Lucene search
K
IbmMost viewed

35596 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2021/09/23 1:31 a.m.64 views

Security Bulletin: GNU C Library (glibc) Vulnerability Affects Power Hardware Management Console (CVE-2015-0235, CVE-2014-6040, CVE-2014-7817)

Summary GNU C library glibc vulnerability that has been referred to as GHOST affects Power Hardware Management Console. Vulnerability Details CVEID: CVE-2015-0235 DESCRIPTION:The gethostbyname functions of the GNU C Library glibc are vulnerable to a buffer overflow. By sending a specially crafted...

10CVSS8.8AI score0.94859EPSS
Exploits30Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/08/31 4:20 p.m.64 views

Security Bulletin: IBM Planning Analytics Workspace is affected by security vulnerabilities

Summary The Planning Analytics Workspace component of IBM Planning Analytics is affected by vulnerabilities These have been addressed in IBM Planning Analytics Local v2.0 - Planning Analytics Workspace Release 67. Vulnerability Details CVEID: CVE-2021-29853 DESCRIPTION: IBM Planning Analytics cou...

7.5CVSS1.2AI score0.13292EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/06/03 4:41 p.m.64 views

Security Bulletin: Vulnerabilities in OpenSSL including Logjam affect Informix Genero (CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792 & CVE-2015-4000)

Summary OpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. This includes Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol CVE-2015-4000. OpenSSL is used by Informix Genero. Informix Genero has addressed the applicable CVEs...

7.5CVSS5.6AI score0.9986EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/04/30 10:43 a.m.64 views

Security Bulletin: Vulnerability in OpenSSL affects IBM Integrated Analytics System

Summary Redhat provided OpenSSL is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2020-1971 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference. If the...

5.9CVSS5.8AI score0.06968EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/12/08 6:44 p.m.64 views

Security Bulletin: OpenSSL vulnerabilities CVE-2019-1563 CVE-2019-1547 impact IBM Aspera Streaming/IBM Aspera Streaming for Video version 3.9.6.1 and earlier

Summary OpenSSL vulnerabilities CVE-2019-1563 CVE-2019-1547 impact IBM Aspera Streaming/IBM Aspera Streaming for Video version 3.9.6.1 and earlier. The fix for this set of vulnerabilities was delivered in IBM Aspera High-Speed Transfer Server V4.0.0 and IBM Aspera High-Speed Transfer Endpoint...

4.7CVSS1.4AI score0.03838EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/12/08 6:37 a.m.64 views

Security Bulletin: OSS security Scan issues for Concerto installer.

Summary Fixed in IBM Netezza for Cloud Pak for Data 11.1.1.0 Vulnerability Details CVEID: CVE-2018-19838 DESCRIPTION: LibSass is vulnerable to a denial of service, caused by a stack-based buffer overflow in the IMPLEMENTASTOPERATORS expansion in ast.cpp. By persuading a victim to open a...

9.8CVSS1.2AI score0.05213EPSS
Exploits13Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/10/15 4:29 p.m.64 views

Security Bulletin: Vulnerability in Hibernate Validator affects WebSphere Application Server Liberty bundled with IBM WebSphere Application Server Patterns (CVE-2020-10693)

Summary WebSphere Application Server is shipped as a component of IBM WebSphere Application Server Patterns. Information about security vulnerabilities affecting WebSphere Application Server have been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed i...

5.3CVSS2AI score0.02294EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/10/07 4:1 p.m.64 views

Security Bulletin: IBM Security Guardium is affected by an Oracle MySQL vulnerabilities

Summary IBM Security Guardium has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2019-2808 DESCRIPTION: Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 8.0.16 and prior. Easily...

7.5CVSS0.9AI score0.0377EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/09/28 3:38 p.m.64 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM i

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition and IBM® Runtime Environment Java™ used by IBM i. IBM i has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2020-14583 DESCRIPTION: An unspecified vulnerability in Java SE related to the Libraries...

