Lucene search
K
IbmMost viewed

35692 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2020/02/07 2:12 a.m.57 views

Security Bulletin: Aspera Web Applications (Faspex, Console) are affected by Apache Vulnerabilities (CVE-2019-0196, CVE-2019-0197, CVE-2019-0215, CVE-2019-0217, CVE-2019-0220)

Summary Aspera Web Applications Faspex, Console have addressed the following Apache Vulnerabilities. Vulnerability Details CVEID: CVE-2019-0220 DESCRIPTION: A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. When the path component of a request URL contains multiple consecutive...

7.5CVSS0.7AI score0.193EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/02/05 12:53 a.m.57 views

Security Bulletin: Multiple Security Vulnerabilities in Jetty Affect IBM Sterling B2B Integrator

Summary There are multiple security vulnerabilities in Jetty that affect IBM Sterling B2B Integrator Vulnerability Details CVEID: CVE-2017-7658 DESCRIPTION: Eclipse Jetty is vulnerable to HTTP request smuggling, caused by a flaw when handling more than one Content-Length headers. By sending a...

9.8CVSS0.4AI score0.20985EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/02/05 12:9 a.m.57 views

Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Rational Application Developer for WebSphere Software

Summary OpenSSL vulnerabilities were disclosed by the OpenSSL project. OpenSSL is used by the Cordova tools in IBM Rational Application Developer for WebSphere Software. IBM Rational Application Developer for WebSphere Software has addressed the applicable CVEs. Vulnerability Details CVEID:...

7.5CVSS0.7AI score0.57595EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/01/27 10:37 a.m.57 views

Security Bulletin: IBM MQ Appliance affected by HTTP/2 vulnerabilities (CVE-2019-9511 and CVE-2019-9513)

Summary IBM MQ Appliance has addressed the following HTTP/2 vulnerabilities. Vulnerability Details CVEID: CVE-2019-9513 DESCRIPTION: Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and...

7.8CVSS1.6AI score0.82017EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/01/02 2:17 p.m.57 views

Security Bulletin: Security Vulnerabilities affect IBM Cloud Private Cloud Foundry - Python (CVE-2019-9947, CVE-2019-9948)

Summary Security Vulnerabilities affect IBM Cloud Private Cloud Foundry - Python CVE-2019-9947, CVE-2019-9948 Vulnerability Details CVEID: CVE-2019-9948 DESCRIPTION: urllib in Python 2.x through 2.7.16 supports the localfile: scheme, which makes it easier for remote attackers to bypass protection...

9.1CVSS0.4AI score0.11844EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/12/20 8:47 a.m.57 views

Security Bulletin: IBM Tivoli Netcool Impact is affected by a jQuery vulnerability (CVE-2015-9251)

Summary IBM Tivoli Netcool Impact has addressed the following jQuery vulnerability. Vulnerability Details CVEID: CVE-2015-9251 DESCRIPTION: jQuery before 3.0.0 is vulnerable to Cross-site Scripting XSS attacks when a cross-domain Ajax request is performed without the dataType option, causing...

6.1CVSS1.1AI score0.29726EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/12/20 8:47 a.m.57 views

Security Bulletin: Multiple vulnerabilities affect IBM Tivoli Monitoring embedded WebSphere Application and IHS server

Summary The following security issues have been identified in the WebSphere Application Server and IHS server included as part of IBM Tivoli Monitoring ITM portal server. Vulnerability Details CVEID: CVE-2019-0220 DESCRIPTION: A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. When...

7.8CVSS0.4AI score0.81466EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/12/18 2:26 p.m.57 views

Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM i

Summary OpenSSL vulnerabilities were disclosed on March 1, 2016 by the OpenSSL Project. OpenSSL is used by IBM i. IBM i has addressed the applicable CVEs including the “DROWN: Decrypting RSA with Obsolete and Weakened eNcryption" vulnerability. Vulnerability Details CVEID: CVE-2016-0800...

