processor affects IBM i

Summary The IBM Power9 processor is used on IBM i. IBM i has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2020-4788 DESCRIPTION: IBM Power9 processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. CVSS Bas...

5.1CVSS1AI score0.00387EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2020/02/05 12:9 a.m.•76 views

Security Bulletin: Vulnerabilities in OpenSSL including Logjam affect Rational Application Developer for WebSphere Software (CVE-2015-1791, CVE-2015-1792, CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790)

Summary OpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. This includes Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol CVE-2015-4000. OpenSSL is used by IBM SDK for Node.js for the Cordova tools in Rational Application Developer fo...

7.5CVSS1AI score0.9986EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2019/01/30 8:35 a.m.•76 views

Security Bulletin: Flex System Integrated Management Module 2 (IMM2) is affected by vulnerabilities in OpenSSL (CVE-2014-0160 and CVE-2014-0076)

Summary Security vulnerabilities have been discovered in OpenSSL. Vulnerability Details Abstract Security vulnerabilities have been discovered in OpenSSL. Content Vulnerability Details: CVE ID: CVE-2014-0160 Description: OpenSSL could allow a remote attacker to obtain sensitive information, cause...

7.5CVSS0.5AI score0.99999EPSS
Exploits88
IBM Security Bulletins
IBM Security Bulletins
•added 2018/06/17 2:50 p.m.•76 views

Security Bulletin: IBM Tivoli Workload Scheduler (CVE-2014-6271, CVE-2014-7169)

Summary IBM Tivoli Workload Scheduler is not vulnerable to CVE-2014-6271 or CVE-2014-7169 Bash vulnerability as shipped out of the box, but action could be required because Tivoli Workload Scheduler installation on AIX through Launchpad requires bash. Vulnerability Details CVE-2014-6271 and...

10CVSS0.6AI score0.99999EPSS
Exploits140Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2018/06/16 10:5 p.m.•76 views

Security Bulletin: IBM Security Access Manager Appliance is affected by OpenSSH vulnerabilities

Summary IBM Security Access Manager Appliance has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2016-10011 DESCRIPTION: OpenSSH could allow a local authenticated attacker to obtain sensitive information, caused by a privilege separation flaw. An attacker could exploit...

7.8CVSS1.1AI score0.88944EPSS
Exploits22Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2018/06/16 9:41 p.m.•76 views

Security Bulletin: Security Vulnerabilities in OpenSSL, glibc, gcc, Net-SNMP, and OpenSSH affect IBM Security Proventia Network Enterprise Scanner

Summary OpenSSL vulnerabilities were disclosed on December 3, 2015 by the OpenSSL Project. OpenSSL is used by IBM Security Proventia Network Enterprise Scanner. This bulletin addresses the applicable CVEs as well as other CVEs related to glibc, gcc, Net-SNMP, and OpenSSH. CVE-2015-5600,...

8.5CVSS0.8AI score0.83645EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2018/06/16 9:25 p.m.•76 views

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Security Access Manager for Web and IBM Tivoli Access Manager for e-business (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects IBM Security Access Manager for Web and IBM Tivoli Access Manager for e-business. Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain...

4.3CVSS1.2AI score0.9986EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2018/06/16 9:22 p.m.•76 views

Security Bulletin: GNU C library (glibc) vulnerability affects IBM Security Network Protection (CVE-2015-0235)

Summary GNU C library glibc vulnerability that has been referred to as GHOST affects IBM Security Network Protection. Vulnerability Details CVEID: CVE-2015-0235 DESCRIPTION: The gethostbyname functions of the GNU C Library glibc are vulnerable to a buffer overflow. By sending a specially crafted,...

10CVSS0.9AI score0.94859EPSS
Exploits29Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2025/04/29 2:10 a.m.•75 views

Security Bulletin: IBM Rational Build Forge 8.0.x is affected by Apache HTTP Server version used in it. (CVE-2021-31618, CVE-2020-13950, CVE-2019-17567, CVE-2020-26691, CVE-2021-26690, CVE-2020-13938, CVE-2021-30641, CVE-2020-35452)

Summary IBM Rational Build Forge version 8.0.x is affected by CVE-2021-31618, CVE-2020-13950, CVE-2019-17567, CVE-2020-26691, CVE-2021-26690, CVE-2020-13938, CVE-2021-30641, CVE-2020-35452 Vulnerability Details CVEID:CVE-2021-31618 DESCRIPTION: Apache HTTP Server is vulnerable to a denial of...