8.3CVSS1AI score0.04315EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/09/10 5:3 p.m.64 views

Security Bulletin: Vulnerabilities in OpenSSL including Logjam affect Rational Software Architect and Rational Software Architect for Websphere Software

Summary OpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. This includes Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol CVE-2015-4000. OpenSSL is used by IBM SDK for Node.js for the Cordova tools in Rational Software Architect and...

7.5CVSS1.1AI score0.9986EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/06/25 2:35 p.m.65 views

Security Bulletin: A vulnerability in OpenSSL affects IBM Rational ClearQuest (CVE-2019-1551)

Summary OpenSSL vulnerabilities were disclosed by the OpenSSL Project. OpenSSL is used by IBM Rational ClearQuest. IBM Rational ClearQuest has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2019-1551 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive informatio...

5.3CVSS1.2AI score0.14298EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/02/11 6:29 p.m.64 views

Security Bulletin: Jetty vulnerabilities found in IBM Sterling B2B Integrator and IBM Sterling File Gateway (CVE-2011-4461, CVS-2009-4612, CVE-2009-4611, CVE-2009-4610, CVS-2009-4609, CVE-2009-1524, CVE-2009-1523)

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway use Jetty version 6.1.8. and thus are affected by the following security vulnerabilities discovered in the Jetty version 6.1.8 Vulnerability Details CVEID: CVE-2011-4461 DESCRIPTION: Mort Bay Jetty 6.1.8 computes hash values for fo...

7.5CVSS1.1AI score0.25802EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/02/07 2:27 a.m.64 views

Security Bulletin: Aspera Web Faspex application is affected by OpenSSL Vulnerability (CVE-2019-1552)

Summary IBM Aspera Faspex has addressed the following OpenSSL vulnerability Vulnerability Details CVEID: CVE-2019-1552 DESCRIPTION: OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is mos...

3.3CVSS1.3AI score0.00678EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/02/04 4:40 p.m.64 views

Security Bulletin: Security vulnerabilities have been identified in IBM HTTP Server shipped with IBM Rational ClearQuest (CVE-2017-9798, CVE-2017-12618)

Summary IBM HTTP Server IHS is shipped as a component of IBM Rational ClearQuest. Information about security vulnerabilities affecting IHS has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section. Affected Products an...

7.5CVSS1.3AI score0.94999EPSS
Exploits12Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/01/21 8:53 a.m.64 views

Security Bulletin: IBM Integration Bus Hyper visor Edition V9.0 require customer action for security vulnerabilities in Red Hat Linux

Summary IBM Integration Bus Hypervisor Edition V9.0 ship with Red Hat Enterprise Linux RHEL Server 6.2 which is vulnerable to: CVE-2019-13133, CVE-2019-13137, CVE-2019-13136, CVE-2019-13135, CVE-2019-13134 Vulnerability Details CVEID: CVE-2019-13133 DESCRIPTION: ImageMagick before 7.0.8-50 has a...

8.8CVSS0.6AI score0.03291EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/01/13 12:45 p.m.64 views

Security Bulletin: Open Source Apache Tomcat vulnerabilities affect IBM Tivoli Application Dependency Discovery Manager (TADDM) (CVE-2019-0232, CVE-2019-0221)

Summary Multiple vulnerabilities in Open Source Apache Tomcat reported by The Apache Software Foundation affect IBM Tivoli Application Dependency Discovery Manager Vulnerability Details CVEID: CVE-2019-0232 DESCRIPTION: Apache Tomcat could allow a remote attacker to execute arbitrary code on the...

9.3CVSS0.6AI score0.99652EPSS
Exploits12Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/12/20 8:47 a.m.64 views

Security Bulletin: IBM ToolsCenter Dynamic System Analysis (DSA) Preboot is affected by multiple vulnerabilities.

Summary IBM ToolsCenter Dynamic System Analysis DSA Preboot has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2019-3863 DESCRIPTION: A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are...

