Lucene search
K
IbmMost viewed

35596 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2021/07/02 1:49 p.m.61 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, which is a required product for IBM Tivoli Network Manager IP Edition (CVE-2021-26690, CVE-2021-26691)

Summary IBM WebSphere Application Server is a required product for IBM Tivoli Network Manager version 4.2.0.x Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins list...

1AI score0.68067EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/05/25 5:34 p.m.61 views

Security Bulletin: IBM License Key Server Administration and Reporting Tool is impacted by multiple vulnerabilities in jQuery, Bootstrap and AngularJS

Summary Multiple vulnerabilities have been found in jQuery, Bootstrap and AngularJS libraries that are used by IBM License Key Server LKS Administration and Reporting Tool ART. Mitigations have been identified and a fix has been published. Vulnerability Details CVEID: CVE-2019-14863 DESCRIPTION:...

7.1CVSS0.4AI score0.99019EPSS
Exploits16Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/05/19 10:6 a.m.61 views

Security Bulletin: IBM Elastic Storage System systems are affected by vulnerabilities in OpenSSL

Summary Security vulnerabilities have been discovered in OpenSSL. Vulnerability Details CVEID: CVE-2021-3450 DESCRIPTION: OpenSSL could allow a remote attacker to bypass security restrictions, caused by a a missing check in the validation logic of X.509 certificate chains by the X509VFLAGX509STRI...

7.4CVSS1.5AI score0.62906EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/05/12 4:9 p.m.61 views

Security Bulletin: Multiple OpenSSL Vulnerabilities Affect IBM Connect:Direct for HP NonStop

Summary IBM Connect:Direct for HP NonStop is affected by OpenSSL vulnerabilities CVE-2021-23839, CVE-2021-23840, and CVE-2021-23841. OpenSSL is vulnerable to a denial of service, caused by an integer overflow in CipherUpdate. By sending an overly long argument, an attacker could exploit this...

7.5CVSS7.1AI score0.50732EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/05/12 1:59 p.m.61 views

Security Bulletin: A security vulnerability in Node.js Lodash module affects IBM Cloud Automation Manager.

Summary A security vulnerability in Node.js Lodash module affects IBM Cloud Automation Manager. Vulnerability Details CVEID: CVE-2021-23337 DESCRIPTION: Node.js lodash module could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a command injection fla...

7.2CVSS2.5AI score0.2241EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/03/29 10:27 a.m.61 views

Security Bulletin: A security vulnerability has been identified in IBM® SDK, Java™ Technology Edition shipped with IBM Tivoli Business Service Manager (CVE-2020-14781)

Summary IBM® SDK, Java™ Technology Edition is shipped as a component of IBM Tivoli Business Service Manager. Information about security vulnerabilities affecting IBM® SDK, Java™ Technology Edition has been published in a security bulletin. Vulnerability Details Refer to the security bulletins...

4.3CVSS2.2AI score0.02296EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/02/20 6:41 a.m.61 views

Security Bulletin: Multiple vulnerability issues affect IBM Spectrum Conductor 2.5.0

Summary This interim fix provides instructions on upgrading third parity libraries in IBM Spectrum Conductor 2.5.0 in order to address security vulnerabilities CVE-2015-9251, CVE-2019-11358, CVE-2020-11022, CVE-2020-11023, CVE-2019-17359, CVE-2019-8331, CVE-2018-1000632, CVE-2018-10237,...

9.8CVSS1.1AI score0.99019EPSS
Exploits25Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/02/18 9:6 p.m.61 views

Security Bulletin: IBM QRadar Wincollect is vulnerable to improper access control (CVE-2020-4485, CVE-2020-4486)

Summary IBM QRadar Wincollect agents could allow authenticated users to bypass restrictions to delete arbitrary files or disable the Wincollect service. Vulnerability Details CVEID: CVE-2020-4485 DESCRIPTION: IBM QRadar could allow an authenticated user to disable the Wincollect service which cou...

