Lucene search
K
IbmMost viewed

35598 matches found

IBM Security Bulletins
IBM Security Bulletins
•added 2023/02/02 4:36 p.m.•69 views

Security Bulletin: IBM Aspera High-Speed Transfer Server and Aspera High-Speed Transfer Endpoint has addressed multiple security vulnerabilities (CVE-2022-27774, CVE-2022-27775, CVE-2022-27776)

Summary This Security Bulletin addresses security vulnerabilities that have been remediated in IBM Aspera High-Speed Transfer Server 4.4.1 and Aspera High-Speed Transfer Endpoint 4.4.1 Vulnerability Details CVEID:CVE-2022-27774 DESCRIPTION: cURL libcurl could allow a remote attacker to obtain...

7.5CVSS7.3AI score0.03425EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2023/01/17 9:58 a.m.•69 views

Security Bulletin: There are multiple vulnerabilites that affect IBM Engineering Requirements Quality Assistant On-Premises (CVE-2021-22939, CVE-2021-22931, CVE-2020-7598)

Summary IBM Engineering Requirements Quality Assistant On-Premises affected by multiple vulnerabilites CVE-2021-22939, CVE-2021-22931, CVE-2020-7598 which allowed a remote attacker to exploit this vulnerability to add or modify properties of Object.prototype, connect to servers using an expired...

9.8CVSS7.9AI score0.21952EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2023/01/12 9:59 p.m.•69 views

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a heap-based buffer overflow in Vim (CVE-2022-1621)

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a heap-based buffer overflow in Vim CVE-2022-1621 caused by improper bounds checking in the vimstrncpy findword component. Vim is used as part of the base image included in our service components. Please read...

7.8CVSS8AI score0.02303EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2023/01/06 9:23 p.m.•69 views

Security Bulletin: Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak.

Summary Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak. Apache Commons is used by IBM Robotic Process Automation as part of the Watson NLP functionality CVE-2022-42889. Connect2id Nimbus JOSE+JWT is used by IBM Robotic Process Automation as part of the...

6.8CVSS9.9AI score0.99931EPSS
Exploits56Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2022/12/30 10:56 a.m.•69 views

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities

Summary IBM Cloud Transformation Advisor has addressed multiple security vulnerabilities including those in Node.js, IBM WebSphere Application Server Liberty and various other libraries. Vulnerability Details CVEID:CVE-2022-3171 DESCRIPTION: protobuf-java core and lite are vulnerable to a denial ...

6.8CVSS9.2AI score0.1593EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2022/12/05 7:0 p.m.•69 views

Security Bulletin: IBM Cloud Transformation Advisor is affected by multiple Node.js vulnerabilities

Summary IBM Cloud Transformation Advisor has addressed multiple Node.js vulnerabilities. Vulnerability Details CVEID:CVE-2021-22931 DESCRIPTION: Node.js could provide weaker than expected security, caused by missing input validation on hostnames returned by DNS servers. An attacker could exploit...

9.8CVSS9.4AI score0.37286EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2022/11/17 8:48 a.m.•69 views

Security Bulletin: The Community Edition of IBM ILOG CPLEX Optimization Studio is affected by multiple vulnerabilities in libcurl (CVE-2022-42915, CVE-2022-42916, CVE-2022-32221)

Summary The Community Edition of IBM ILOG CPLEX Optimization Studio on Windows platform only has addressed the following vulnerabilities. Vulnerability Details CVEID:CVE-2022-42915 DESCRIPTION: cURL libcurl is vulnerable to a denial of service, caused by a double-free flaw in the error/cleanup...

9.8CVSS9AI score0.04325EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2022/11/08 4:20 p.m.•69 views

Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities

Summary IBM Security Guardium has addressed the following vulnerabilities. Vulnerability Details CVEID:CVE-2021-31805 DESCRIPTION: Apache Struts could allow a remote attacker to execute arbitrary code on the system, caused by a double evaluation of tag attributes. By forcing OGNL evaluation of...