10CVSS1.3AI score0.82112EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/12/17 2:40 p.m.57 views

Security Bulletin: IBM Cloud Transformation Advisor is affected by a Node.js vulnerabilities

Summary IBM Cloud Transformation Advisor has addressed the following vulnerabilities in Node.js CVE-2019-9511, CVE-2019-9516, CVE-2019-9512, CVE-2019-9517, CVE-2019-9518, CVE-2019-9515, CVE-2019-9513, CVE-2019-9514 Vulnerability Details CVEID: CVE-2019-9511 DESCRIPTION: Some HTTP/2 implementation...

7.8CVSS0.3AI score0.87806EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/05/14 5:10 p.m.57 views

Security Bulletin: Multiple Vulnerabilities in IBM HTTP Server bundled with IBM WebSphere Application Server Patterns (CVE-2019-0211 CVE-2019-0220)

Summary IBM HTTP Server is shipped as a component of IBM WebSphere Application Server Patterns. Information about security vulnerabilities affecting IBM HTTP Server have been published in a security bulletin. Vulnerability Details Please consult the following security bulletin for vulnerability...

7.8CVSS0.9AI score0.65005EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/05/02 8:10 a.m.57 views

Security Bulletin: Multiple Mozilla Firefox vulnerabilities in IBM SONAS

Summary There are security vulnerabilities in versions of Mozilla Firefox that are shipped with versions 1.5.1.0 to 1.5.2.10 of IBM SONAS Vulnerability Details IBM SONAS is shipped with Mozilla Firefox. There are vulnerabilities in certain versions of Mozilla Firefox shipped in certain versions o...

9.8CVSS3.3AI score0.09646EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/02/21 12:35 p.m.57 views

User B cannot see a message notification in the Bulletins icon same as user A sees it.

Problem The issue is regarding bulletin board notification when you log into Maximo, a user has created a bulletin board and filled all the details. The Bulletin Board has been published. If another user logs into Maximo, he/she doesn't see the notification on the Bulletin Board icon instantly...

7.1AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/28 8:20 p.m.57 views

Security Bulletin: Multiple vulnerabilities in IBM GSKit affect Rational Directory Server (Tivoli)

Summary There are multiple security vulnerabilities in IBM® GSKit version 8. GSKit is used by IBM Rational Directory Server Tivoli. Vulnerability Details CVEID: CVE-2018-1427 DESCRIPTION: IBM GSKit contains several environment variables that a local attacker could overflow and cause a denial of...

9.1CVSS0.6AI score0.0251EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/02 2:15 p.m.57 views

Security Bulletin: Vulnerabilities in GSKit affect IBM Tivoli Directory Server and IBM Security Directory Server for AIX

Summary There are multiple vulnerabilities in GSKit that affect IBM Tivoli Directory Server and IBM Security Directory Server for AIX. Vulnerability Details CVEID: CVE-2018-1388 DESCRIPTION: GSKit V7 may disclose side channel information via discrepencies between valid and invalid PKCS1 padding...

9.1CVSS0.4AI score0.0251EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/12/17 2:30 p.m.57 views

Security Bulletin: Vulnerabilities in MariaDB affect PowerKVM

Summary PowerKVM is affected by vulnerabilities in MariaDB. IBM has now addressed these vulnerabilities. Vulnerability Details CVEID: CVE-2018-2819 DESCRIPTION: An unspecified vulnerability in Oracle MySQL related to the Server InnoDB component could allow an authenticated attacker to cause a...

7.7CVSS1.7AI score0.0401EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/11/09 2:30 p.m.57 views

Security Bulletin: Security vulnerability has been identified in Jazz Team Server shipped with Jazz Reporting Service (CVE-2018-11784)

Summary Jazz Team Server is shipped as a component of Jazz Reporting Service JRS. Information about a security vulnerability affecting Jazz Team Server and Jazz-based products has been published in a security bulletin. Vulnerability Details CVEID: CVE-2018-11784 DESCRIPTION: Apache Tomcat could...

4.3CVSS0.94494EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/11/07 3:25 p.m.57 views

Security Bulletin: Node.js as used in IBM QRadar Packet Capture is susceptible to multiple vulnerabilities

Summary Node.js as used in IBM QRadar Packet Capture has been updated to resolve multiple vulnerabilities Vulnerability Details CVEID: CVE-2018-7158 Description: Node.js path module is vulnerable to a denial of service. By sending a specially crafted file path, an attacker could exploit this...

