Lucene search
K
IbmMost viewed

35661 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2022/04/01 1:15 p.m.63 views

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Integration Bus and IBM App Connect Enterprise

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition used by IBM Integration Bus & IBM App Connect Enterprise. These issues were disclosed as part of the IBM Java SDK updates in October 2021. Vulnerability Details CVEID: CVE-2021-35578 DESCRIPTION: An unspecified...

9.8CVSS1AI score0.14839EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2022/04/01 12:23 p.m.63 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, which is a required product for IBM Tivoli Netcool Configuration Manager (CVE-2021-44790, CVE-2021-44224)

Summary IBM WebSphere Application Server is a required product for IBM Tivoli Netcool Configuration Manager version 6.4.2. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security...

1.1AI score0.97108EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/02/16 5:38 a.m.63 views

Security Bulletin: Vulnerability in Polkit affects IBM Integrated Analytics System.

Summary Polkit is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable CVE CVE-2021-4034. Vulnerability Details CVEID: CVE-2021-4034 DESCRIPTION: Polkit could allow a local authenticated attacker to gain elevated privileges on the system, caused by...

7.8CVSS1.6AI score0.94921EPSS
Exploits151Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/01/27 2:1 a.m.63 views

Security Bulletin: IBM Watson Studio Premium Add On in Cloud Pak for Data is vulnerable to denial of service and arbitrary code execution due to Apache Log4j (CVE-2021-45105, CVE-2021-45046)

Summary There are multiple Apache Log4j CVE-2021-45105, CVE-2021-45046 vulnerabilities impacting IBM Watson Studio Premium Add On in Cloud Pak for Data which uses Apache Log4j for logging. The fix includes Apache Log4j 2.17. Vulnerability Details CVEID: CVE-2021-45105 DESCRIPTION: Apache Log4j is...

10CVSS1AI score0.99999EPSS
Exploits355Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/01/20 12:15 a.m.63 views

Security Bulletin: IBM Spectrum Fusion HCI is vulnerable to denial of service and arbitrary code execution due to Apache Log4j (CVE-2021-45105, CVE-2021-45046)

Summary Multiple vulnerabilities in Apache Log4j CVE-2021-45105, CVE-2021-45046 could allow an attacker to execute arbitrary code and denial of service. These vulnerabilities may affect IBM Spectrum Scale Container Native Storage Access and IBM Spectrum Protect Plus, which are part of the IBM...

10CVSS7.4AI score0.99999EPSS
Exploits355Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/21 6:13 p.m.63 views

Security Bulletin: There are multiple vulnerabilities in the Linux Kernel used in IBM Elastic Storage System

Summary There are security vulnerabilities in versions of Linux Kernel that are shipped with versions of IBM Elastic Storage System. A fix for these vulnerabilities is available. Vulnerability Details CVEID: CVE-2020-35508 DESCRIPTION: Linux Kernel could allow a local attacker to bypass security...

7.8CVSS7.5AI score0.09729EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/14 8:38 p.m.63 views

Security Bulletin: A security vulnerability has been identified in IBM HTTP Server shipped with WebSphere Remote Server (CVE-2021-39275)

Summary IBM HTTP Server is shipped with WebSphere Remote Server. Information about a security vulnerability affecting IBM HTTP Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and...

9.8CVSS9AI score0.36339EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/10/06 12:37 p.m.63 views

Security Bulletin: IBM Security Guardium is affected by kernel vulnerabilities

Summary IBM Security Guardium has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2019-10639 DESCRIPTION: Linux Kernel could allow a remote attacker to obtain sensitive information, caused by the use of a weak function to generate IP packet IDs. By sniffing the network, ...

9.8CVSS1AI score0.12651EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/10/04 3:52 p.m.63 views

Security Bulletin: The Community Edition of IBM ILOG CPLEX Optimization Studio is affected by a vulnerability in libcurl (CVE-2021-22945)

Summary The Community Edition of IBM ILOG CPLEX Optimization Studio on Windows platform only has addressed the following vulnerability: libcurl is vulnerable to a denial of service. Vulnerability Details CVEID: CVE-2021-22945 DESCRIPTION: cURL libcurl is vulnerable to a denial of service, caused ...