9.8CVSS7.9AI score0.85315EPSS
Exploits16Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2022/11/02 12:47 p.m.•69 views

Security Bulletin: IBM MQ is affected by multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 8

Summary Multiple vulnerabilities were found with IBM® Runtime Environment Java™ Technology Edition, Version 8 which is shipped with IBM MQ and used for Java & JMS client, AMQP, MQTT, MFT & MQIPT functionality. Vulnerability Details CVEID:CVE-2021-35561 DESCRIPTION: An unspecified vulnerability in...

5.3CVSS6.2AI score0.06468EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2022/09/26 3:31 a.m.•69 views

Security Bulletin: Potential Security Vulnerabilities fixed in IBM WebSphere Application Server 8.5.5.1

Abstract Cross reference list for security vulnerabilities fixed in IBM WebSphere Application Server Fix Pack 8.5.5.1 Content The following vulnerabilities have been fixed in IBM WebSphere Application Server Fix Pack 8.5.5.1 VULNERABILITY DETAILS: CVE ID:CVE-2013-0460PM72275 DESCRIPTION: WebSpher...

6.8CVSS8.8AI score0.29484EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2022/09/14 5:37 p.m.•69 views

Security Bulletin: IBM Call Center and Apache Struts Struts upgrade strategy (various CVEs, see below)

Summary Apache Struts is used by IBM Call Center as part of its web application framework used for creating Java EE web applications. It is vulnerable to various CVEs, listed below. We recommend upgrading to the latest supported version of Struts that was released as part of the latest FixPack 12...

10CVSS10AI score0.99998EPSS
Exploits122Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2022/08/11 9:14 a.m.•69 views

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for July 2022

Summary In addition to many updates of open source packages, the following security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 21.0.3-IF011 and 22.0.1-IF001. Vulnerability Details CVEID:CVE-2022-33987 DESCRIPTION: Node.js got module could allow a remote attacker to...

9.8CVSS9.3AI score0.70561EPSS
Exploits13Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2022/06/13 5:56 p.m.•69 views

Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect IBM WebSphere Application Server and IBM WebSphere Application Server Liberty due to April 2022 CPU plus deferred CVE-2022-21299

Summary There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. These might affect some configurations of IBM WebSphere Application Server traditional and IBM WebSphere...

5.3CVSS0.6AI score0.03458EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2022/05/17 5:53 a.m.•69 views

Security Bulletin: OpenSSL publicly disclosed vulnerability affects IBM MobileFirst Platform Foundation

Summary IBM MobileFirst Platform Foundation has addressed the following vulnerability by updating the version of OpenSSL Vulnerability Details CVEID: CVE-2022-0778 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a flaw in the BNmodsqrt function when parsing certificates. By...

7.5CVSS1AI score0.70561EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2022/05/10 11:16 p.m.•69 views

Security Bulletin: IBM SDK, Java Technology Edition, Security Update October 2021

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, 8 that are used by Rational Application Developer®. These issues were disclosed as part of the IBM Java SDK updates in October 2021. IBM 8 Fix SR7 FP5 8.0.7.5. Vulnerability Details CVEID: CVE-2021-41035 DESCRIPTION:...

9.8CVSS1.8AI score0.14839EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2022/04/20 8:52 a.m.•69 views

Security Bulletin: Vulnerability in Linux Kernel affects IBM Integrated Analytics System.

Summary Linux Kernel used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable CVECVE-2020-27777 . Vulnerability Details CVEID: CVE-2020-27777 DESCRIPTION: Linux Kernel for PowerPC could allow a local authenticated attacker to bypass security...

7.2CVSS1.6AI score0.00501EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2022/02/22 11:54 a.m.•69 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Content Collector for Email, Content Collector for File Systems, Content Collector for Microsoft SharePoint and Content Collector for IBM Connections

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 1.8 used by Content Collector for Email, Content Collector for File Systems, Content Collector for Microsoft SharePoint and Content Collector for IBM Connections. Vulnerability Details CVEID: CVE-2021-35560...

9.8CVSS7.1AI score0.06886EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2021/12/23 3:27 a.m.•69 views

Security Bulletin: IBM QRadar Network Security is NOT Affected by CVE-2021-4104, CVE-2021-44228, CVE-2021-45046 & CVE-2021-45105 exploits

Summary IBM QRadar Network Security is NOT Affected by CVE-2021-4104, CVE-2021-44228, CVE-2021-45046 & CVE-2021-45105 exploits. IBM QRadar Network Security uses WebSphere Liberty as application server. Liberty package contains log4j binaries, however they are not used by Liberty & IBM QRadar...

