Lucene search
K
IbmMost viewed

35634 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2019/10/14 11:5 p.m.56 views

Security Bulletin: Multiple Vulnerabilities in IBM Java Runtime affect IBM Cloud Private

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8 used by IBM Cloud Private. IBM Cloud Private has addressed the applicable CVEs. Vulnerability Details If you run your own Java code using the IBM Java Runtime delivered with this product, you should evaluate yo...

8.4CVSS0.8AI score0.04351EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/09/17 3:32 p.m.56 views

Security Bulletin: IBM Security Privileged Identity Manager has released a fixpack in response to the vulnerabilities known as Spectre and Meltdown.

Summary IBM has released the following a fixpack for IBM Security Privileged Identity Manager in response to CVE-2017-5753 and CVE-2017-5754 Vulnerability Details CVEID: CVE-2017-5753 DESCRIPTION: Intel Haswell Xeon, AMD PRO and ARM Cortex A57 CPUs could allow a local authenticated attacker to...

5.6CVSS0.8AI score0.93838EPSS
Exploits13Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/09/04 10:55 a.m.56 views

Security Bulletin: IBM Cloud Kubernetes Service is affected by Kubernetes security vulnerabilities (CVE-2019-9512, CVE-2019-9514)

Summary IBM Cloud Kubernetes Service is affected by security vulnerabilities in the net/http library of the Go language that affects all Kubernetes components. These vulnerabilities can result in a denial-of-service attack against a process with an HTTP or HTTPS listener CVE-2019-9512 and...

7.8CVSS0.2AI score0.83433EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/06/25 7:40 p.m.56 views

Security Bulletin: Open Source VMware Fusion Vulnerabilities in IBM Pure Application System (CVE-2017-4903, CVE-2017-4904, CVE-2017-4905)

Summary Multiple vulnerabilities in Open Source VMware affects IBM PureApplication System. IBM PureApplication System has addressed Common Vulnerabilities Exposures CVE-2017-4903, CVE-2017-4904, CVE-2017-4905. Additionally this bulletin includes information about the release of fix for Common...

8.8CVSS1.2AI score0.03157EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/06/05 6:20 a.m.56 views

Security Bulletin: IBM MessageSight/MessageGateway is affected by the following jQuery vulnerability

Summary IBM MessageSight/MessageGateway has addressed the following jQuery vulnerability: CVE-2019-11358: jQuery mishandles jQuery.extendtrue, , ... Vulnerability Details CVEID: CVE-2019-11358 DESCRIPTION: jQuery, as used in Drupal core, is vulnerable to cross-site scripting, caused by improper...

6.1CVSS0.9AI score0.87218EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/05/15 8:55 p.m.56 views

Security Bulletin: Multiple Security Vulnerabilities affect IBM Cloud Private Kubernetes

Summary Multiple Security Vulnerabilities affect IBM Cloud Private Kubernetes Vulnerability Details CVEID: CVE-2019-4119 DESCRIPTION: IBM Cloud Private Kubernetes API server can be used as an HTTP proxy to not only cluster internal but also external target IP addresses. CVSS Base Score: 3.1 CVSS...

8.1CVSS0.4AI score0.13164EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/04/25 7:45 a.m.56 views

Security Bulletin: IBM Security SiteProtector System is affected by Apache HTTP Server vulnerabilities

Summary IBM Security SiteProtector System has addressed the following vulnerabilities in Apache HTTP Server. Vulnerability Details CVEID: CVE-2018-11759 DESCRIPTION: Apache Tomcat JK modjk Connector could allow a remote attacker to traverse directories on the system, caused by the improper handli...

8.1CVSS0.8AI score0.90647EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/02/28 3:15 p.m.56 views

Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to multiple security vulnerabilities for IBM WebSphere Liberty Server

Summary IBM has announced a release for IBM Security Identity Governance and Intelligence IGI in response to multiple security vulnerabilities. There are multiple vulnerabilities in IBM® WebSphere Liberty Server, Version 18.0.0.4 included in this release of IGI. These issues were disclosed as par...

9.8CVSS0.9AI score0.13872EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/02/01 9:20 p.m.56 views

Security Bulletin: IBM OpenPages GRC Platform is affected by Apache POI vulnerability (CVE-2017-12626)

Summary IBM OpenPages GRC Platform has addressed Apache POI vulnerability CVE-2017-12626 Vulnerability Details CVEID: CVE-2017-12626 DESCRIPTION: Apache POI is vulnerable to a denial of service, caused by an error while parsing malicious WMF, EMF, MSG and macros and specially crafted DOC, PPT and...