9.3CVSS0.9AI score0.09219EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/10/09 2:48 p.m.64 views

Security Bulletin: Multiple vulnerabilities in IBM HTTP Server affect IBM Security Access Manager for Enterprise Single Sign-On

Summary These issues were also addressed by IBM WebSphere Application Server shipped with IBM Security Access Manager for Enterprise Single Sign-On. Vulnerability Details CVEID: CVE-2018-20843 DESCRIPTION: libexpat is vulnerable to a denial of service, caused by an error in the XML parser. By...

7.8CVSS0.5AI score0.81466EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/08/02 10:3 p.m.65 views

Security Bulletin: IBM MQ Appliance affected by an OpenSSH vulnerability (CVE-2019-6110)

Summary IBM MQ Appliance has addressed the following OpenSSH vulnerability. Vulnerability Details CVEID: CVE-2019-6110 DESCRIPTION: OpenSSH could allow a remote attacker to conduct spoofing attacks, caused by accepting and displaying arbitrary stderr output from the scp server. A man-in-the-middl...

6.8CVSS1.9AI score0.20906EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/06/27 8:35 a.m.64 views

Security Bulletin: IBM QRadar Network Security is affected by a an openssl vulnerability (CVE-2018-5407)

Summary IBM QRadar Network Security has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2018-5407 DESCRIPTION: Multiple SMT/Hyper-Threading architectures and processors could allow a local attacker to obtain sensitive information, caused by execution engine sharing on...

4.7CVSS0.4AI score0.03418EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/06/13 7:15 p.m.64 views

Security Bulletin: IBM Cognos Controller 2019Q2 Security Updater: Multiple vulnerabilities have been identified in IBM Cognos Controller

Summary This bulletin addresses several security vulnerabilities that are fixed in IBM Cognos Controller. There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 7 and the IBM® Runtime Environment Java™ Technology Edition, Version 8 that are used by IBM...

10CVSS0.9AI score0.73327EPSS
Exploits12Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/05/08 3:31 p.m.64 views

IBM Security Key Lifecycle Manager: All Security Bulletins

Summary This page lists all the security bulletins that are released for IBM Security Key Lifecycle Manager. Vulnerability Details Security Bulletin: IBM Security Key Lifecycle Manager stores unencrypted password CVE-2016-6092 --- Security Bulletin: IBM Security Key Lifecycle Manager uses Less...

9.8CVSS0.5AI score0.9986EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2019/04/17 4:55 p.m.64 views

Security Bulletin: IBM QRadar Network Packet Capture is vulnerable to a Publicly disclosed vulnerability from GNU glibc (CVE-2018-11237)

Summary GLIBC as used by IBM QRadar Network Packet Capture is vulnerable to a buffer overflow Vulnerability Details CVEID: CVE-2018-11237 Description: GNU glibc is vulnerable to a buffer overflow, caused by improper bounds of checking by the mempcpy function. By sending a specially-crafted reques...

7.8CVSS1.2AI score0.00858EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/31 2:25 a.m.64 views

Security Bulletin: Vulnerability in OpenSSH affects IBM Flex System FC5022 16Gb SAN Scalable Switch (CVE-2016-6210)

Summary IBM Flex System FC5022 16Gb SAN Scalable Switch has addressed the following vulnerability in OpenSSH. Vulnerability Details Summary IBM Flex System FC5022 16Gb SAN Scalable Switch has addressed the following vulnerability in OpenSSH. Vulnerability Details: CVEID: CVE-2016-6210 Description...

5.9CVSS0.1AI score0.88944EPSS
Exploits12
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/31 1:45 a.m.64 views

Security Bulletin: MegaRAID Storage Manager is affected by the following OpenSSL vulnerabilities: CVE-2014-0224, CVE-2014-0221, CVE-2014-0195, CVE-2014-0198, CVE-2010-5298, CVE-2014-3470

Summary Security vulnerabilities have been discovered in OpenSSL that were reported on June 5, 2014 by the OpenSSL Project. Vulnerability Details Abstract Security vulnerabilities have been discovered in OpenSSL that were reported on June 5, 2014 by the OpenSSL Project. Content Vulnerability...