10CVSS0.8AI score0.99999EPSS
Exploits356Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2021/04/19 9:45 p.m.•69 views

Security Bulletin: Resilient is vulnerable to Using Components with Known Vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. Vulnerability Details CVEID: CVE-2019-0232 DESCRIPTION: When running on Windows with enableCmdLineArguments enabled, the CGI Servlet in Apache Tomcat 9.0.0.M1 to...

9.8CVSS0.99652EPSS
Exploits27Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2021/04/07 6:20 p.m.•69 views

Security Bulletin: IBM Watson OpenScale on Cloud Pak for Data is impacted by CVE-2020-14803, CVE-2020-27221

Summary IBM Watson OpenScale on Cloud Pak for Data has addressed CVE-2020-14803, CVE-2020-27221. Vulnerability Details CVEID: CVE-2020-14803 DESCRIPTION: An unspecified vulnerability in Java SE could allow an unauthenticated attacker to obtain sensitive information resulting in a low...

9.8CVSS1.6AI score0.03122EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2021/04/01 8:53 p.m.•69 views

Security Bulletin: Multiple vulnerabilities in Kubernetes affect IBM InfoSphere Information Server

Summary Muiltiple vulnerabilities in Kubernetes that is used by IBM InfoSphere Information Server are addressed. Vulnerability Details CVEID: CVE-2020-8557 DESCRIPTION: Kubernetes kubelet is vulnerable to a denial of service, caused by an issue with not including the /etc/hostsfile file by the...

8.8CVSS0.5AI score0.061EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2020/08/07 11:11 a.m.•69 views

Security Bulletin: Version 10.19.0 of Node.js included in IBM Netcool Operations Insight 1.6.0.x has several security vulnerabilities

Summary Security Bulletin: Version 10.19.0 of Node.js included in IBM Netcool Operations Insight 1.6.0.x has several security vulnerabilities Vulnerability Details CVEID: CVE-2020-8172 DESCRIPTION: Node.js could allow a remote attacker to bypass security restrictions. The 'session' event could be...

9.3CVSS1.5AI score0.07646EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2020/07/24 10:19 p.m.•69 views

Security Bulletin: Vulnerability in Apache ActiveMQ affects IBM Control Center (CVE-2018-11775)

Summary Apache ActiveMQ Client could allow a remote attacker to conduct a man-in-the-middle attack, caused by a missing TLS hostname verification. An attacker could exploit this vulnerability to launch a man-in-the-middle attack between a Java application using the ActiveMQ client and the ActiveM...

7.4CVSS1.7AI score0.0699EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2020/04/01 12:35 a.m.•69 views

Security Bulletin: Multiple vulnerabilities in Linux Kernel affect IBM Spectrum Protect Plus

Summary There are multiple security vulnerabilities in the Linux Kernel that affect IBM Spectrum Protect Plus. Vulnerability Details CVEID: CVE-2019-19252 DESCRIPTION: Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by an out-of-bounds write flaw in the...

9.3CVSS1.5AI score0.06236EPSS
Exploits21Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2019/06/03 4:15 p.m.•69 views

Security Bulletin: Security vulnerabilities have been identified in IBM Java Runtime and the microcode shipped with the DS8000 Hardware Management Console (HMC)

Summary The updates indicated below have been released to address the following vulnerabilities: CVE-2018-1111 - Vulnerability in the NetworkManager integration script CVE-2018-2783 - IBM Java Runtime vulnerability CVE-2018-2790 - IBM Java Runtime vulnerability CVE-2018-5391 - Improper handling o...

7.9CVSS1.1AI score0.94457EPSS
Exploits14Affected Software2
IBM Security Bulletins
IBM Security Bulletins
•added 2019/03/06 8:5 p.m.•69 views

Security Bulletin: IBM Security Guardium is affected by Red Hat kernel vulnerabilities

Summary IBM Security Guardium has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2018-3639 DESCRIPTION: Multiple Intel CPU''s could allow a local attacker to obtain sensitive information, caused by utilizing sequences of speculative execution and speculative execution o...