8.1CVSS1.2AI score0.01506EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/02/11 4:57 p.m.61 views

Security Bulletin: Vulnerabilities in OpenSSL affect DataQuant for Workstation (CVE-2015-0204)

Summary OpenSSL vulnerabilities were disclosed on January 8, 2015 by the OpenSSL Project. This includes “FREAK: Factoring Attack on RSA-EXPORT keys" TLS/SSL client and server vulnerability. OpenSSL is used by IBM DataQuant for Workstation. IBM DataQuant for Workstation has addressed the applicabl...

4.3CVSS0.7AI score0.98685EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/10/16 7:51 a.m.61 views

Security Bulletin: Multiple Oracle Database Server Security Vulnerabilities Affect IBM Emptoris Program Management

Summary Multiple Oracle Database Server Security Vulnerabilities Affect IBM Emptoris Program Management Vulnerability Details CVEID: CVE-2020-2968 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the Java VM component could allow an authenticated attacker to take...

8CVSS6.7AI score0.02031EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/27 7:17 a.m.61 views

Security Bulletin: Rational Build Forge Security Advisory for Apache HTTP Server (CVE-2020-1927, CVE-2020-1934)

Summary There are multiple vulnerabilities in Apache HTTP Server affecting IBM Rational Build Forge. Vulnerability Details CVEID: CVE-2020-1927 DESCRIPTION: Apache HTTP Server could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability in the modrewrite...

6.1CVSS1.3AI score0.56691EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/06/03 8:30 a.m.61 views

Security Bulletin: Three vulnerabilities in Nimbus JOSE+JWT affect IBM Spectrum Conductor

Summary There are three vulnerabilities in Nimbus JOSE+JWT 3.1.2 used by IBM Spectrum Conductor 2.4.1, IBM Spectrum Conductor 2.4.0 and IBM Spectrum Conductor 2.3.0. IBM Spectrum Conductor 2.4.1, IBM Spectrum Conductor 2.4.0 and IBM Spectrum Conductor 2.3 have addressed the applicable CVEs...

7.5CVSS1AI score0.01256EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/04/07 4:23 p.m.61 views

Security Bulletin: IBM Security Information Queue uses components with known vulnerabilities (CVE-2019-8331, CVE-2019-11358)

Summary The IBM Security Information Queue ISIQ web server utilizes a Node.js runtime environment. The environment includes several open source packages with known vulnerabilities. As of ISIQ v1.0.6, the open source packages have been upgraded to the recommended secure versions. Vulnerability...

6.1CVSS0.6AI score0.87218EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/01/17 5:16 p.m.61 views

Security Bulletin: Security vulnerabilities affect IBM Cloud Object Storage SDK Java (November 2019 Bulletin)

Summary Security vulnerabilities affect IBM Cloud Object Storage SDK Java. These vulnerabilities have been addressed in the latest SDK 2.5.5 release. Vulnerability Details CVEID: CVE-2019-16335 DESCRIPTION: A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It ...

9.8CVSS0.5AI score0.10676EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/01/08 6:55 p.m.61 views

Security Bulletin: A security vulnerability has been identified in nginx shipped with PowerAI Vision

Summary Multiple vulnerabilities CVE-2019-9516, CVE-2019-9515, CVE-2019-9517, CVE-2019-9518, CVE-2019-9511, CVE-2019-9513 in nginx Vulnerability Details CVEID: CVE-2019-9516 DESCRIPTION: Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of service. The...

7.8CVSS0.2AI score0.87806EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/10/18 3:10 a.m.61 views

Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Netezza Host Management

Summary OpenSSL vulnerabilities were disclosed on March 1, 2016 by the OpenSSL Project. OpenSSL is used by IBM Netezza Host Management. IBM Netezza Host Management has addressed the applicable CVEs including the “DROWN: Decrypting RSA with Obsolete and Weakened eNcryption" vulnerability...

10CVSS1.4AI score0.82112EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/10/10 7:56 p.m.61 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM License Metric Tool v9 and IBM BigFix Inventory v9

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 used by IBM License Metric Tool and IBM BigFix Inventory. These issues were disclosed as part of the IBM Java SDK updates in Jan 2018 Vulnerability Details CVEID: CVE-2018-2579 DESCRIPTION: An unspecified...