7.4CVSS0.7AI score0.99977EPSS
Exploits13
IBM Security Bulletins
IBM Security Bulletins
added 2018/12/17 2:20 p.m.64 views

Security Bulletin: Vulnerabilities in GNU binutils affect PowerKVM

Summary PowerKVM is affected by vulnerabilities in GNU binutils. IBM has now addressed these vulnerabilities. Vulnerability Details CVEID: CVE-2018-13033 DESCRIPTION: GNU Binutils is vulnerable to a denial of service, caused by an error in the bfdelfparseattributes in elf-attrs.c and bfdmalloc in...

7.8CVSS1.6AI score0.03467EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/10/23 5:25 p.m.64 views

Security Bulletin: Rational DOORS Web Access is affected by Apache Tomcat vulnerabilities

Summary Rational DOORS Web Access has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2018-8034 DESCRIPTION: Apache Tomcat could allow a remote attacker to bypass security restrictions, caused by a missing host name verification when using TLS with the WebSocket client. ...

7.5CVSS1.2AI score0.94494EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/07/25 2:25 p.m.64 views

Security Bulletin: IBM QRadar Network Security is affected by GNU C library (glibc) vulnerabilities

Summary IBM QRadar Network Security has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2018-1000001 DESCRIPTION: Glibc could allow a local attacker to execute arbitrary code on the system, caused by a buffer underflow in the realpath function in stdlib/canonicalize.c. A...

9.8CVSS1.1AI score0.13614EPSS
Exploits12Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/07/12 12:16 a.m.64 views

Security Bulletin: Multiple vulnerabilities in Jackson-databind affect IBM InfoSphere Information Server

Summary Multiple vulnerabilities in Jackson-databind were addressed by IBM InfoSphere Information Server. Vulnerability Details CVEID: CVE-2018-5968 DESCRIPTION: FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by deserialization flaws. By...

9.8CVSS2AI score0.49727EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/07/06 11:49 p.m.64 views

Security Bulletin: Vulnerabilities in the Linux kernel affect PowerKVM

Summary PowerKVM is affected by vulnerabilities in the Linux kernel . IBM has now addressed these vulnerabilities. Vulnerability Details CVEID: CVE-2018-1000004 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a race condition in the sound system. A remote attacker could...

10CVSS1.5AI score0.52189EPSS
Exploits48Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 12:32 a.m.64 views

Security Bulletin: October 2015 Java Platform Standard Edition Vulnerabilities in Multiple N Series Products

Summary Multiple N Series Products incorporate the Oracle Java Platform, Standard Edition Java SE software libraries. Java SE JDK and JRE versions below 8u65, 7u91 and 6u105 and OpenJDK versions below 1.7.0.91 and 1.8.0.65 are susceptible to multiple vulnerabilities, potentially leading to an...

10CVSS1.2AI score0.13354EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 12:9 a.m.64 views

Security Bulletin: GNU C library (glibc) vulnerability affects IBM XIV Storage System Gen2 (CVE-2015-0235)

Summary GNU C library glibc vulnerability that has been referred to as GHOST affects IBM XIV Storage System Gen2. Vulnerability Details CVEID: CVE-2015-0235 DESCRIPTION:The gethostbyname functions of the GNU C Library glibc are vulnerable to a buffer overflow. By sending a specially crafted, but...

10CVSS1.8AI score0.94859EPSS
Exploits29Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 12:8 a.m.64 views

Security Bulletin: IBM Real-time Compression Appliance is exposed to the following OpenSSL vulnerabilities: CVE-2014-0224, CVE-2014-0198, CVE-2010-5298.

Summary Security vulnerabilities have been discovered in OpenSSL that were reported on June 5, 2014 by the OpenSSL Project. IBM Real-time Compression Appliance is exposed to CVE-2014-0224, CVE-2014-0198, CVE-2010-5298. Vulnerability Details CVE-ID: CVE-2014-0224 DESCRIPTION: OpenSSL is vulnerable...