9.1CVSS1.1AI score0.06216EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/09/23 4:2 a.m.63 views

Security Bulletin: Publicly disclosed vulnerabilities from Bind affect IBM Netezza Host Management

Summary Bind is used by IBM Netezza Host Management. IBM Netezza Host Management has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2021-25215 DESCRIPTION: ISC BIND is vulnerable to a denial of service, caused by an assertion failure while answering queries for DNAME records. By...

8.1CVSS9AI score0.64161EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/09/23 1:45 a.m.63 views

Security Bulletin: Vulnerabilities in httpd affect Power Hardware Management Console

Summary httpd is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-0736 DESCRIPTION: Apache HTTPD could allow a remote attacker to obtain sensitive information, caused by an error in modsessioncrypto. By sending specially...

7.5CVSS0.5AI score0.49024EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/09/23 1:31 a.m.63 views

Security Bulletin: Vulnerabilities in httpd affect Power Hardware Management Console (CVE-2013-5704, CVE-2015-3183)

Summary HTTPD is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs Vulnerability Details CVEID: CVE-2013-5704 DESCRIPTION: Apache HTTP Server could allow a remote attacker to bypass security restrictions, caused by the improper handling of a specially-crafted...

5CVSS6.2AI score0.73327EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/06/25 4:46 p.m.63 views

Security Bulletin: Vulnerabilities in OpenSSL including Logjam affect IBM GPFS V3.5 for Windows (CVE-2015-4000, CVE-2015-1793, CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792)

Summary OpenSSL vulnerabilities were disclosed by the OpenSSL Project and affect IBM GPFS V3.5 . This includes the Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol CVE-2015-4000. This also includes the alternate chains certificate forgery vulnerability...

7.5CVSS7.6AI score0.9986EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/05/27 8:3 a.m.63 views

Security Bulletin: Multiple vulnerabilities in IBM WebSphere eXtreme Scale Liberty Deployment.

Summary Multiple vulnerabilities in IBM WebSphere eXtreme Scale Liberty Deployment XSLD. Vulnerability Details CVEID: CVE-2020-4333 DESCRIPTION: IBM WebSphere Exteme Scale Liberty is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web ...

10CVSS9.7AI score0.96032EPSS
Exploits26Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/05/20 8:7 a.m.63 views

Security Bulletin: Vulnerabilities in XStream, Java, OpenSSL, WebSphere Application Server Liberty and Node.js affect IBM Spectrum Control

Summary Multiple vulnerabiilities in XStream, Java, OpenSSL, WebSphere Application Server Liberty and Node.js may affect IBM Spectrum Control. The Java vulnerabilities were disclosed as part of the IBM Java SDK updates in October 2020 and January 2021. Vulnerability Details CVEID: CVE-2020-5258...

9.9CVSS0.8AI score0.82136EPSS
Exploits19Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/04/28 6:35 p.m.63 views

Security Bulletin: Security vulnerability in Apache Tomcat affects multiple IBM Rational products based on IBM's Jazz technology

Summary The Jazz Team Server is shipped with/or supports versions of the Apache Tomcat web server which contains a security vulnerability that could potentially impact the following IBM Rational products deployed on Apache Tomcat: Collaborative Lifecycle Management CLM, Rational DOORS Next...

6.1CVSS0.4AI score0.45571EPSS
Exploits3Affected Software6
IBM Security Bulletins
IBM Security Bulletins
added 2021/04/16 2:32 p.m.63 views

Security Bulletin: IBM Watson OpenScale on Cloud Pak for Data is impacted by Vulnerabilities in Node.js

Summary IBM Watson OpenScale on Cloud Pak for Data has addressed CVE-2021-23337, CVE-2021-23327, CVE-2021-23334, CVE-2021-27191, CVE-2021-23335. Vulnerability Details CVEID: CVE-2021-23337 DESCRIPTION: Node.js lodash module could allow a remote authenticated attacker to execute arbitrary commands...