8.3CVSS1.1AI score0.06905EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/08/15 6:53 p.m.61 views

Security Bulletin: Aspera Shares application is affected by multiple NGINX Vulnerabilities (CVE-2019-12206, CVE-2019-12207, CVE-2019-12208, CVE-2019-13617, CVE-2018-16845, CVE-2018-16843, CVE-2019-7401)

Summary IBM Aspera Shares has addressed the following NGINX vulnerabilities. Vulnerability Details CVEID: CVE-2019-7401 DESCRIPTION: NGINX Unit is vulnerable to a denial of service, caused by a heap-based buffer overflow in the router process. By sending a specially-crafted request, a remote...

9.8CVSS1.3AI score0.47057EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/04/24 8:50 p.m.61 views

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Cognos Business Intelligence

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 7 used by IBM Cognos Business Intelligence 10.2.2 and 10.2.1.1. IBM Cognos Business Intelligence has addressed the applicable CVEs. These issues were disclosed as part of the IBM Java SDK updates in July 2018...

10CVSS1AI score0.26335EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/04/02 4:35 p.m.61 views

Security Bulletin: A security vulnerability has been identified in IBM HTTP Server shipped with IBM Rational ClearQuest (CVE-2018-17199)

Summary IBM HTTP Server IHS is shipped as a component of IBM Rational ClearQuest. Information about a security vulnerability affecting IHS has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section. Affected Products an...

7.5CVSS0.9AI score0.19994EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/30 8:35 a.m.61 views

Security Bulletin: Flex System Chassis Management Module (CMM) is affected by vulnerabilities in OpenSSL (CVE-2014-0160 and CVE-2014-0076)

Summary Security vulnerabilities have been discovered in OpenSSL. Vulnerability Details Abstract Security vulnerabilities have been discovered in OpenSSL. Content Vulnerability Details: CVE ID: CVE-2014-0160 Description: OpenSSL could allow a remote attacker to obtain sensitive information, cause...

7.5CVSS0.3AI score0.99999EPSS
Exploits88
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/30 8:20 a.m.61 views

Security Bulletin: Flex System Manager (FSM) Denial of Service (CVE-2011-3188)

Summary Denial of service due to weaknesses in the linux kernel. Vulnerability Details Abstract Denial of service due to weaknesses in the linux kernel. Content Vulnerability Details: CVE ID: CVE-2011-3188 Description: The FSM embedded linux kernel is susceptible to denial of service attacks...

9.1CVSS0.5AI score0.05689EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/16 8:5 p.m.61 views

Security Bulletin: IBM FileNet Content Manager affected by Apache HttpClient security vulnerability

Summary Security vulnerability may affect Apache HttpClient used by IBM FileNet Content Manager. Vulnerability Details CVEID: CVE-2012-5783 DESCRIPTION: Apache Commons HttpClient could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname...

5.8CVSS0.5AI score0.09254EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/09 10:10 p.m.61 views

Security Bulletin: Multiple Security vulnerabilities have been fixed in the IBM Security Access Manager Appliance

Summary IBM Security Access Manager Appliance has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2017-15906 DESCRIPTION: OpenSSH is vulnerable to a denial of service, caused by an error in the processopen function when in read-only mode. A remote authenticated attacker...

10CVSS0.9AI score0.83645EPSS
Exploits9Affected Software3
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/04 11:10 p.m.61 views

Security Bulletin: IBM Content Navigator is affected by a vulnerability in Apache Apache Commons BeanUtils (CVE-2014-0114)

Summary IBM Content Navigator has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2014-0114 DESCRIPTION: Apache Struts could allow a remote attacker to execute arbitrary code on the system, caused by the failure to restrict the setting of Class Loader attributes. An attack...

7.5CVSS1.6AI score0.95821EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/12/17 3:0 p.m.61 views

Security Bulletin: Vulnerabilities in OpenSSL affect PowerKVM

Summary PowerKVM is affected by vulnerabilities in OpenSSL. IBM has now addressed these vulnerabilities. Vulnerability Details CVEID: CVE-2018-0732 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by the sending of a very large prime value to the client by a malicious server duri...