7.4CVSS3.5AI score0.95326EPSS
Exploits9Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 12:8 a.m.64 views

Security Bulletin: IBM XIV Gen2 OpenSSL vulnerability CVE-2014-0224

Summary IBM XIV Gen2 is vulnerable to CVE-2014-0224, which exposes users to a man-in-the-middle attack when using CIM-based management. This vulnerability was reported on June 5, 2014 by the OpenSSL project Vulnerability Details CVE-ID: CVE-2014-0224 DESCRIPTION: OpenSSL is vulnerable to a...

7.4CVSS0.8AI score0.95326EPSS
Exploits9
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 10:33 p.m.64 views

Security Bulletin: Vulnerabilities in OpenSSL affect MobileFirst Quality Assurance

Summary OpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL is used by MobileFirst Quality Assurance. MobileFirst Quality Assurance has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-6302 DESCRIPTION: OpenSSL is vulnerable to a...

9.8CVSS1.3AI score0.63029EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 5:14 a.m.64 views

Security Bulletin: A vulnerability in Apache Tomcat affects Rational Insight (CVE-2015-5174)

Summary The Rational Insight is shipped with a version of the Apache Tomcat web server which contains a security vulnerability that could have a potential security impact. Vulnerability Details CVEID: CVE-2015-5174 DESCRIPTION: Apache Tomcat could allow a remote attacker to traverse directories o...

8.8CVSS0.5AI score0.1838EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:50 p.m.64 views

Security Bulletin: Mozilla NSS as used in IBM QRadar SIEM is vulnerable to arbitrary code execution (CVE-2016-2834)

Summary IBM QRadar SIEM includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. Vulnerability Details CVEID: CVE-2016-2834 DESCRIPTION: Mozilla Network Security Services NSS, as used in Mozilla Firefox, could allow a remote attacker to...

9.3CVSS3.6AI score0.0338EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:44 p.m.64 views

Security Bulletin: IBM Security Access Manager for Mobile is affected by vulnerabilities in nss, nss-util, and nspr (CVE-2016-1978, CVE-2016-1979)

Summary Network Security Services NSS is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. The nss-util packages provide utilities for use with the Network Security Services NSS libraries. Netscape Portable Runtime NSPR...

8.8CVSS1.8AI score0.02386EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 11:49 p.m.64 views

Security Bulletin: IBM OpenPages GRC Platform has addressed multiple Apache Tomcat vulnerabilities.

Summary IBM OpenPages GRC Platform has addressed potential security exposure due to multiple vulnerabilities in Apache Tomcat. Vulnerability Details CVE-ID: CVE-2018-1323 Description: Apache Tomcat JK ISAPI Connector could allow a remote attacker to obtain sensitive information, caused by the...

8.1CVSS0.7AI score0.99988EPSS
Exploits41Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 10:42 p.m.64 views

Security Bulletin: A security vulnerability has been identified in IBM Cognos Business Intelligence shipped with IBM Cognos Planning (CVE-2016-2107, CVE-2016-2105, CVE-2016-2106, CVE-2016-2109, CVE-2016-2176, CVE-2016-2108)

Summary IBM Cognos Business Intelligence is shipped as a component of IBM Cognos Planning. Information about a security vulnerability affecting IBM Cognos Business Intelligence has been published in a security bulletin. Vulnerability Details Please consult the security bulletin: Security Bulletin...

3AI score0.89058EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:5 a.m.64 views

Security Bulletin: Vulnerability in GNU C Library(glibc) affects WebSphere DataPower XC10 Appliance(CVE-2015-7547) - Revised fix available

Summary A GNU C Libraryglibc vulnerability with a stack based overflow was addressed by WebSphere DataPower XC10 Appliance. On Friday March 11th 2016, a fix was published to resolve this security vulnerability. However, that fix needed revision. A corrected fix is now available. Vulnerability...

8.1CVSS2.2AI score0.89557EPSS
Exploits17Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/18 5:57 p.m.63 views

Security Bulletin: OpenSSL 1.0.2 and 1.0.1 vulnerabilities (CVE-2016-0701 and CVE-2015-3197)

Question Security Bulletin: OpenSSL 1.0.2 and 1.0.1 vulnerabilities CVE-2016-0701 and CVE-2015-3197 "Business Unit":"code":"BU059","label":"IBM Software w/o TPS","Product":"code":"SS8NDZ","label":"IBM Aspera","Component":"","Platform":"code":"PF025","label":"Platform Independent","Version":"All...