7.5CVSS7.8AI score0.65067EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2025/04/15 3:6 a.m.•75 views

Security Bulletin: IBM Concert Software is vulnerable to multiple issues

Summary IBM Concert Software uses multiple open source libraries which are susceptible to various security vulnerabilities. Vulnerability Details CVEID:CVE-2024-3154 DESCRIPTION: CRI-O could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by an arbitrary...

9.8CVSS9.8AI score0.99999EPSS
Exploits22Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2025/04/15 2:27 a.m.•75 views

Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities

Summary IBM QRadar SIEM includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. These have been addressed in the update. Vulnerability Details CVEID:CVE-2019-13224 DESCRIPTION: oniguruma is vulnerable to a denial of service, caused by ...

9.8CVSS9.6AI score0.27095EPSS
Exploits14Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2025/03/26 2:40 a.m.•75 views

Security Bulletin: Security vulnerability is addressed with IBM Cloud Pak for Business Automation iFixes for November 2022

Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 21.0.3-IF015 and 22.0.1-IF005. Vulnerability Details CVEID:CVE-2022-41735 DESCRIPTION: IBM Business Process Manager 21.0.1 throug...

8.2CVSS10AI score0.19653EPSS
Exploits5Affected Software2
IBM Security Bulletins
IBM Security Bulletins
•added 2025/01/28 10:8 p.m.•75 views

Security Bulletin: IBM App Connect Enterprise is vulnerable to a remote attack due to jsonpath-plus (CVE-2024-21534)

Summary IBM App Connect Enterprise Connector Discovery is vulnerable to a remote attack due to jsonpath-plus. Vulnerability Details CVEID:CVE-2024-21534 DESCRIPTION: Jsonpath-plus could allow a remote attacker to execute arbitrary code on the system, caused by improper input sanitization and unsa...

9.8CVSS7.3AI score0.09076EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/11/11 2:16 p.m.•75 views

Security Bulletin: Multiple Vulnerabilities have been identified in IBM MQ shipped with IBM WebSphere Remote Server

Summary IBM MQ is shipped with IBM WebSphere Remote Server. Information about security vulnerabilities affecting IBM MQ have been published in a security bulletin CVE-2024-21147, CVE-2024-21140, CVE-2024-21144, CVE-2024-21138, CVE-2023-50314 Vulnerability Details Refer to the security bulletins...

7.5CVSS9.8AI score0.01257EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/04/04 5:46 p.m.•75 views

Security Bulletin: IBM Tivoli Netcool Impact is vulnerable to a machine-in-the-middle attack due to Apache MINA SSHD (CVE-2023-48795)

Summary Apache MINA SSHD is shipped with IBM Tivoli Netcool Impact as part of the Command Line Manager service. Information about a security vulnerability affecting Apache MINA SSHD has been published in a security bulletin. Vulnerability Details CVEID:CVE-2023-48795 DESCRIPTION: OpenSSH is...

5.9CVSS6.5AI score0.9378EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/03/28 4:4 p.m.•75 views

Security Bulletin: Multiple vulnerabilities in IBM Semeru Runtime affect z/Transaction Processing Facility

Summary There are multiple vulnerabilities in IBM® Semeru Runtime Certified Edition 11 that is used by the z/TPF system. z/TPF has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2024-20918 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow...

7.5CVSS7.2AI score0.01026EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/03/28 3:34 p.m.•75 views

Security Bulletin: IBM Planning Analytics Workspace is affected by vulnerabilities in multiple Open Source Software (OSS) components

Summary There are vulnerabilities in multiple Open Source Software OSS components consumed by IBM Planning Analytics Workspace. IBM Planning Analytics Workspace 2.0 Release 94 has addressed the applicable CVEs by upgrading or removing the vulnerable libraries. Please refer to the table in the...