7.5CVSS1.1AI score0.49268EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/11/13 3:55 p.m.61 views

Security Bulletin: IBM Planning Analytics Local is affected by multiple Node.js vulnerabilities

Summary The Planning Analytics Workspace component of IBM Planning Analytics is vulnerable to multiple Node.js vulnerabilities including OpenSSL vulnerabilities in Node.js. The version of Node.js use by IBM Planning Analytics Workspace has been upgraded to address these vulnerabilities...

8.8CVSS0.6AI score0.49268EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/08/09 4:20 a.m.61 views

Security Bulletin: Multiple Vulnerabilities in Current Release of IBM® SDK for Node.js™

Summary Multiple vulnerabilities in OpenSSL disclosed on August 6, 2014 by the OpenSSL Project, plus a vulnerability in the V8 JavaScript engine Vulnerability Details CVE-ID: CVE-2014-3512 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by an internal buffer overrun. A remote...

7.5CVSS1.2AI score0.7408EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 1:36 a.m.61 views

Security Bulletin: Vulnerabilities in the Linux Kernel affect PowerKVM

Summary PowerKVM is affected by vulnerabilities in the Linux Kernel. IBM has now addressed these vulnerabilities. Vulnerability Details CVEID: CVE-2016-9604 DESCRIPTION: Linux Kernel could allow a local attacker to bypass security restrictions, caused by an error in the built-in keyrings for...

10CVSS1AI score0.14281EPSS
Exploits21Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 12:7 a.m.61 views

Security Bulletin: Storage HMC OpenSSL upgrade to address cryptographic vulnerabilities.

Summary Storage HMC included in releases prior to R7.2 use OpenSSL versions that had errors in cryptographic libraries that could allow remote attackers to conduct buffer overflow attacks, and cause a denial of service memory corruption. Vulnerability Details CVE ID: CVE-2012-2131 CVE-2012-2110...

7.6CVSS0.4AI score0.48298EPSS
Exploits12Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 10:30 p.m.61 views

Security Bulletin: Vulnerabilities in OpenSSL affect IBM SmartCloud Provisioning.

Summary Security vulnerabilities have been discovered in OpenSSL that were reported on June 5, 2014 by the OpenSSL Project CVE-2014-0224, CVE-2014-0221, CVE-2014-0195, CVE-2014-0198, CVE-2010-5298, CVE-2014-3470, CVE-2014-0076. Vulnerability Details CVE-ID: CVE-2014-0224 DESCRIPTION: OpenSSL is...

7.4CVSS1.2AI score0.99977EPSS
Exploits14Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 12:17 p.m.61 views

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Enterprise Content Management System Monitor (CVE-2016-6304, CVE-2016-2177)

Summary OpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL is used by IBM Enterprise Content Management System Monitor. IBM Enterprise Content Management System Monitor has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-6304...

9.8CVSS1.1AI score0.63029EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 5:23 a.m.61 views

Security Bulletin: Multiple security vulnerabilities have been identified in Jazz Reporting Service shipped with Rational Reporting for Development Intelligence (CVE-2017-12615, CVE-2017-12616, CVE-2017-12617)

Summary Jazz Reporting Service is shipped as a component of Rational Reporting for Development Intelligence RRDI. Information about multiple security vulnerabilities affecting Jazz Reporting Service has been published in a security bulletin. Vulnerability Details CVEID: CVE-2017-12617 DESCRIPTION...

8.1CVSS0.9AI score0.99988EPSS
Exploits39Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 5:23 a.m.61 views

Security Bulletin: Multiple security vulnerabilities have been identified in Jazz Team Server shipped with Jazz Reporting Service (CVE-2017-10115, CVE-2017-10116, CVE-2017-10053)

Summary Jazz Team Server is shipped as a component of Jazz Reporting Service JRS. Information about multiple security vulnerabilities affecting Jazz Team Server and Jazz-based products has been published in a security bulletin. Vulnerability Details CVEID: CVE-2017-10115 DESCRIPTION: An unspecifi...

