Lucene search
K
IbmMost viewed

35744 matches found

IBM Security Bulletins
IBM Security Bulletins
•added 2022/04/14 4:25 p.m.•59 views

Security Bulletin: OpenSSL for IBM i is vulnerable to a denial of service due to a flaw in the BN_mod_sqrt() function (CVE-2022-0778)

Summary OpenSSL is vulnerable to a denial of service due to a flaw in the BNmodsqrt function as described in the vulnerability details section. IBM i has addressed the vulnerability in OpenSSL with a fix as described in the remediation/fixes section. Vulnerability Details CVEID: CVE-2022-0778...

7.5CVSS2.1AI score0.70561EPSS
Exploits2Affected Software4
IBM Security Bulletins
IBM Security Bulletins
•added 2022/03/28 4:18 p.m.•59 views

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Integration Bus and IBM App Connect Enterprise v11 & v12 (CVE-2021-3711)

Summary Vulnerabilities in OpenSSL affect IBM Integration Bus and IBM App Connect Enterprsie. The DataDirect ODBC Drivers & Nodejs used by IBM App Connect Enterprise and IBM Integration Bus have addressed the applicable CVEs Vulnerability Details CVEID: CVE-2021-3711 DESCRIPTION: OpenSSL is...

9.8CVSS9.9AI score0.87816EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
•added 2022/03/25 6:0 a.m.•59 views

Security Bulletin: Multiple security vulnerabilities have been identified in IBM HTTP Server shipped with IBM Rational ClearCase (CVE-2022-22719, CVE-2022-22720, CVE-2022-22721)

Summary IBM HTTP Server IHS is shipped as a component of IBM Rational ClearCase. Information about a security vulnerability affecting IHS has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and...

9.8CVSS8.8AI score0.69803EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2022/03/12 2:43 a.m.•59 views

Security Bulletin: IBM Spectrum Copy Data Management is vulnerable to Slowloris, HTTP header injection, XSS, and CSRF (CVE-2022-22354, CVE-2022-22344, CVE-2021-39055, CVE-2021-39051)

Summary IBM Spectrum Copy Data Management is vulnerable to Slowloris HTTP denial of service, HTTP header injection, cross-site scripting XSS, and server-side request forgery CSRF attacks. Vulnerability Details CVEID: CVE-2022-22354 DESCRIPTION: IBM Spectrum Protect Plus and IBM Spectrum Copy Data...

7.5CVSS6.2AI score0.00904EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2022/02/16 10:9 p.m.•59 views

Security Bulletin: Multiple vulnerabilities in OpenSSL affect ProtecTIER

Summary OpenSSL vulnerabilities were disclosed on March 1, 2016 by the OpenSSL Project. OpenSSL is used by ProtecTIER. ProtecTIER has addressed the applicable CVEs including the “DROWN: Decrypting RSA with Obsolete and Weakened eNcryption" vulnerability. Vulnerability Details CVEID: CVE-2016-0800...

7.5CVSS8.6AI score0.82112EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2022/01/21 10:22 p.m.•59 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM i

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition and IBM® Runtime Environment Java™ used by IBM i. IBM i has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2021-35560 DESCRIPTION: An unspecified vulnerability in Java SE related to the Deployment...

9.8CVSS7.4AI score0.14839EPSS
Exploits0Affected Software5
IBM Security Bulletins
IBM Security Bulletins
•added 2022/01/14 10:51 a.m.•59 views

Security Bulletin: Vulnerabilities in Apache Log4j may affect Cúram Social Program Management (CVE-2021-44832 , CVE-2021-45105)

Summary IBM Cúram Social Program Management SPM uses the Apache Log4j libraries for SPM logging infrastructure. There are publicly known vulnerabilities for Apache Log4j which could allow a remote attacker to execute arbitrary code on the system. Vulnerability Details CVEID: CVE-2021-44832...