10CVSS9.3AI score0.99999EPSS
Exploits22Affected Software2
IBM Security Bulletins
IBM Security Bulletins
•added 2024/03/15 1:50 p.m.•75 views

Security Bulletin: IBM Instana Observability is affected by Vulnerabilities in Puma and Amazon Ion.

Summary Vulnerabilities in Puma and Amazon Ion were remediated in IBM Observability with Instana build 266. Vulnerability Details CVEID:CVE-2024-21647 DESCRIPTION: Puma is vulnerable to a denial of service, caused by incorrect behavior when parsing chunked transfer encoding bodies. By sending a...

7.5CVSS7.2AI score0.00958EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/02/05 6:51 p.m.•75 views

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Operator package issues

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Operator package issues. IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data has migrated to a new base image for the Operators used by our Speech Services. The following vulnerabilities...

10CVSS9.5AI score0.99999EPSS
Exploits25Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2023/12/07 10:45 p.m.•75 views

Security Bulletin: IBM Integrated Management Module II (IMM2) is affected by vulnerabilities in OpenSSH

Summary IBM Integrated Management Module II IMM2 has addressed the following vulnerabilities in OpenSSH. Vulnerability Details CVEID: CVE-2018-15473 DESCRIPTION: OpenSSH could allow a remote attacker to obtain sensitive information, caused by different responses to valid and invalid authenticatio...

7.8CVSS1.4AI score0.98631EPSS
Exploits26Affected Software3
IBM Security Bulletins
IBM Security Bulletins
•added 2023/11/15 1:42 p.m.•75 views

Security Bulletin: IBM Storage Protect Client and IBM Storage Protect for Space Management are vulnerable to denial of service due to CVEs in XStream (woodstox) (CVE-2022-40151, CVE-2022-40152)

Summary IBM Storage Protect Client and IBM Storage Protect for Space Management can be affected by security flaws in XStream woodstox. The flaws can lead to denial of service, as described in the "Vulnerability Details" section. Vulnerability Details CVEID:CVE-2022-40152 DESCRIPTION: XStream is...

7.5CVSS7.9AI score0.19653EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2023/07/24 8:57 p.m.•75 views

Security Bulletin: Google Guava is vulnerable to CVE-2023-2976 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses Google Guava which is vulnerable to CVE-2023-2976. Vulnerability Details CVEID:CVE-2023-2976 DESCRIPTION: Google Guava could allow a local authenticated attacker to obtain sensitive information, caused by a flaw with using Java's defau...

7.1CVSS6.1AI score0.00248EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2023/07/20 3:15 p.m.•75 views

Security Bulletin: IBM App Connect Enterprise Certified Container Dashboard operands are vulnerable to security restrictions bypass due to [CVE-2022-32221], [CVE-2023-27533], [CVE-2023-28322]

Summary cURL is present in the IBM App Connect Enterprise Certified Container Dashboard operand image. cURL is vulnerable to security restrictions bypass. This bulletin provides patch information to address the reported vulnerability in cURL. CVE-2022-32221, CVE-2023-27533, CVE-2023-28322...

9.8CVSS7.1AI score0.04325EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2023/06/06 9:17 p.m.•75 views

Security Bulletin: tensorflow-2.7.3-cp37 vulnerable to CVE-2022-41911 CVE-2022-41907 CVE-2022-41908 CVE-2022-41896 CVE-2022-41891 CVE-2022-41894 CVE-2022-41884 IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses tensorflow-2.7.3-cp37 vulnerable to CVE-2022-41911, CVE-2022-41907, CVE-2022-41908, CVE-2022-41896, CVE-2022-41891, CVE-2022-41894, CVE-2022-41884, CVE-2022-41898, CVE-2022-41888, CVE-2022-41897, CVE-2022-41880, CVE-2022-41889,...

9.8CVSS8AI score0.00579EPSS
Exploits21Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2023/03/23 10:37 p.m.•75 views

Security Bulletin: Multiple vulnerabilities in IBM Content Navigator may affect IBM Business Automation Workflow

Summary IBM Business Automation Workflow embeds a version of IBM Content Navigator that is vulnerable to denial of service attacks and missing authorization. Vulnerability Details CVEID:CVE-2022-40151 DESCRIPTION: XStream is vulnerable to a denial of service, caused by a stack-based buffer...