7.5CVSS1.1AI score0.2241EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/04/13 9:10 p.m.63 views

Security Bulletin: XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating

Summary XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. Vulnerability Details Refer t...

9.9CVSS4.6AI score0.82136EPSS
Exploits10Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/01/12 8:4 p.m.63 views

Security Bulletin: IBM Security Guardium Insights is affected by multiple vulnerabilities

Summary IBM Security Guardium Insights has addressed the following vulnerabilities Vulnerability Details CVEID: CVE-2020-8244 DESCRIPTION: Node.js bl module could allow a remote attacker to obtain sensitive information, caused by a buffer over-read flaw in the consume function. By sending a...

7.8CVSS0.9AI score0.12996EPSS
Exploits12Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/10/06 8:36 p.m.63 views

Security Bulletin: IBM Security Guardium is affected by a TCP SACK PANIC -Kernel vulnerability

Summary IBM Security Guardium has addressed the following vulnerability Vulnerability Details CVEID: CVE-2019-11478 DESCRIPTION: Jonathan Looney discovered that the TCP retransmission queue implementation in tcpfragment in the Linux kernel could be fragmented when handling certain TCP Selective...

7.8CVSS1AI score0.98745EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/09/11 6:56 a.m.63 views

Security Bulletin: IBM Kenexa LMS On Premise -IBM SDK, Java Technology Edition Quarterly CPU -Jul 2020 - Includes Oracle Jul 2020 CPU plus one additional vulnerability

Summary We have identified that the IBM Kenexa LMS On Premise is affected by one or more security vulnerabilities. These have been addressed in LMS 6.1.0 version. Vulnerability Details CVEID: CVE-2020-14583 DESCRIPTION: An unspecified vulnerability in Java SE related to the Libraries component...

8.3CVSS1.3AI score0.04315EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/08/21 9:43 p.m.63 views

Security Bulletin: Vulnerabilities in BIND affect AIX (CVE-2020-8616 and CVE-2020-8617)

Summary There are vulnerabilities in BIND that affect AIX. Vulnerability Details CVEID: CVE-2020-8617 DESCRIPTION: ISC BIND is vulnerable to a denial of service, caused by a logic error in code which checks TSIG validity. A remote attacker could exploit this vulnerability to trigger an assertion...

8.6CVSS0.93422EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/08/04 5:29 p.m.63 views

Security Bulletin: Apache Log4j valunarability found in Network Performance Insight (CVE-2019-17571)

Summary Apache Log4j vulnerability found in Network Performance Insight CVE-2019-17571. Vulnerability Details CVEID: CVE-2019-17571 DESCRIPTION: Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by improper deserialization of untrusted data in SocketServer...

9.8CVSS1.2AI score0.6906EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/24 10:49 p.m.63 views

Security Bulletin: Multiple Vulnerabilities in OpenSSL affect IBM Sterling Connect:Express for Unix

Summary OpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL is used by IBM Sterling Connect:Express for UNIX. IBM Sterling Connect:Express for UNIX has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2000-1254 DESCRIPTION: OpenSSL...

10CVSS1AI score0.95707EPSS
Exploits9Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/24 10:19 p.m.63 views

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Sterling Connect:Direct for UNIX (CVE-2016-8610)

Summary OpenSSL is used by IBM Sterling Connect:Direct for UNIX. IBM Sterling Connect:Direct for UNIX has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-8610 DESCRIPTION: SSL/TLS protocol is vulnerable to a denial of service, caused by an error when processing ALERT packets...