10CVSS2.6AI score0.99999EPSS
Exploits357Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2022/01/07 4:30 a.m.•59 views

Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Rational ClearCase (CVE-2021-45105, CVE-2021-44832)

Summary IBM WebSphere Application Server WAS is shipped as a component of IBM Rational ClearCase. Information about security vulnerabilities affecting WAS have been published in security bulletins. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

8.5CVSS1.5AI score0.99999EPSS
Exploits22Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2021/12/21 5:52 p.m.•59 views

Security Bulletin: IBM Event Streams affected by multiple vulnerabilities in the Java runtime

Summary IBM Event Streams affected by multiple vulnerabilities in the Java runtime Vulnerability Details CVEID: CVE-2021-35560 DESCRIPTION: An unspecified vulnerability in Java SE related to the Deployment component could allow an unauthenticated attacker to take control of the system. CVSS Base...

9.8CVSS7.3AI score0.14839EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2021/12/15 6:5 p.m.•59 views

Security Bulletin: Jnuary 2017 OpenSSL Vulnerabilities affect Multiple N series Products

Summary Multiple N series products incorporate the OpenSSL software libraries to provide cryptographic capabilities. OpenSSL versions below 1.0.2k and 1.1.0d are susceptible to vulnerabilities that could lead to out-of-bound reads, process crashes, Denial of Service DoS attacks, or incorrect...

7.5CVSS7.6AI score0.57595EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2021/10/06 12:37 p.m.•59 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Security Guardium

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 used by IBM Security Guardium. These issues were disclosed as part of the IBM Java SDK updates in July 2019. Vulnerability Details CVEID: CVE-2019-2766 DESCRIPTION: An unspecified vulnerability in Oracle Ja...

5.8CVSS7.1AI score0.09393EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2021/10/02 12:20 a.m.•59 views

Security Bulletin: Multiple vulnerabilities in Node.js affect IBM Cloud Pak for Automation

Summary The vulnerabilities are related to Node.js and its modules. Vulnerability Details CVEID: CVE-2021-32804 DESCRIPTION: Node.js tar module could allow a local attacker to traverse directories on the system, caused by insufficient absolute path sanitization. An attacker could use a...

8.2CVSS0.9AI score0.23132EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2021/10/01 2:49 a.m.•59 views

Security Bulletin: Vulnerability in IBM HTTP Server used by WebSphere Application Server shipped with IBM Security Access Manager for Enterprise Single Sign-On (CVE-2021-39275)

Summary IBM WebSphere Application Server is shipped with IBM Security Access Manager for Enterprise Single Sign-On. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletin...

0.6AI score0.36339EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2021/09/23 1:31 a.m.•59 views

Security Bulletin: Vulnerability in kernel affects Power Hardware Management Console (‪CVE-2016-3134‬‬)

Summary Power Hardware Management Console is affected by security vulnerabilities in the Linux Kernel. Power Hardware Management Console has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2016-3134 DESCRIPTION: Linux Kernel could allow a remote attacker to execute arbitrary code o...

8.4CVSS1.1AI score0.01234EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2021/06/28 8:41 p.m.•59 views

Security Bulletin: Vulnerabilities in Python, Tornado, and Urllib3 affect IBM Spectrum Protect Plus Microsoft File Systems Backup and Restore

Summary IBM Spectrum Protect Plus Microsoft® File Systems backup and restore may be affected by vulnerabilities in Python, Tornado. and Urllib3 such as server-side request forgery, HTTP response splitting, buffer overflow, and man-in-the-middle attacks. Vulnerability Details CVEID: CVE-2021-29921...

9.8CVSS1.2AI score0.23293EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2021/06/23 1:16 p.m.•59 views

Security Bulletin: IBM Cloud Transformation Advisor is affected by Node.js vulnerabilities

Summary IBM Cloud Transformation Advisor has addressed Node.js vulnerabilities CVE-2021-3450 and CVE-2021-3449 Vulnerability Details CVEID: CVE-2021-3450 DESCRIPTION: OpenSSL could allow a remote attacker to bypass security restrictions, caused by a a missing check in the validation logic of X.50...