8.8CVSS7.6AI score0.19653EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2023/02/18 1:45 a.m.•75 views

Security Bulletin: Vulnerabilities in Network Security Services (NSS) affect the IBM FlashSystem models 840 and 900 (CVE-2016-1978)

Summary There is a vulnerability in open source Network Security Services NSS to which the IBM® FlashSystem™ 840 and IBM FlashSystem 900 are susceptible. An exploit of this vulnerability could allow a remote attacker to execute arbitrary code on the vulnerable system or cause a denial of service...

7.5CVSS8.3AI score0.02386EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2023/01/31 1:55 p.m.•75 views

Security Bulletin: A vulnerability in the IBM Java Runtime affects IBM Rational ClearCase (CVE-2022-21626)

Summary There are vulnerabilities in the IBM® Runtime Environment Java™ Versions 7 and 8, which is used by IBM Rational ClearCase. These issues were disclosed as part of the IBM Java SDK updates in Oct 2022 - Includes Oracle October 2022 CPU Vulnerability Details CVEID:CVE-2022-21626 DESCRIPTION:...

5.3CVSS5.9AI score0.01746EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2022/12/22 5:9 p.m.•75 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect AIX

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition, Versions 7, 7.1, 8 used by AIX. AIX has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2022-3676 DESCRIPTION: Eclipse Openj9 could allow a remote attacker to bypass security restrictions, caused by...

6.5CVSS6.6AI score0.03566EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
•added 2022/12/06 11:55 p.m.•75 views

Security Bulletin: IBM Content Navigator eFormPlugin is vulnerable to a denial of service attack (CVE-2022-40159, CVE-2022-40160)

Summary IBM Content Navigator eFormPlugin is vulnerable to a DoS attack. IBM Content Navigator has addressed the vulnerability as described below. CVE-2022-40159, CVE-2022-40160. Vulnerability Details CVEID: CVE-2022-40159 DESCRIPTION: JXPath is vulnerable to a denial of service, caused by a...

6.5CVSS7.3AI score0.01188EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2022/11/22 9:43 a.m.•75 views

Security Bulletin: Potential vulnerability in Apache Calcite Avatica affects IBM Operations Analytics - Log Analysis (CVE-2022-36364)

Summary Prior to version 1.22.0 vulnerability in Apache Calcite Avatica allow a remote attacker to execute arbitrary code on the system. This has been fixed. Vulnerability Details CVEID:CVE-2022-36364 DESCRIPTION: Apache Calcite Avatica could allow a remote attacker to execute arbitrary code on t...

8.8CVSS8.9AI score0.02276EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2022/09/26 4:23 a.m.•75 views

Security Bulletin: Storwize V7000 Unified V1.4.1.0 Includes Fixes for Multiple Vendor Security Vulnerabilities

Abstract Storwize V7000 Unified includes multiple software components for which the vendors have provided fixes for security vulnerabilities in such components. Content VULNERABILITY DETAILS: CVE ID: Vendor| Vendor ID| Vendor Title| Included CVEs ---|---|---|--- IBM| TSM 6.3.1.0| Two unauthorized...

10CVSS8.7AI score0.48298EPSS
Exploits28Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2022/09/25 10:39 p.m.•75 views

Security Bulletin: Potential Security Vulnerabilities fixed in IBM WebSphere Application Server 8.5.5

Abstract Cross reference list for security vulnernabilities fixed in IBM WebSphere Appplication Server Fix Pack 8.5.5 Content VULNERABILITY DETAILS: CVE ID:CVE-2013-0482 PM76582 DESCRIPTION: The WebSphere Application Server JAX-WS Web Services Security WS-Security run time could allow a network...

7.8CVSS7.9AI score0.35584EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2022/09/17 12:4 p.m.•75 views

Security Bulletin: Vulnerabilities in libcurl may affect IBM Spectrum Protect Plus (CVE-2021-22946, CVE-2022-27782, CVE-2022-27774, CVE-2022-22576, CVE-2021-22947, CVE-2022-27776)

Summary Vulnerabilities in libcurl such as bypassing security restrictions, obtaining sensitive information, and man-in-the-middle attacks may affect IBM Spectrum Protect Plus. Vulnerability Details CVEID:CVE-2021-22946 DESCRIPTION: cURL libcurl could allow a remote attacker to obtain sensitive...