7.5CVSS0.7AI score0.39657EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/19 12:49 a.m.63 views

Security Bulletin: File vulnerabilities affect IBM SmartClound Entry

Summary IBM SmartCloud Entry is vulnerable to file vulnerabilities, An attacker could exploit these vulnerabilities to use a specially-crafted file to consume all available CPU resources, cause a denial of service, execute arbitrary code, or cause applications/executables to crash. CVE-2014-3538...

7.5CVSS1.2AI score0.20237EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/03/23 8:41 p.m.63 views

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Integration Bus and WebSphere Message Broker

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7.1.4.10 and IBM® Runtime Environment Java™ Versions 7.0.10.10 and 7.1.4.10 used by IBM Integration Bus and WebSphere Message Broker. These issues were disclosed as part of the IBM Java SDK updates in Jul 201...

8.3CVSS1AI score0.03524EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2020/01/08 5:48 p.m.63 views

Security Bulletin: Vulnerability in the Fabric OS used by IBM b-type SAN directors and switches.

Summary Public disclosed vulnerability from OpenSSL in the Fabric OS used by IBM b-type SAN directors and switches. Vulnerability Details CVEID: CVE-2017-3737 DESCRIPTION: OpenSSL 1.0.2 starting from version 1.0.2b introduced an "error state" mechanism. The intent was that if a fatal error occurr...

5.9CVSS0.2AI score0.78675EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/12/18 2:26 p.m.63 views

Security Bulletin: Vulnerability in SSLv3 affects IBM i (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in IBM i. Vulnerability Details CVE-ID: CVE-2014-3566 DESCRIPTION: Product could allow a remote attacker to obtain sensitive information, caused b...

4.3CVSS0.99999EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/02/20 4:40 p.m.63 views

Security Bulletin: IBM MQ Appliance is affected by a kernel vulnerability (CVE-2018-5391)

Summary IBM MQ Appliance has addressed the following kernel vulnerability. Vulnerability Details CVEID: CVE-2018-5391 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by the improper handling of the reassembly of fragmented IPv4 and IPv6 packets by the IP implementation. By...

7.8CVSS0.7AI score0.24575EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/31 1:25 a.m.63 views

Security Bulletin: IBM Dynamic System Analysis (DSA) – Preboot (also known as pDSA) is affected by the following OpenSSL vulnerability: CVE-2014-0224

Summary Security vulnerabilities have been discovered in OpenSSL that were reported on June 5, 2014 by the OpenSSL Project. Vulnerability Details Abstract Security vulnerabilities have been discovered in OpenSSL that were reported on June 5, 2014 by the OpenSSL Project Content Vulnerability...

7.4CVSS0.4AI score0.95326EPSS
Exploits9
IBM Security Bulletins
IBM Security Bulletins
added 2018/08/09 4:20 a.m.63 views

Security Bulletin: Multiple vulnerabilities in current releases of IBM® SDK for Node.js™

Summary This bulletin describes security vulnerabilities discovered in OpenSSL that were reported on December 3, 2015 by the OpenSSL Project, plus two additional vulnerabilities. Vulnerability Details CVEID: CVE-2015-3193 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive...

9.8CVSS0.9AI score0.44016EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 1:36 a.m.63 views

Security Bulletin: Vulnerabilities in HTTPD affect PowerKVM

Summary PowerKVM is affected by vulnerabilities in Apache HTTPD. IBM has now addressed these vulnerabilities. Vulnerability Details CVEID: CVE-2016-0736 DESCRIPTION: Apache HTTPD could allow a remote attacker to obtain sensitive information, caused by an error in modsessioncrypto. By sending...

7.5CVSS1.6AI score0.49024EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 1:33 a.m.63 views

Security Bulletin: Vulnerabilities in the Linux kernel affect PowerKVM

Summary PowerKVM is affected by numerous vulnerabilities in the linux kernel. These vulnerabilities are now fixed. Vulnerability Details CVEID: CVE-2013-7421 DESCRIPTION: Linux Kernel could allow a local attacker to bypass security restrictions, caused by an error in the in the Crypto API. An...