8.3CVSS0.9AI score0.03524EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 5:18 a.m.61 views

Security Bulletin: Multiple security vulnerabilities have been identified in Jazz Team Server shipped with Jazz Reporting Service (CVE-2016-6816,CVE-2016-8735)

Summary Jazz Team Server is shipped as a component of Jazz Reporting Service JRS. Information about multiple security vulnerabilities affecting Jazz Team Server and Jazz-based products has been published in a security bulletin. Vulnerability Details CVEID: CVE-2016-6816 DESCRIPTION: Apache Tomcat...

9.8CVSS0.6AI score0.90338EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 4:57 a.m.61 views

Security Bulletin: Rational Directory Server and Rational Directory Administrator can be affected by vulnerabilities (CVE-2014-4263, CVE-2014-0075, CVE-2014-0096, CVE-2014-0099 and CVE-2014-0119)

Summary This security bulletin is a notice of security vulnerabilities in IBM Runtime Environment, Java Technology Edition and Apache Tomcat server which impacts IBM Rational Directory Server 5.2.x, 5.1.1.x and Rational Directory Administrator 6.x. Vulnerability Details | Subscribe to My...

5CVSS0.4AI score0.2006EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:50 p.m.61 views

Security Bulletin: Apache Solr as used in IBM QRadar SIEM and Incident Forensics is vulnerable to a denial of service (CVE-2014-0050)

Summary Apache Solr is vulnerable to a denial of service attack. Vulnerability Details CVEID: CVE-2014-0050 DESCRIPTION: Apache Commons FileUpload, as used in Apache Tomcat, Solr, and other products is vulnerable to a denial of service, caused by the improper handling of Content-Type HTTP header...

7.5CVSS1AI score0.83175EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 8:12 p.m.62 views

Security Bulletin: Vulnerability in Apache POI affects IBM Emptoris Services Procurement (CVE-2017-5644)

Summary Open Source Apache Poi vulnerability affects IBM Emptoris Services Procurement Vulnerability Details CVE-ID: CVE-2017-5644 Description: Apache POI is vulnerable to a denial of service, cause by an XML External Entity Injection XXE error when processing XML data. By using a specially-craft...

7.1CVSS5.9AI score0.04595EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 1:58 p.m.61 views

Security Bulletin: Vulnerabilities in Bash affect IBM Smart Analytics System 5600 (CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, CVE-2014-6278)

Summary Six Bash vulnerabilities were disclosed in September 2014. This bulletin addresses the vulnerabilities that have been referred to as “Bash Bug” or “Shellshock” and two memory corruption vulnerabilities. Bash is used by the IBM Smart Analytics System 5600. Vulnerability Details CVE-ID:...

10CVSS1.7AI score0.99999EPSS
Exploits158Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 1:39 p.m.61 views

Security Bulletin: Vulnerability in IBM Java Runtime affects IBM ILOG CPLEX Optimization Studio (CVE-2016-0603)

Summary There is a vulnerability in IBM® Runtime Environment Java™ Technology Edition, Version 6 & 7 that are used by IBM ILOG CPLEX Optimization Studio. JRE installation executables on the Windows platform are affected by this vulnerability. Vulnerability Details CVE-ID: CVE-2016-0603 Descriptio...

7.6CVSS8.4AI score0.04066EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 1:36 p.m.61 views

Security Bulletin: Vulnerability in GSKit affect IBM SPSS Modeler (CVE-2015-1788)

Summary GSKit is an internal component used by IBM SPSS Modeler. The GSKit contains a security vulnerability which may cause infinite loop. The issue is identified by the specified CVE below. Vulnerability Details CVEID: CVE-2015-1788 DESCRIPTION: OpenSSL is vulnerable to a denial of service,...