8.1CVSS7.5AI score0.04224EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2022/08/15 9:35 p.m.•75 views

Security Bulletin: Multiple vulnerabilities in expat, glibc, http server, dojo, openssl shipped with IBM Cloud Pak System

Summary Multiple vulnerabilities in expat, glibc, http server, dojo, openssl shipped with Cloud Pak System. Cloud Pak System has addressed these vulnerabilities. Vulnerability Details CVEID:CVE-2021-46143 DESCRIPTION: Expat could allow a remote attacker to execute arbitrary code on the system,...

9.8CVSS10AI score0.97108EPSS
Exploits12Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2022/08/08 3:42 p.m.•75 views

Security Bulletin: Vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8, that is used by IBM Workload Scheduler.

Summary Vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8, that is used by IBM Workload Scheduler. This issue was disclosed as part of the Oracle October 2021 Critical Patch Update. Vulnerability Details CVEID:CVE-2021-35586 DESCRIPTION: An unspecified vulnerability in Java SE relat...

9.8CVSS8.1AI score0.14839EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2022/08/08 8:16 a.m.•75 views

Security Bulletin: IBM Security SiteProtector System is affected by multiple Apache HTTP Server Vulnerabilities

Summary Apache HTTP Server provides HTTP services for SiteProtector. IBM Security SiteProtector System has addressed the following vulnerabilities in an express update CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-26377, CVE-2022-31813 and CVE-2022-30556 : Vulnerability Details...

9.8CVSS8.9AI score0.19008EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2022/06/30 6:55 a.m.•75 views

Security Bulletin: Multiple security vulnerabilities have been identified in IBM HTTP Server shipped with IBM Rational ClearCase (CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-26377, CVE-2022-31813, CVE-2022-30556)

Summary IBM HTTP Server IHS is shipped as a component of IBM Rational ClearCase. Information about a security vulnerability affecting IHS has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and...

9.8CVSS0.8AI score0.19008EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2022/06/14 3:48 p.m.•75 views

Security Bulletin: Netcool Operations Insight v1.6.4 contains fixes for multiple security vulnerabilities.

Summary Netcool Operations Insight v1.6.4 contains fixes for multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details CVEID: CVE-2021-23450 DESCRIPTION: Dojo could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution in the...

9.8CVSS8.1AI score0.30367EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2022/06/10 4:27 p.m.•75 views

Security Bulletin: IBM App Connect Enterprise & IBM Integration Bus are vulnerable to a denial of service, due to OpenSSL (CVE-2022-0778)

Summary IBM App Connect Enterprise & IBM Integration Bus are vulnerable to a denial of service, due to OpenSSL CVE-2022-0778. This affects the version of node.js and DataDirect ODBC driver shipped with IBM App Connect Enterprise and IBM Integration Bus. The fix includes OpenSSL 1.1.1n Vulnerabili...

7.5CVSS1.7AI score0.70561EPSS
Exploits2Affected Software2
IBM Security Bulletins
IBM Security Bulletins
•added 2022/06/01 3:37 p.m.•75 views

Security Bulletin: IBM Informix Dynamic Server is affected to denial of service due to FasterXML jackson-databind (CVE-2020-36518)

Summary There is a denial of service vulnerability in FasterXML jackson-databind CVE-2020-36518 open source library included in IBM Informix Dynamic Server for IBM InformixHQ. FasterXML jackson-databind 2.13.2.2 resolves the vulnerability. Vulnerability Details CVEID: CVE-2020-36518 DESCRIPTION:...

7.5CVSS8AI score0.0486EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2022/05/23 4:47 p.m.•75 views

Security Bulletin: Security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Security Identity Manager

Summary IBM WebSphere Application Server WAS is shipped with IBM Security Identity Manager ISIM. Information about security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the...

9.8CVSS2.5AI score0.30367EPSS
Exploits1Affected Software1
Total number of security vulnerabilities5000