7.8CVSS1AI score0.22374EPSS
Exploits30Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 12:33 a.m.63 views

Security Bulletin: Multiple Mozilla Firefox vulnerability issues in IBM SONAS

Summary There are security vulnerabilities in versions of Mozilla Firefox that are shipped with versions 1.5.1.0 to 1.5.2.5 of IBM SONAS Vulnerability Details IBM SONAS is shipped with Mozilla Firefox. There are vulnerabilities in certain versions of Mozilla Firefox shipped in certain versions of...

10CVSS1.9AI score0.17484EPSS
Exploits13Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 12:28 a.m.64 views

Security Bulletin: Vulnerabilities in OpenSSL affect IBM SONAS

Summary OpenSSL is used by IBM SONAS. IBM SONAS has addressed the applicable CVEs. Vulnerability Details OpenSSL is used in IBM SONAS for providing communication security by encrypting data being transmitted. CVEID: CVE-2016-0705 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused b...

10CVSS1.4AI score0.32414EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 12:8 a.m.63 views

Security Bulletin: Vulnerabilities in Bash affect IBM SONAS (CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, CVE-2014-6278)

Summary Six Bash vulnerabilities were disclosed in September 2014. These vulnerabilities have been referred to as “Bash Bug” or “Shellshock”. Bash is used by IBM SONAS. Vulnerability Details The following vulnerabilities are only exploitable by users who already have authenticated access to the...

10CVSS1.3AI score0.99999EPSS
Exploits158Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 10:33 p.m.63 views

Security Bulletin: Multiple vulnerabilities in Apache Tomcat affect IBM UrbanCode Release

Summary Multiple vulnerabilities in Apache Tomcat affect IBM UrbanCode Release Vulnerability Details CVEID: CVE-2016-6816 DESCRIPTION: Apache Tomcat is vulnerable to HTTP response splitting attacks, caused by improper validation of user-supplied input. A remote attacker could exploit this...

9.8CVSS1.4AI score0.90338EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 10:30 p.m.63 views

Security Bulletin: Multiple vulnerabilities in IBM Business Process Manager shipped with IBM Cloud Orchestrator and IBM SmartCloud Orchestrator

Summary IBM Business Process Manager is shipped as a component of IBM Cloud Orchestrator, IBM Cloud Orchestrator Enterprise, IBM SmartCloud Orchestrator, and IBM SmartCloud Orchestrator Enterprise. Vulnerability Details Review the following security bulletins for IBM Business Process Manager for...

10CVSS0.5AI score0.99999EPSS
Exploits33Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 10:30 p.m.63 views

Security Bulletin: Multiple vulnerabilities in openssl affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance

Summary Multiple vulnerabilities in openssl affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance CVE-2014-8176 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-3216 CVE-2015-1788. Vulnerability Details CVEID: CVE-2014-8176 DESCRIPTION: OpenSSL could allow a remote...

7.5CVSS1.3AI score0.74483EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 5:23 a.m.63 views

Security Bulletin: Multiple security vulnerabilities have been identified in Jazz Reporting Service shipped with Rational Reporting for Development Intelligence (CVE-2017-12615, CVE-2017-12616, CVE-2017-12617)

Summary Jazz Reporting Service is shipped as a component of Rational Reporting for Development Intelligence RRDI. Information about multiple security vulnerabilities affecting Jazz Reporting Service has been published in a security bulletin. Vulnerability Details CVEID: CVE-2017-12617 DESCRIPTION...

8.1CVSS0.9AI score0.99988EPSS
Exploits39Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 5:17 a.m.63 views

Security Bulletin: Vulnerabilities in OpenSSL affect Rational Reporting for Development Intelligence

Summary OpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL is used by Rational Reporting for Development Intelligence RRDI. RRDI has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-6302 DESCRIPTION: OpenSSL is vulnerable to a...