7.4CVSS0.9AI score0.62906EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2021/06/08 10:33 p.m.•59 views

Security Bulletin: IBM DataPower Gateway may allow a potential DoS when importing malicious ZIP files (CVE-2019-13232)

Summary IBM has addressed CVE-2019-13232 Vulnerability Details CVEID: CVE-2019-13232 DESCRIPTION: Info-ZIP UnZip is vulnerable to a denial of service, caused by mishandling the overlapping of files inside a ZIP container. By persuading a victim to open a specially crafted file, a remote attacker...

3.3CVSS1.8AI score0.00495EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2021/06/08 10:18 p.m.•59 views

Security Bulletin: A vulnerability in GSKit affects IBM DataPower Gateways (CVE-2015-1788)

Summary An OpenSSL denial of service vulnerability disclosed by the OpenSSL Project affects GSKit. IBM DataPower Gateways uses GSKit in certain moduels - namely MQ, ISAM/TAM, JMS. IBM DataPower Gateways has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2015-1788 DESCRIPTION:...

4.3CVSS6.3AI score0.23222EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2021/05/14 9:38 p.m.•59 views

Security Bulletin: Multiple CKEditor Vulnerabilities Affect IBM Control Center

Summary Muliple CKEditor vulnerablities affect IBM Control Center. See vulnerability details for descriptions. Vulnerability Details CVEID: CVE-2018-17960 DESCRIPTION: CKEditor is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could...

6.5CVSS0.9AI score0.04327EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2021/05/13 9:45 p.m.•59 views

Security Bulletin: Cloud Pak for Security contains security vulnerabilities

Summary Cloud Pak for Security v 1.6.0.1 and earlier contains security vulnerabilities, addressed in Cloud Pak for Security v 1.7.0.0 Vulnerability Details CVEID: CVE-2020-10543 DESCRIPTION: Perl is vulnerable to a heap-based buffer overflow, caused by an integer overflow in the nested regular...

9.8CVSS9.7AI score0.77385EPSS
Exploits13Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2021/03/23 10:13 p.m.•59 views

Security Bulletin: Multiple Vulnerabilities in IBM Java Runtime Affect IBM Sterling Connect:Direct for UNIX

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions 8.0.6.0, 8.0.5.40, 8.0.5.35, 8.0.5.30, and 7.0.10.40, used by IBM Sterling Connect:Direct for UNIX. IBM Sterling Connect:Direct for UNIX has addressed the applicable CVEs. Vulnerability Details CVEID:...

5.3CVSS1.5AI score0.04044EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2021/03/11 10:46 a.m.•59 views

Security Bulletin: IBM Watson OpenScale on Cloud Pak for Data is impacted by CVE-2020-14422

Summary IBM Watson OpenScale on Cloud Pak for Data has addressed CVE-2020-14422 Vulnerability Details CVEID: CVE-2020-14422 DESCRIPTION: Python is vulnerable to a denial of service, caused by improper computing hash values in the IPv4Interface and IPv6Interface classes in Lib/ipaddress.py. By...

5.9CVSS1.9AI score0.12826EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2020/12/16 7:51 p.m.•59 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Performance Tester

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 1.8 and IBM® Runtime Environment Java™ Version 1.8 used by Rational Performance Tester. Rational Performance Tester has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2020-14579 DESCRIPTION: ...

4.3CVSS1.6AI score0.04044EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2020/10/27 3:51 p.m.•59 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Rational Developer for System z (CVE-2015-0138, CVE-2015-0410, CVE-2014-6593)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 6 and 7 that is used by Rational Developer for System z. These issues were disclosed as part of the IBM Java SDK updates in January 2015. This bulletin also addresses the “FREAK: Factoring Attack on RSA-EXPO...

5CVSS0.9AI score0.67234EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2020/07/24 9:16 p.m.•59 views

Security Bulletin: Multiple vulnerabilities may affect IBM® SDK, Java™ Technology Edition

Summary Java SE issues disclosed in the Oracle April 2020 Critical Patch Update minus CVE-2020-2773. The fix for CVE-2020-2773 is targeted for a future release and will be covered by an additional bulletin. Vulnerability Details CVEID: CVE-2020-2805 DESCRIPTION: An unspecified vulnerability in Ja...