5.9CVSS6.7AI score0.83645EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/18 5:57 p.m.63 views

Security Bulletin: Multiple vulnerabilities Perl Compatible Regular Expression (PCRE) libraries - IBM Aspera Shares Application

Question Security Bulletin: Multiple vulnerabilities with the open source Perl Compatible Regular Expression PCRE libraries used in IBM Aspera Shares Application "Business Unit":"code":"BU059","label":"IBM Software w/o TPS","Product":"code":"SS8NDZ","label":"IBM...

5.4AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/25 9:44 a.m.63 views

Security Bulletin: Multiple Vulnerabilities in IBM webMethods Integration

Summary Multiple vulnerabilities were addressed in the latest fix release for IBM webMethods Integration 11.1 Vulnerability Details CVEID:CVE-2024-34397 DESCRIPTION: GNOME GLib could allow a remote attacker to conduct spoofing attacks, caused by a flaw when a GDBus-based client subscribes to...

9.1CVSS9.2AI score0.54026EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/27 4:18 p.m.63 views

Security Bulletin: Multiple vulnerabilities affect IBM Data Virtualization on Cloud Pak for Data (March 2025)

Summary Multiple vulnerabilities have been addressed in IBM Data Virtualization on Cloud Pak for Data. Note that IBM Data Virtualization was named Watson Query in IBM Cloud Pak for Data version 4.6, 4.7, and 4.8. Vulnerability Details CVEID:CVE-2023-39410 DESCRIPTION: When deserializing untrusted...

10CVSS9.9AI score0.9378EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/26 3:54 a.m.63 views

Security Bulletin: IBM i Modernization Engine for Lifecycle Integration is vulnerable to multiple vulnerabilities

Summary There are multiple vulnerabilities in components of IBM i Modernization Engine for Lifecycle Integration as described in the Vulnerability Details section. Google Guava and Apache James MIME4J could allow a local authenticated attacker to obtain sensitive information. Pivota Spring...

9.8CVSS9.2AI score0.32257EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/26 3:34 a.m.63 views

Security Bulletin: Multiple Vulnerabilities in Multicloud Management Security Services

Summary Multiple vulnerabilities were fixed in IBM Cloud Pak for Multicloud Management Security Services Vulnerability Details CVEID:CVE-2022-1705 DESCRIPTION: Golang Go is vulnerable to HTTP request smuggling, caused by a flaw with accepting of some invalid Transfer-Encoding headers in the HTTP/...

8CVSS9.9AI score0.24928EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/26 2:50 a.m.63 views

Security Bulletin: Security vulnerabilities have been fixed in IBM Security Verify Governance, Identity Manager virtual appliance component

Summary IBM Security Verify Governance, Identity Manager virtual appliance component has addressed the following vulnerabilities Vulnerability Details CVEID:CVE-2022-22457 DESCRIPTION: IBM Security Verify Governance stores sensitive information including user credentials in plain clear text which...

6.5CVSS5.4AI score0.00765EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.63 views

Security Bulletin: Multiple security vulnerabilities have been identified in IBM HTTP Server shipped with IBM DevOps Code ClearCase [CVE-2024-40898, CVE-2024-40725]

Summary IBM HTTP Server IHS is shipped as a component of IBM DevOps Code ClearCase. Information about a security vulnerability affecting IHS has been published in a security bulletin. CVE-2024-40898, CVE-2024-40725 Vulnerability Details Refer to the security bulletins listed in the...

9.1CVSS6.5AI score0.04134EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.63 views

Security Bulletin: Vulnerability in Apache HTTP Server (CVE-2024-38475) affects Power HMC.

Summary The Apache HTTP Server library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2024-38475 DESCRIPTION: Improper escaping of output in modrewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to map URLs ...

9.1CVSS6.8AI score0.99957EPSS
Exploits1Affected Software1
Total number of security vulnerabilities5000