10CVSS0.9AI score0.95707EPSS
Exploits9Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 10:6 p.m.63 views

Security Bulletin: IBM Security Directory Suite has released a fixpack in response to the vulnerabilities known as Spectre and Meltdown.

Summary IBM has released the following fixpack for IBM Security Directory Suite in response to CVE-2017-5753 and CVE-2017-5754 Vulnerability Details CVEID: CVE-2017-5753 CVEID: CVE-2017-5754 Affected Products and Versions IBM Security Directory Suite ISDS 8.0.0, 8.0.1 Remediation/Fixes Product |...

5.6CVSS2.4AI score0.93838EPSS
Exploits13Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 10:6 p.m.63 views

Security Bulletin: IBM Security Identity Manager has released a fixpack in response to the vulnerabilities known as Spectre and Meltdown.

Summary IBM has released the following fixpack for IBM Security Identity Manager in response to CVE-2017-5753 and CVE-2017-5754. Vulnerability Details CVEID: CVE-2017-5753 CVEID: CVE-2017-5754 Affected Products and Versions IBM Security Identity Manager ISIM 7.0.0, 7.0.1 Remediation/Fixes Product...

5.6CVSS1.7AI score0.93838EPSS
Exploits13Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 10:4 p.m.63 views

Security Bulletin: IBM Security Guardium is affected by Open Source packages vulnerabilities

Summary IBM Security Guardium has addressed the following vulnerabilities Vulnerability Details CVEID: CVE-2017-2628 DESCRIPTION: cURL could allow a remote attacker to bypass security restrictions, caused by improper use of Negotiate authenticated HTTP connections for subsequent requests. An...

10CVSS1.3AI score0.81921EPSS
Exploits24Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 10:1 p.m.63 views

Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Tivoli Federated Identity Manager and IBM Tivoli Federated Identity Manager Business Gateway

Summary IBM WebSphere Application Server is shipped as a component of IBM Tivoli Federated Identity Manager and IBM Tivoli Federated Identity Manager Business Gateway. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin...

9.8CVSS0.8AI score0.57472EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:44 p.m.63 views

Security Bulletin: IBM Security Access Manager for Web is affected by vulnerabilities in OpenSSL

Summary Vulnerabilities have been identified in OpenSSL. IBM Security Access Manager for Web uses OpenSSL and is affected by these vulnerabilities. Vulnerability Details CVEID: CVE-2016-0799 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by a memory err...

10CVSS1.5AI score0.89058EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:30 p.m.63 views

Security Bulletin: Vulnerabilities in NTP affect IBM Security Network Protection (CVE-2015-1798, CVE-2015-1799, and CVE-2015-3405)

Summary Security vulnerabilities have been discovered in NTP used with IBM Security Network Protection. Vulnerability Details CVEID: CVE-2015-1798 DESCRIPTION: Network Time Protocol NTP Project NTP daemon ntpd could allow a remote attacker to bypass security restrictions, caused by the acceptance...

7.5CVSS0.5AI score0.05292EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:18 p.m.63 views

Security Bulletin: IBM QRadar SIEM 7.1 MR2, and 7.2 MR2 are affected by the following OpenSSL vulnerabilities: CVE-2014-0224, CVE-2014-0198, CVE-2010-5298

Summary Security vulnerabilities have been discovered in OpenSSL that were reported on June 5, 2014 by the OpenSSL Project. Vulnerability Details CVE-ID: CVE-2014-0224 DESCRIPTION: OpenSSL is vulnerable to a man-in-the-middle attack, caused by the use of weak keying material in SSL/TLS clients an...

7.4CVSS0.4AI score0.95326EPSS
Exploits9Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 8:0 p.m.63 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects IBM B2B Advanced Communications.

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 7.0 SR7 that is used by IBM Multi-Enterprise Integration Gateway. These issues were disclosed as part of the IBM Java SDK updates for October 2015 and January 2016. Vulnerability Details CVEID...

5.9CVSS0.9AI score0.05453EPSS
Exploits0Affected Software1
Total number of security vulnerabilities5000