8.8CVSS0.9AI score0.09916EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/10/24 5:25 p.m.57 views

Security Bulletin: Vulnerability in OpenSSH affects AIX (CVE-2018-15473)

Summary Vulnerability in OpenSSH affects AIX. Vulnerability Details CVEID: CVE-2018-15473 DESCRIPTION: OpenSSH could allow a remote attacker to obtain sensitive information, caused by different responses to valid and invalid authentication attempts. By sending a specially crafted request, an...

5.3CVSS0.3AI score0.98631EPSS
Exploits23Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/10/04 4:15 a.m.57 views

Security Bulletin: IBM Tivoli Netcool Impact is affected by an Apache Derby vulnerability (CVE-2018-1313)

Summary IBM Tivoli Netcool Impact has addressed the following Apache Derby vulnerability. Vulnerability Details CVEID: CVE-2018-1313 DESCRIPTION: Apache Derby could allow a remote attacker to bypass security restrictions, caused by improper validation of network packets received. By sending a...

5.3CVSS1.2AI score0.04504EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/08/08 4:13 a.m.57 views

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Cloud Manager with OpenStack

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 7.0.10.10 used by IBM Cloud Manager with OpenStack. These issues were disclosed as part of the IBM Java SDK updates in October 2017. Vulnerability Details CVEID: CVE-2017-10346 DESCRIPTION: An unspecified...

9.6CVSS1.1AI score0.16181EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/07/20 6:56 p.m.57 views

Security Bulletin: Multiple Security Vulnerabilities affect IBM® Cloud Private

Summary IBM Cloud Private is vulnerable to multiple security vulnerabilities Vulnerability Details CVEID: CVE-2018-5146 DESCRIPTION: libvorbis, as used in Mozilla Firefox, could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds memory write. By persuading...

10CVSS1.3AI score0.79855EPSS
Exploits30Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 1:35 a.m.57 views

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Systems Director Platform Agent (CVE-2017-3731, CVE-2017-3732)

Summary There are multiple vulnerabilities addressed in OpenSSL that is used by IBM Systems DirectorISD Platform Agent. These OpenSSL vulnerabilities were disclosed in January 2017 by the OpenSSL Project. Vulnerability Details CVEID: CVE-2017-3731 DESCRIPTION: OpenSSL is vulnerable to a denial of...

7.5CVSS0.1AI score0.57595EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 1:34 a.m.57 views

Security Bulletin: Vulnerabilities in mariadb affect PowerKVM

Summary PowerKVM is affected by vulnerabilities in Oracle MySQL Server mariadb. IBM has now addressed these vulnerabilities. Vulnerability Details CVEID: CVE-2016-3492 DESCRIPTION: An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote...

10CVSS1.3AI score0.6773EPSS
Exploits21Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 1:30 a.m.57 views

Security Bulletin: Multiple vulnerabilities in the GNU C Library (glibc) affect PowerKVM

Summary PowerKVM is affected by several vulnerabilities in GNU glibc. These vulnerabilities are now fixed. Vulnerability Details CVEID: CVE-2015-7547 DESCRIPTION: GNU C Library glibc is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the nssdns backend for the...

8.1CVSS1.2AI score0.89557EPSS
Exploits18Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 1:29 a.m.57 views

Security Bulletin: A security vulnerability with openssh affects IBM Flex System Manager (CVE-2015-5600)

Summary A security vulnerability has been identified in openssh that is contained in the IBM Flex System Manager FSM. This bulletin addresses the vulnerability. Vulnerability Details CVEID: CVE-2015-5600 DESCRIPTION: OpenSSH could allow a local attacker to obtain sensitive information, caused by ...

8.5CVSS0.7AI score0.09302EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 1:28 a.m.57 views

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects PowerKVM (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects PowerKVM. Vulnerability Details CVE Information: copy/paste-able; will update after page submission. Provided by system to make it easy to cut and paste data. CVEID: CVE-2015-4000 DESCRIPTION: T...