7.8CVSS0.9AI score0.60631EPSS
Exploits9Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2019/03/04 5:55 a.m.•69 views

Security Bulletin: Vulnerabilities in the Linux Kernel affect PowerKVM

Summary PowerKVM is affected by vulnerabilities in the Linux Kernel. IBM has now addressed these vulnerabilities. Vulnerability Details CVEID: CVE-2018-18710 DESCRIPTION: Linux Kernel could allow a local attacker to obtain sensitive information, caused by improper bounds checking in...

5.5CVSS0.6AI score0.00501EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2019/01/31 2:25 a.m.•69 views

Security Bulletin: Vulnerability in Linux Kernel affects IBM RackSwitch Products (CVE-2017-6214)

Summary IBM RackSwitch Products have addressed the following vulnerability in Linux Kernel. Vulnerability Details Summary IBM RackSwitch Products have addressed the following vulnerability in Linux Kernel. Vulnerability Details: CVEID: CVE-2017-6214 Description: Linux Kernel is vulnerable to a...

7.5CVSS1.1AI score0.04666EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
•added 2018/07/10 8:34 a.m.•69 views

Security Bulletin: Vulnerabilities in cURL component shipped with IBM Rational ClearCase (CVE-2016-8624, CVE-2016-8625)

Summary IBM Rational ClearCase is affected by cURL/libcURL access restriction bypass and network host spoofing vulnerabilities. Vulnerability Details CVEID: CVE-2016-8624 DESCRIPTION: cURL/libcurl could allow a remote attacker to bypass security restrictions, caused by the failure to parse the...

7.5CVSS1.1AI score0.05915EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2018/06/18 12:8 a.m.•69 views

Security Bulletin: OpenSSL vulnerability in IBM Storwize V7000 Unified (CVE-2014-0224)

Summary Security vulnerability in OpenSSL. Vulnerability Details CVEID: CVE-2014-0224 DESCRIPTION: SSL/TLS MITM vulnerability An attacker using a carefully crafted handshake can force the use of weak keying material in OpenSSL SSL/TLS clients and servers. This can be exploited by a...

7.4CVSS1.2AI score0.95326EPSS
Exploits9Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2018/06/17 3:15 p.m.•69 views

Security Bulletin: Vulnerabilities in OpenSSL affect IBM MessageSight (CVE-2015-3194, CVE-2015-3195, CVE-2015-3196)

Summary OpenSSL vulnerabilities were disclosed on December 3, 2015 by the OpenSSL Project. OpenSSL is used by IBM MessageSight. IBM MessageSight has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2015-3194 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a NUL...

7.5CVSS1.2AI score0.44016EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2018/06/17 3:12 p.m.•69 views

Security Bulletin: GNU C library (glibc) vulnerability affects IBM MessageSight (CVE-2015-0235)

Summary GNU C library glibc vulnerability that has been referred to as GHOST affects IBM MessageSight. Vulnerability Details CVEID: CVE-2015-0235 DESCRIPTION:The gethostbyname functions of the GNU C Library glibc are vulnerable to a buffer overflow. By sending a specially crafted, but valid...

10CVSS1AI score0.94859EPSS
Exploits29Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2018/06/16 9:45 p.m.•69 views

Security Bulletin: IBM Security Access Manager for Mobile is affected by vulnerabilities in OpenSSL (CVE-2016-0797, CVE-2016-0705)

Summary Vulnerabilities in OpenSSL affect IBM Security Access Manager for Mobile. Vulnerability Details CVEID: CVE-2016-0705 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a double-free error when parsing DSA private keys. An attacker could exploit this vulnerability to...

10CVSS1.9AI score0.27022EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2025/08/18 2:17 p.m.•68 views

Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities

Summary IBM QRadar SIEM includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. These have been addressed in the update. Vulnerability Details CVEID:CVE-2024-22365 DESCRIPTION: Linux-pam is vulnerable to a denial of service, caused by ...