8.3CVSS1.4AI score0.0623EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2020/07/07 5:41 p.m.•59 views

Security Bulletin: Third party vulnerable library Jackson-Databind affects IBM Engineering Lifecycle Optimization - Publishing

Summary There are some vulnerabilities in the Jackson-Databind library that affects IBM Engineering Lifecycle Optimization - Publishing Vulnerability Details CVEID: CVE-2018-7489 DESCRIPTION: FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused ...

10CVSS1AI score0.49727EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2020/06/29 10:30 a.m.•59 views

Security Bulletin: A vulnerability in the IBM Java Runtime affects IBM Rational ClearQuest (CVE-2020-2654)

Summary There is a vulnerability in the IBM® Runtime Environment Java™ Versions 7 and 8, which are used by IBM Rational ClearQuest. This issue was disclosed as part of the IBM Java SDK updates in January 2020 deferred from Oracle Jan 2020 CPU. Vulnerability Details CVEID: CVE-2020-2654 DESCRIPTIO...

6.8CVSS1.3AI score0.03823EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2020/06/24 2:29 p.m.•59 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2020-4449)

Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions including Maximo for Energy Optimization, Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life...

7.5CVSS0.9AI score0.03932EPSS
Exploits0Affected Software20
IBM Security Bulletins
IBM Security Bulletins
•added 2020/06/12 8:32 p.m.•59 views

Security Bulletin: Vulnerability in Apache Tomcat affects IBM Spectrum Protect Plus (CVE-2020-1938)

Summary An Apache Tomcat vulnerability which could allow a remote attacker to execute arbitrary code on the system affects IBM Spectrum Protect Plus. Vulnerability Details CVEID: CVE-2020-1938 DESCRIPTION: Apache Tomcat could allow a remote attacker to execute arbitrary code on the system, caused...

9.8CVSS2.2AI score0.9927EPSS
Exploits45Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2020/06/09 3:43 a.m.•59 views

Security Bulletin: Multiple vulnerabilities of Mozilla Firefox (less than Firefox 68.6.0 ESR) hava affected Synthetic Playback Agent 8.1.4.0-8.1.4 IF11 + ICAM2019.3.0 - 2020.1.0

Summary Synthetic Playback Agent has addressed the following vulnerabilities: CVE-2020-6811, CVE-2020-6805, CVE-2020-6805, CVE-2020-6806, CVE-2020-6807 Vulnerability Details CVEID: CVE-2020-6811 DESCRIPTION: Mozilla Firefox could allow a remote attacker to execute arbitrary commands on the system...

9.8CVSS3.1AI score0.03191EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2020/06/04 3:26 p.m.•59 views

Security Bulletin: IBM Integrated Management Module II (IMM2) is affected by multiple vulnerabilities in libssh2

Summary The following vulnerabilities in libssh2 have been addressed by IBM Integrated Management Module II IMM2. Vulnerability Details CVEID: CVE-2019-3857 DESCRIPTION: libssh2 could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow. By sending a...

9.3CVSS1.6AI score0.09219EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
•added 2020/05/07 4:6 p.m.•59 views

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect ITCAM for SOA (Jan 2020)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 6/7 used by ITCAM for SOA. ITCAM for SOA has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2020-2604 DESCRIPTION: An unspecified vulnerability in Java SE could allow an unauthenticated attacker ...

8.1CVSS2.1AI score0.04903EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2020/04/20 2:38 p.m.•59 views

Security Bulletin: Security vulnerabilities in OpenSSL used by Rational Build Forge (CVE-2017-3737 and CVE-2017-3738)

Summary OpenSSL, used by Rational Build Forge, has security vulnerabilities that allows a remote attacker to exploit the application. Respective security vulnerabilities are discussed in detail in the subsequent sections. Vulnerability Details CVEID: CVE-2017-3738 DESCRIPTION: OpenSSL could allow...