4.3CVSS0.4AI score0.9986EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 1:27 a.m.57 views

Security Bulletin: Vulnerabilities in Apache Tomcat affect IBM SDN VE (CVE- 2011-4905, CVE-2013-0248,CVE-2014-0050,CVE-2014-3577,CVE-2014-0054,CVE- 2013-7315,CVE-2013-6429,CVE-2014-0119,CVE-2014-0099,CVE-2014-1904)

Summary Security vulnerabilities have been discovered in Apache Tomcat. Vulnerability Details CVEID: CVE-2011-4905 DESCRIPTION: Apache ActiveMQ before 5.6.0 allows remote attackers to cause a denial of service file-descriptor exhaustion and broker crash or hang by sending many openwire...

7.5CVSS2.5AI score0.91354EPSS
Exploits13Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 1:26 a.m.57 views

Security Bulletin: Vulnerabilities in Bash affect IBM SDN VE (CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, CVE-2014-6278)

Summary Six Bash vulnerabilities were disclosed in September 2014. This bulletin addresses the vulnerabilities that have been referred to as “Bash Bug” or “Shellshock” and two memory corruption vulnerabilities. Bash is used by IBM SDN VE. Vulnerability Details CVE-ID: CVE-2014-6271 DESCRIPTION: G...

10CVSS2.7AI score0.99999EPSS
Exploits158Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 12:9 a.m.57 views

Security Bulletin: Mozilla Firefox vulnerability issues in IBM SONAS

Summary There are security vulnerabilities in versions of Mozilla Firefox that are shipped with versions 1.5.0.0 to 1.5.2.1 of IBM SONAS Vulnerability Details IBM SONAS is shipped with Mozilla Firefox. There are vulnerabilities in certain versions of Mozilla Firefox shipped in certain versions of...

10CVSS3.5AI score0.70226EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 12:9 a.m.57 views

Security Bulletin: Open Source Mozilla Firefox vulnerability in IBM SONAS (CVE-2015-0801, CVE-2015-0807, CVE-2015-0813, CVE-2015-0815, CVE-2015-0816,CVE-2015-0817, CVE-2015-0818, CVE-2015-2708, CVE-2015-2709)

Summary A fix is available for IBM SONAS, for the Open Source Mozilla Firefox security vulnerabilities found inMarch 2015. Vulnerability Details IBM SONAS is shipped with Mozilla Firefox.There are vulnerabilities in certain versions of Mozilla Firefox shipped in certain versions of IBM SONAS. Thi...

7.5CVSS2.3AI score0.67135EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 12:8 a.m.57 views

Security Bulletin: Vulnerabiltiies in OpenSSL affect IBM SONAS (CVE-2014-3513, CVE-2014-3567, CVE-2014-3568)

Summary OpenSSL vulnerabilities along with SSL 3 Fallback protection TLSFALLBACKSCSV were disclosed on October 15, 2014 by the OpenSSL Project. OpenSSL is used by IBM SONAS. IBM SONAS has addressed the applicable CVEs and included the SSL 3.0 Fallback protection TLSFALLBACKSCSV provided by OpenSS...

7.1CVSS1.5AI score0.37072EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 12:8 a.m.57 views

Security Bulletin: Vulnerabilities in Bash affect TSSC (CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, CVE-2014-6278)

Summary Six Bash vulnerabilities were disclosed in September 2014. This bulletin addresses the vulnerabilities that have been referred to as “Bash Bug” or “Shellshock” and two memory corruption vulnerabilities. Bash is used by TSSC.. Vulnerability Details CVE-ID: CVE-2014-6271 DESCRIPTION: GNU Ba...

10CVSS1.2AI score0.99999EPSS
Exploits158Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 10:33 p.m.57 views

Security Bulletin: Multiple vulnerabilities in Apache Tomcat affect IBM UrbanCode Release

Summary Multiple vulnerabilities in Apache Tomcat affect IBM UrbanCode Release Vulnerability Details CVEID: CVE-2016-5018 DESCRIPTION: Apache Tomcat could allow a local attacker to bypass security restrictions. An attacker could exploit this vulnerability using a Tomcat utility method to bypass a...