7.5CVSS0.8AI score0.10248EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/31 2:40 a.m.56 views

Security Bulletin: Vulnerabilities in expat affect IBM Chassis Management Module (CMM)

Summary IBM Chassis Management Module CMM has addressed the following vulnerabilities in expat CVE-2017-9233 CVE-2016-9063 Vulnerability Details Summary IBM Chassis Management Module CMM has addressed the following vulnerabilities in expat CVE-2017-9233 CVE-2016-9063 Vulnerability Details CVEID:...

9.8CVSS1AI score0.08739EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/31 2:25 a.m.56 views

Security Bulletin: Vulnerabilities in cURL affect IBM Flex System Chassis Management Module (CMM)

Summary IBM Chassis Management Module CMM has addressed the following vulnerabilities in cURL. Vulnerability Details Summary IBM Chassis Management Module CMM has addressed the following vulnerabilities in cURL. Vulnerability Details: CVEID: CVE-2016-8615 Description: cURL/libcurl is vulnerable t...

9.8CVSS1.2AI score0.05915EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/31 1:35 a.m.56 views

Security Bulletin: Security vulnerabilities in Open SSL, OpenSSH and curl affect the Integrated Management Module II (IMM2)

Summary Security vulnerabilities in Open SSL, OpenSSH and curl affect the Integrated Management Module II IMM2. Vulnerability Details Abstract Security vulnerabilities in Open SSL, OpenSSH and curl affect the Integrated Management Module II IMM2. Vulnerability Details CVE-ID: CVE-2014-2653...

6.8CVSS0.8AI score0.51436EPSS
Exploits6
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/31 1:25 a.m.56 views

Security Bulletin: Security vulnerability has been identified in IBM Systems Director, Tivoli Common Reporting shipped with IBM Systems Director Editions (CVE-2014-0224, CVE-2014-0221, CVE-2014-0195, CVE-2014-0198, CVE-2010-5298, CVE-2014-3470)

Summary IBM Systems Director, Tivoli Common Reporting is shipped as a compo-nent of IBM Systems Director Editions. Information about a security vul-nerability affecting IBM Systems Director, Tivoli Common Reporting has been published in a security bulletin. Vulnerability Details Abstract IBM...

0.5AI score0.99977EPSS
Exploits13Affected Software5
IBM Security Bulletins
IBM Security Bulletins
added 2018/10/24 5:25 p.m.56 views

Security Bulletin: Vulnerability in OpenSSH affects AIX (CVE-2018-15473)

Summary Vulnerability in OpenSSH affects AIX. Vulnerability Details CVEID: CVE-2018-15473 DESCRIPTION: OpenSSH could allow a remote attacker to obtain sensitive information, caused by different responses to valid and invalid authentication attempts. By sending a specially crafted request, an...

5.3CVSS0.3AI score0.98631EPSS
Exploits23Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/09/14 6:45 p.m.56 views

Security Bulletin: Aspera OnDemand is affected by an openSSL vulnerability (CVE-2017-3736)

Summary Aspera OnDemand has addressed the following openSSL vulnerability. Vulnerability Details CVEID: CVE-2017-3736 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by a carry propagation flaw in the x8664 Montgomery squaring function bnsqrx8xinternal. ...

6.5CVSS1.4AI score0.10133EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/08/03 4:23 a.m.56 views

Security Bulletin: Vulnerability in RC4 stream cipher affects IBM Rational Business Developer (CVE-2015-2808)

Summary The RC4 "Bar Mitzvah" Attach for SSL/TLS affects IBM Rational Business Developer. Vulnerability Details CVE-ID: CVE-2015-2808 Description: The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could...

5CVSS0.8AI score0.74006EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/07/25 2:31 p.m.56 views

Security Bulletin: IBM QRadar Network Security has released fixpack in response to the vulnerabilities known as Spectre and Meltdown

Summary IBM has released the following fixpack for IBM QRadar Network Security in response to CVE-2017-5753, CVE-2017-5715 and CVE-2017-5754. Vulnerability Details CVEID: CVE-2017-5753 CVEID: CVE-2017-5754 CVEID: CVE-2017-5715 Affected Products and Versions IBM QRadar Network Security 5.4.0...

5.6CVSS3.2AI score0.93838EPSS
Exploits13Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/07/10 8:34 a.m.56 views

Security Bulletin: A security vulnerability has been identified in IBM HTTP Server shipped with IBM Rational ClearCase (CVE-2017-7679, CVE-2017-7668, CVE-2017-3167)

Summary IBM HTTP Server IHS is shipped as a component of IBM Rational ClearCase. Information about a security vulnerability affecting IHS has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section. Affected Products and...