5.9CVSS0.5AI score0.83645EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2020/04/10 1:55 a.m.•59 views

Security Bulletin: Multiple vulnerabilities in jackson-databind affect IBM Platform Symphony and IBM Spectrum Symphony

Summary Multiple vulnerabilities exist in the Jackson databind, core, and annotations version used by IBM Spectrum Symphony V7.3, V7.2.1, V7.2.0.2, and V7.1.2, and IBM Platform Symphony V7.1.1 and V7.1 Fix Pack 1. Interim fixes that provide instructions on upgrading the Jackson databind, core, an...

9.8CVSS1.6AI score0.18671EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2020/03/27 9:4 a.m.•59 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM License Metric Tool v9.

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 used by IBM License Metric Tool. These issues were disclosed as part of the IBM Java SDK updates in Jan 2020. Vulnerability Details CVEID: CVE-2020-2604 DESCRIPTION: An unspecified vulnerability in Java SE...

8.1CVSS2AI score0.04903EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2020/02/28 4:57 p.m.•59 views

Security Bulletin: A vulnerability in Python affects IBM Operations Analytics Predictive Insights (CVE-2019-10160)

Summary Python is used by IBM Operations Analytics Predictive Insights. IBM Operations Analytics Predictive Insights has addressed the applicable CVE. Note that the usage of Python within IBM Operations Analytics Predictive Insights is limited to the REST Mediation utility. If you do not use that...

9.8CVSS1.2AI score0.08811EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2019/06/28 3:35 p.m.•59 views

Security Bulletin: Vulnerability affects Watson Explorer Foundational Components (CVE-2019-1559)

Summary Security vulnerability affects IBM Watson Explorer Foundational Components. Vulnerability Details CVEID: CVE-2019-1559 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by the failure to immediately close the TCP connection after the hosts encounte...

5.9CVSS0.5AI score0.17139EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2019/05/08 8:55 p.m.•60 views

Security Bulletin: IBM DataPower Gateway is affected by a message spoofing vulnerability (CVE-2019-6110)

Summary IBM DataPower Gateway has addressed the following vulnerability. CVE-2019-6110 Vulnerability Details CVEID: CVE-2019-6110 DESCRIPTION: OpenSSH could allow a remote attacker to conduct spoofing attacks, caused by accepting and displaying arbitrary stderr output from the scp server. A...

6.8CVSS1.5AI score0.20906EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2019/04/15 3:25 p.m.•59 views

Security Bulletin: IBM BladeCenter Advanced Management Module (AMM) is affected by vulnerabilities in GNU glibc (CVE-2017-15804 CVE-2017-15670 CVE-2015-5180)

Summary IBM Advanced Management Module AMM has addressed the following vulnerabilities in GNU glibc. Vulnerability Details CVEID: CVE-2017-15804 DESCRIPTION: GNU C Library aka glibc or libc6 is vulnerable to a buffer overflow, caused by improper bounds checking by glob function in glob.c. By usin...

9.8CVSS1.1AI score0.06219EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2019/02/20 10:0 p.m.•59 views

Security Bulletin: Vulnerabilities CVE-2018-17199, CVE-2018-17189, and CVE-2019-0190 in the IBM i HTTP Server affect IBM i.

Summary HTTP Server is supported by IBM i. IBM i has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2019-0190 DESCRIPTION: Apache HTTP Server is vulnerable to a denial of service, caused by the improper handling of client negotiations by modssl. By sending a specially crafted...

7.5CVSS1.2AI score0.59942EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2019/01/31 1:45 a.m.•59 views

Security Bulletin: Vulnerabilities in rpm affect IBM Flex System Manager (FSM): (CVE-2013-6435, CVE-2014-8118)

Summary Vulnerabilities have been found in the rpm package included in IBM Flex System Manager FSM. Vulnerability Details Abstract Vulnerabilities have been found in the rpm package included in IBM Flex System Manager FSM. Content Vulnerability Details: CVE-ID: CVE-2013-6435 Description: RPM...