8.4CVSS9.7AI score0.00887EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2025/04/29 2:23 a.m.•68 views

Security Bulletin: IBM Robotic Process Automation is vulnerable to an information disclosure (CVE-2022-22334)

Summary Security Bulletin: IBM Robotic Process Automation is vulnerable to an information disclosure CVE-2022-22334 Vulnerability Details CVEID:CVE-2022-22334 DESCRIPTION: IBM Robotic Process Automation could allow a user to access information from a tenant of which they should not have access...

4.3CVSS4.3AI score0.00407EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2025/04/15 2:37 a.m.•68 views

Security Bulletin: IBM Operational Decision Manager for April 2024 - Multiple CVEs addressed

Summary IBM Operational Decision Manager is vulnerable to multiple remote code execution and denial of service attacks in third party and open source used in the product for various functions. See full list below. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2014-0114...

9.8CVSS9.9AI score0.95821EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/12/11 6:44 p.m.•68 views

Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities

Summary IBM QRadar SIEM includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. These have been addressed in the update. Vulnerability Details CVEID:CVE-2024-23454 DESCRIPTION: Apache Hadoop could allow a local authenticated attacker t...

9.8CVSS9AI score0.99999EPSS
Exploits24Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/07/25 4:14 p.m.•68 views

Security Bulletin: Multiple Vulnerabilities in IBM WebSphere Application Server Liberty affect CICS Transaction Gateway for Multiplatforms and CICS Transaction Gateway Desktop Edition.

Summary Multiple Vulnerabilities in IBM WebSphere Application Server Liberty affect CICS Transaction Gateway for Multiplatforms and CICS Transaction Gateway Desktop Edition. These fixes resolve the following vulnerabilities. Vulnerability Details CVEID:CVE-2024-27268 DESCRIPTION: IBM WebSphere...

7.5CVSS6.9AI score0.01278EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/06/26 10:30 p.m.•68 views

Security Bulletin: IBM MQ Appliance is affected by multiple open source vulnerabilities.

Summary IBM MQ Appliance has addressed multiple open source vulnerabilities CVE-2020-12762, CVE-2021-33631, CVE-2023-6931, CVE-2024-1086. Vulnerability Details CVEID:CVE-2020-12762 DESCRIPTION: json-c could allow a remote attacker to execute arbitrary code on the system, caused by an integer...

7.8CVSS8.6AI score0.28058EPSS
Exploits18Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/06/05 4:4 p.m.•68 views

Security Bulletin: AIX is vulnerable to denial of service due to ISC BIND

Summary UPDATED: Corrected the affected fileset levels to reflect that bind.rte 7.1.916.2604 and 7.3.916.2601 are vulnerable Multiple vulnerabilities in ISC BIND could allow a remote attacker to cause a denial of service. AIX uses ISC BIND as part of its DNS functions. Vulnerability Details...

7.5CVSS8.1AI score0.99995EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
•added 2024/04/25 5:15 a.m.•68 views

Security Bulletin: IBM Security Verify Governance - Containerized Identity Manager has multiple vulnerabilities

Summary Multiple security vulnerabilities have been addressed in the latest update to IBM Security Verify Governance - Containerized Identity Manager. Vulnerability Details CVEID:CVE-2018-6561 DESCRIPTION: Dojo Toolkit is vulnerable to cross-site scripting in dijit.Editor, caused by improper...

9.8CVSS9.7AI score0.99999EPSS
Exploits22Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2023/12/07 10:45 p.m.•68 views

Security Bulletin: IBM RackSwitch firmware products are affected by a vulnerability in the Kernel (CVE-2020-12464)

Summary IBM RackSwitch firmware products have addressed the following Kernel vulnerability. Vulnerability Details CVEID: CVE-2020-12464 DESCRIPTION: Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a use-after-free flaw in the usbsgcancel function in...

7.2CVSS2.2AI score0.00802EPSS
Exploits1Affected Software9
IBM Security Bulletins
IBM Security Bulletins
•added 2023/10/25 8:19 p.m.•68 views

Security Bulletin: IBM HTTP Server is vulnerable to information disclosure due to the included Apache HTTP Server (CVE-2023-31122)

Summary IBM HTTP Server is vulnerable to information disclosure when using the modmacro module due to the included Apache HTTP Server. Vulnerability Details CVEID:CVE-2023-31122 DESCRIPTION: Apache HTTP Server could allow a remote attacker to obtain sensitive information, caused by an out-of-boun...