9.1CVSS0.8AI score0.10303EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 5:10 a.m.57 views

Security Bulletin: IBM Software Delivery and Lifecycle Patterns for the glibc vulnerabilities (CVE-2015-7547)

Summary IBM Software Delivery and Lifecycle Patterns requires client action for the glibc vulnerabilities. The GNU C Library glibc is vulnerable to a heap-based buffer overflow, a local attacker could exploit this vulnerability to overflow a buffer and execute arbitrary code on the system with ro...

8.1CVSS2.1AI score0.89557EPSS
Exploits17Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 4:59 a.m.57 views

Security Bulletin: Rational RequisitePro affected by Java vulnerabilities (CVE-2014-4244, CVE-2014-4263)

Summary This bulletin covers remediation measures for the CVEs published in Oracle's July 2014 CPU that affect Rational RequisitePro. Vulnerability Details | Subscribe to My Notifications to be notified of important product support alerts like this. Follow this link for more information requires...

4CVSS1.7AI score0.03501EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 10:3 p.m.57 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Security Guardium

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 6 used by IBM Security Guardium. These issues were disclosed as part of the IBM Java SDK updates in October 2017. IBM Security Guardium has addressed the se vulnerabilities Vulnerability Details CVEID:...

9.8CVSS0.9AI score0.16181EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:45 p.m.57 views

Security Bulletin: GNU C library (glibc) vulnerabilities affect IBM Security Network Active Bypass (CVE-2014-9761, CVE-2015-8778, CVE-2015-8779)

Summary GNU C library glibc vulnerabilities were found that affect IBM Security Network Active Bypass. Vulnerability Details CVEID: CVE-2014-9761 DESCRIPTION: GNU C Library glibc is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the nan function. By sending an...

9.8CVSS1.5AI score0.05966EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:38 p.m.57 views

Security Bulletin: IBM Security Access Manager for Mobile is affected by Network Security Services (NSS) vulnerabilities (CVE-2015-7181, CVE-2015-7182, CVE-2015-7183)

Summary Network Security Services NSS is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Netscape Portable Runtime NSPR provides platform independence for non-GUI operating system facilities. IBM Security Access Manager for...

9.8CVSS2.2AI score0.10238EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:31 p.m.57 views

Security Bulletin: A vulnerability in OpenSSH affects IBM Security Network Protection (CVE-2015-5600)

Summary A security vulnerability has been discovered in OpenSSH used with IBM Security Network Protection. Vulnerability Details CVEID: CVE-2015-5600 DESCRIPTION: OpenSSH could allow a local attacker to obtain sensitive information, caused by an error in the keyboard-interactive authentication...

8.5CVSS1.2AI score0.09302EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:19 p.m.57 views

Security Bulletin: Vulnerabilities in Bash affect IBM Security Access Manager for Mobile and IBM Security Access Manager for Web (CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, CVE-2014-6278)

Summary Six Bash vulnerabilities were disclosed in September 2014. This bulletin addresses the vulnerabilities that have been referred to as “Bash Bug” or “Shellshock” and two memory corruption vulnerabilities. Bash is used by IBM Security Access Manager for Mobile and IBM Security Access Manager...

10CVSS1.7AI score0.99999EPSS
Exploits158Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:17 p.m.57 views

Security Bulletin: IBM Security Proventia Network Active Bypass is affected by vulnerabilities in OpenSSL (CVE-2014-0160 and CVE-2014-0076)

Summary Security vulnerabilities have been discovered in OpenSSL. Vulnerability Details CVE-ID: CVE-2014-0160 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the TLS/DTLS heartbeat functionality. An attacker could exploit this vulnerabilit...

7.5CVSS0.6AI score0.99999EPSS
Exploits89Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 1:45 p.m.57 views

Security Bulletin: Mutiple vulnerabilities in zlib affect IBM ILOG CPLEX Optimization Studio

Summary The gz feature, provided by the open source zlib, is used to decompress files automatically. A denial of service may be caused by four potential vulnerabilities. Vulnerability Details CVEID: CVE-2016-9840 DESCRIPTION: zlib is vulnerable to a denial of service, caused by an out-of-bounds...