10CVSS0.9AI score0.07669EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2019/01/29 9:10 p.m.•59 views

Security Bulletin: Multiple vulnerabilities in Node.js affect IBM Rational Application Developer for WebSphere Software

Summary Multiple Node.js vulnerabilities were disclosed by the Node.js project. Node.js is used by the Cordova tools in IBM Rational Application Developer for WebSphere Software. IBM Rational Application Developer for WebSphere Software has addressed the applicable CVEs. Vulnerability Details...

8.1CVSS0.5AI score0.41288EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2018/11/21 10:55 p.m.•59 views

Security Bulletin: Multiple vulnerabilities in Apache Tomcat, Open SSL, and Apache HTTPD affects Rational Build Forge

Summary Apache Tomcat, Open SSL, and Apache Tomcat have multiple security vulnerabilities that could allow a remote attacker to exploit the Rational Build Forge application. Respective security vulnerabilities are discussed in detail in the subsequent sections. Vulnerability Details This section...

9.8CVSS0.3AI score0.51714EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2018/11/20 12:45 p.m.•59 views

Security Bulletin: Multiple vulnerabilities in Node.js affect IBM Integration Bus & IBM App Connect Enterprise V11

Summary IBM Integration Bus & IBM App connect Enterprise V11 ship with Node.js version 8 for which multiple vulnerabilities were reported and have been addressed. Vulnerability details are listed below. Vulnerability Details CVEID: CVE-2018-0737 Description: OpenSSL could allow a local attacker t...

8.8CVSS0.8AI score0.49268EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2018/10/29 7:35 p.m.•59 views

Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server shipped with Asset and Service Management

Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions including Maximo for Energy Optimization, Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life...

8.1CVSS1.4AI score0.13872EPSS
Exploits1Affected Software8
IBM Security Bulletins
IBM Security Bulletins
•added 2018/08/03 4:23 a.m.•59 views

Security Bulletin: Vulnerabilities in OpenSSL affect the Cordova platform packaged with Rational Application Developer affecting Rational Developer for i and Rational Developer for AIX and Linux

Summary Portions of IBM Rational Application Developer for WebSphere Software are shipped as a component of Rational Developer for i RPG and COBOL + Modernization Tools, Java and EGL editions, and Rational Developer for AIX and Linux. OpenSSL vulnerabilities were disclosed on January 8, 2015 by t...

5CVSS0.5AI score0.98685EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
•added 2018/06/18 12:9 a.m.•59 views

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Storwize V7000 Unified (CVE-2014-8176, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792)

Summary OpenSSL vulnerabilities were disclosed in June 2015 by the OpenSSL Project. OpenSSL is used by by IBM Storwize V7000 Unified. IBM Storwize V7000 Unified has addressed the applicable CVEs. Vulnerability Details OpenSSL is used in IBM Storwize V7000 Unified for providing communication...

7.5CVSS1.7AI score0.74483EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2018/06/17 2:51 p.m.•59 views

Security Bulletin: Tivoli Management Framework is affected by the following OpenSSL vulnerabilities: CVE-2014-3508 CVE-2014-5139 CVE-2014-3509 CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3510 CVE-2014-3511 CVE-2014-3512 CVE-2014-3513 CVE-2014-3566 (POODLE Attack) CVE-2014-3567 CVE-2014-3568.

Summary Tivoli Management Framework is affected by the following OpenSSL vulnerabilities: CVE-2014-3508 CVE-2014-5139 CVE-2014-3509 CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3510 CVE-2014-3511 CVE-2014-3512 CVE-2014-3513 CVE-2014-3566 POODLE Attack CVE-2014-3567 CVE-2014-3568...

7.5CVSS0.9AI score0.99999EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2018/06/17 5:4 a.m.•59 views

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Rational ClearQuest(CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects IBM Rational ClearQuest. Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly...

4.3CVSS0.7AI score0.9986EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2018/06/17 4:57 a.m.•59 views

Security Bulletin: Vulnerability in SSLv3 affects Rational Insight (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in Rational Insight. Vulnerability Details CVE-ID: CVE-2014-3566 Description: Product could allow a remote attacker to obtain sensitive informatio...

4.3CVSS0.7AI score0.99999EPSS
Exploits7Affected Software1
Total number of security vulnerabilities5000