4.3CVSS2.1AI score0.23222EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 1:6 p.m.61 views

Security Bulletin: Link Injection vulnerability in GDS component of IBM® InfoSphere® Master Data Management - Collaborative Edition (CVE-2014-0970)

Summary Link Injection vulnerabilities can allow an attacker to embed links URLs to an external site or to different pages forms within IBM® InfoSphere® Master Data Management - Collaborative Edition. The links can appear to be valid application links. Clicking a link might cause the user to...

3.5CVSS5.3AI score0.00772EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:9 a.m.61 views

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect WebSphere Extreme Scale

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 6, 7 and 8 used by WebSphere eXtreme Scale. These issues were disclosed as part of the IBM Java SDK updates in January 2018. Vulnerability Details If you run your own Java code using the IBM Java Runtime delivere...

8.3CVSS1.2AI score0.06905EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:9 a.m.61 views

Security Bulletin: Multiple vulnerabilities in the IBM HTTP Server bundled with IBM WebSphere Application Server Patterns and IBM WebSphere Application Server for Cloud (CVE-2017-15710, CVE-2017-15715, CVE-2018-1301)

Summary IBM HTTP Server is shipped as a component of IBM WebSphere Application Server Patterns and IBM WebSphere Application Server for Cloud. Information about security vulnerabilities affecting IBM HTTP Server has been published in a security bulletin. Vulnerability Details Please consult the...

1.1AI score0.86006EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:7 a.m.61 views

Security Bulletin: Multiple vulnerabilities may affect IBM® SDK, Java™ Technology Edition

Summary Java SE issues disclosed in the Oracle April 2017 Critical Patch Update, plus five additional vulnerabilities Vulnerability Details CVE IDs: CVE-2017-3514 CVE-2017-3512 CVE-2017-3511 CVE-2017-3509 CVE-2017-3544 CVE-2017-3533 CVE-2017-3539 CVE-2017-1289 CVE-2016-9840 CVE-2016-9841...

9.8CVSS6.9AI score0.07489EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:0 a.m.61 views

Security vulnerability found in IBM WebSphere Application Server shipped with IBM PureApplication System (CVE-2014-0114)

Abstract Information about a security vulnerability affecting IBM WebSphere Application Server shipped as a component of IBM PureApplication System has been published in a security bulletin. Content IBM WebSphere Application Server is shipped as a component of IBM PureApplication System...

7.5CVSS1.8AI score0.95821EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/29 2:31 a.m.60 views

Security Bulletin: IBM Spectrum Control is vulnerable to multiple weaknesses related to Node.js

Summary Vulnerabilities in Node.js such as remote attacker bypass security restrictions may affect IBM Spectrum Control. Vulnerability Details CVEID:CVE-2023-30581 DESCRIPTION: Node.js could allow a remote attacker to bypass security restrictions, caused by the use of proto in...

8.8CVSS8AI score0.01817EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/26 3:56 a.m.60 views

Security Bulletin: Unauthenticated Path Traversal security vulnerability CVE-2023-38366 in IBM Content Navigator in FileNet Content Manager

Summary Unauthenticated Path Traversal security vulnerability CVE-2023-38366 in Administration Console for Content Platform Engine ACCE/IBM Content Navigator ICN in FileNet Content Manager FNCM Vulnerability Details CVEID:CVE-2023-38366 DESCRIPTION: IBM Content Navigator could allow a remote...

5.3CVSS5.3AI score0.00754EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/29 9:9 p.m.60 views

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation Fixes for June 2024.

Summary In addition to OS level package updates, multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 21.0.3-IF034 and 23.0.2-IF006. Vulnerability Details CVEID:CVE-2024-28849 DESCRIPTION: Node.js follow-redirects module could allow a remote authenticated...

8.1CVSS9.6AI score0.99999EPSS
Exploits23Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2024/11/26 9:40 a.m.60 views

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Process Mining Interim Fix for Nov 2024

Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed with IBM Process Mining 1.15.0 IF004 Vulnerability Details CVEID:CVE-2024-38821 DESCRIPTION: VMware Tanzu Spring Security could allow a remote attacker to bypass security...

9.8CVSS9.1AI score0.66594EPSS
Exploits16Affected Software1
Total number of security vulnerabilities5000