9.8CVSS0.7AI score0.07489EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 1:42 p.m.57 views

Security Bulletin: Multiple Vulnerabilities in Struts affect IBM InfoSphere Information Server

Summary Struts vulnerabilities affect IBM InfoSphere Information Server. IBM InfoSphere Information Server has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-4430 DESCRIPTION: Apache Struts is vulnerable to cross-site request forgery, caused by improper validation of...

10CVSS0.9AI score0.9373EPSS
Exploits18Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 11:48 p.m.57 views

Security Bulletin: IBM OpenPages GRC Platform Web Applications are NOT vulnerable to (CVE-2017-9805 , CVE-2017-9804, CVE-2017-9793)

Summary IBM OpenPages GRC Platform Web Applications are NOT vulnerable to Apache Struts 2 vulnerabilities CVE-2017-9805 , CVE-2017-9804 and CVE-2017-9793 Vulnerability Details For more information on Struts 2 vulnerabilities, please consult Apache Security Bulletins CVE-2017-9805 , CVE-2017-9804...

8.1CVSS3.3AI score0.99461EPSS
Exploits23Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:9 a.m.57 views

Security Bulletin: API Connect Developer Portal is affected by Drupal vulnerability (CVE-2018-7600)

Summary IBM API Connect has addressed the following vulnerabilities. API Connect Developer Portal is impacted by Drupal vulnerability: Drupal could allow a remote attacker to execute arbitrary code on the system, caused by an error within multiple subsystems. An attacker could exploit this...

9.8CVSS7.9AI score0.99993EPSS
Exploits46Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/17 3:8 p.m.56 views

Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities

Summary IBM QRadar SIEM includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. These have been addressed in the update. Vulnerability Details CVEID:CVE-2024-11168 DESCRIPTION: The urllib.parse.urlsplit and urlparse functions improperl...

8.8CVSS7.8AI score0.59501EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/05/08 11:52 p.m.56 views

Security Bulletin: Multiple security vulnerabilities affecting IBM Knowledge Catalog for IBM Cloud Pak for Data

Summary Multiple security vulnerabilities impacting IBM Knowledge Catalog for IBM Cloud Pak for Data. These vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2023-45133 DESCRIPTION: Babel could allow a local attacker to execute arbitrary code on the system, caused by a flaw in...

9.3CVSS9.6AI score0.02761EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/30 9:37 p.m.56 views

Security Bulletin: IBM® Db2® is vulnerable to sensitive information disclosure when using ADMIN_CMD with IMPORT or EXPORT (CVE-2023-38729)

Summary IBM® Db2® is vulnerable to sensitive information disclosure when using ADMINCMD with IMPORT or EXPORT. Note: In addition to applying Special Build, registry variable DB2LOADRESTRICTEDIOPATH needs to be set to USEEXTBLLOCATION 11.1 or later, or one or more semi-colon separated paths. When...

6.8CVSS6.1AI score0.00567EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 2:21 a.m.56 views

Security Bulletin: Multiple vulnerabilities affect PowerSC and PowerSC MFA

Summary There are multiple vulnerabilities in PowerSC and PowerSC MFA. Vulnerability Details CVEID:CVE-2023-50939 DESCRIPTION: IBM PowerSC 1.3, 2.0, and 2.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID:...

9.8CVSS7AI score0.00663EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/26 4:0 a.m.56 views

Security Bulletin: Multiple security vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak.

Summary jQuery is used by IBM Robotic Process Automation for Cloud Pak as part of Abbyy CVE-2015-9251, CVE-2019-11358, CVE-2020-11022, CVE-2020-11023, CVE-2020-23064. Kubernetes kube-apiserver is used by IBM Robotic Process Automation for Cloud Pak as part of the operator CVE-2020-8552. Go Go-Yam...

7.5CVSS7.4AI score0.99019EPSS
Exploits17Affected Software1
Total number of security vulnerabilities5000