7.5CVSS7.4AI score0.02978EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2023/09/15 5:44 a.m.•68 views

Security Bulletin: Multiple vulnerabilities in jackson-databind affect IBM Application Performance Management products

Summary Multiple vulnerabilities in jackson-databind-2 used by IBM Application Performance Management. The vulnerabilites below have been addressed. Vulnerability Details CVEID:CVE-2023-35116 DESCRIPTION: Fasterxml jackson-databind is vulnerable to a denial of service, caused by a stack-based...

10CVSS10AI score0.49727EPSS
Exploits35Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2023/09/12 7:10 p.m.•68 views

Security Bulletin: Multiple security vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak.

Summary Python is used by IBM Robotic Process Automation for Cloud Pak as part of Watson NLP and WebSphere Liberty CVE-2020-10735, CVE-2022-45061. LibTiff is used by IBM Robotic Process Automation for Cloud Pak as part of .NET Core and Watson NLP CVE-2022-3627, CVE-2022-3970. cURL libcurl is used...

9.8CVSS9.3AI score0.03776EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2023/09/05 12:55 p.m.•68 views

Security Bulletin: Vulnerabilities found in poi-3.9.jar, poi-scratchpad-3.9.jar which is shipped with IBM® Intelligent Operations Center(CVE-2017-12626, CVE-2014-9527)

Summary Multiple vulnerabilities have been identified in poi-3.9.jar, poi-scratchpad-3.9.jar which is shipped with IBM® Intelligent Operations Center. Information about these vulnerabilities affecting IBM® Intelligent Operations Center have been published and addressed the applicable CVEs...

7.5CVSS7AI score0.10248EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2023/09/04 11:15 a.m.•68 views

Security Bulletin: Multiple CVEs may affect Operating System packages shipped with IBM CICS TX Advanced 10.1

Summary CVE-2023-29499, CVE-2023-32611, CVE-2023-32636, CVE-2023-32643, CVE-2023-32665, CVE-2023-1667, CVE-2023-2283, CVE-2020-11080, CVE-2023-31484, CVE-2023-24329 may affect Ubuntu Operating System packages shipped with IBM CICS TX Advanced 10.1. IBM CICS TX Advanced 10.1 has addressed the...

8.1CVSS9.1AI score0.20459EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2023/08/25 2:21 a.m.•68 views

Security Bulletin: ISC BIND on IBM i is vulnerable to denial of service due to a memory usage flaw (CVE-2023-2828)

Summary Domain Name System DNS uses ISC BIND. ISC BIND on IBM i is vulnerable to a denial of service attack due to memory usage exceeding the configured cache size limit as seen in the vulnerability details section. IBM i has addressed the vulnerability in ISC BIND with a fix as described in the...

7.5CVSS7.6AI score0.03776EPSS
Exploits0Affected Software5
IBM Security Bulletins
IBM Security Bulletins
•added 2023/08/23 10:52 a.m.•68 views

Security Bulletin: CVE-2022-40609 may affect IBM Java shipped with IBM CICS TX Advanced

Summary CVE-2022-40609 may affect IBM Java shipped with IBM CICS TX Advanced. IBM CICS TX Advanced has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2022-40609 DESCRIPTION: IBM SDK, Java Technology Edition 7.1.5.18 and 8.0.8.0 could allow a remote attacker to execute arbitrary cod...

9.8CVSS9AI score0.01827EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2023/08/22 2:18 p.m.•68 views

Security Bulletin: Vulnerabilities in Linux kernel, libssh, and Java can affect IBM Spectrum Protect Plus

Summary IBM Spectrum Protect Plus can be affected by vulnerabilities in Linux kernel, libssh, and Java. Vulnerabilities include denial of service, elevated privileges, crashes, execute arbitrary code on the system, obtaining sensitive kernel information, network attacks, bypassing authentication,...

8.8CVSS9.8AI score0.12966EPSS
Exploits20Affected Software1
Total number of security vulnerabilities5000