9.8CVSS0.9AI score0.57472EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 1:24 a.m.56 views

Security Bulletin: IBM SDN for Virtual Environments is affected by a vulnerability in OpenSSL (CVE-2014-0160)

Summary A security vulnerability has been discovered in OpenSSL. Vulnerability Details CVE-ID: CVE-2014-0160 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the TLS/DTLS heartbeat functionality. An attacker could exploit this vulnerability...

7.5CVSS0.1AI score0.99999EPSS
Exploits87Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 12:32 a.m.56 views

Security Bulletin: Vulnerabilities in Apache Tomcat affect the IBM FlashSystem model V840

Summary There are vulnerabilities in Apache Tomcat to which the IBM® FlashSystem™ V840 is susceptible. An exploit of these vulnerabilities CVE-2016-6816, CVE-2016-6817, and CVE-2016-6796 could allow a remote attacker to obtain sensitive information, cause an application to enter an infinite loop,...

7.5CVSS0.6AI score0.39633EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 12:9 a.m.56 views

Security Bulletin: Mozilla Firefox vulnerability issues in IBM SONAS

Summary There are security vulnerabilities in versions of Mozilla Firefox that are shipped with versions 1.5.0.0 to 1.5.2.1 of IBM SONAS Vulnerability Details IBM SONAS is shipped with Mozilla Firefox. There are vulnerabilities in certain versions of Mozilla Firefox shipped in certain versions of...

10CVSS3.5AI score0.70226EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 10:33 p.m.56 views

Security Bulletin: Multiple vulnerabilities in Samba affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance

Summary Samba vulnerabilities were disclosed on April 12, 2016. Samba is used by IBM SmartCloud Provisioning for IBM Software Virtual Appliance. IBM SmartCloud Provisioning for IBM Software Virtual Appliance has addressed the applicable CVEs including the vulnerability commonly referred to as...

7.5CVSS0.7AI score0.3693EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 10:33 p.m.56 views

Security Bulletin: Multiple vulnerabilities in qemu-kvm affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance

Summary Multiple vulnerabilities in qemu-kvm affect IBM SmartCloud Provisioning V2.1 for IBM Software Virtual Appliance. Please note product software support discontinuance as per IBM Withdrawal Announcement 916-016. For withdrawal announcement information details see the Reference section below...

7.5CVSS1.2AI score0.0361EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 10:30 p.m.56 views

Security Bulletin: Vulnerability in GNU C library (glibc) affects SmartCloud Provisioning 2.1 for IBM Provided Software Virtual Appliance (CVE-2015-0235)

Summary GNU C library glibc vulnerability that has been referred to as GHOST affects SmartCloud Provisioning 2.1 for IBM Provided Software Virtual Appliance CVE-2015-0235. IBM recommends that you review your entire environment to identify vulnerable releases of the above packages including your...

10CVSS1.2AI score0.94859EPSS
Exploits29Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 5:23 a.m.56 views

Security Bulletin: Multiple Security Vulnerabilities in Apache Tomcat affect IBM Rational License Key Server Administration and Reporting Tool

Summary Apache Tomcat is shipped as a component of RLKS Administration and Reporting Tool RLKS ART which contains multiple security vulnerabilities that could potentially impact ART. Vulnerability Details CVEID: CVE-2017-5647 DESCRIPTION: Apache Tomcat could allow a remote attacker to obtain...

9.8CVSS1.1AI score0.99988EPSS
Exploits37Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 10:3 p.m.56 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Security Guardium

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 6 used by IBM Security Guardium. These issues were disclosed as part of the IBM Java SDK updates in October 2017. IBM Security Guardium has addressed the se vulnerabilities Vulnerability Details CVEID:...

9.8CVSS0.9AI score0.16181EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 10:2 p.m.56 views

Security Bulletin: IBM QRadar Network Security is affected by vulnerabilities in bash (CVE-2016-9401, CVE-2016-7543, CVE-2016-0634)

Summary IBM QRadar Network Security has addressed vulnerabilities in bash. Vulnerability Details CVEID: CVE-2016-9401 DESCRIPTION: GNU Bash could allow a local attacker to bypass security restrictions, caused by a use-after-free error. An attacker could exploit this vulnerability using a speciall...

8.4CVSS7.7AI score0.06019EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 10:2 p.m.56 views

Security Bulletin: IBM Security Guardium is affected by Using Components with Known vulnerabilities (multiple CVEs)

Summary IBM Security Guardium is affected by Using Components with Known vulnerabilities. IBM Security Guardium has fixed these vulnerabilities Vulnerability Details CVEID: CVE-2014-3584 DESCRIPTION: Apache CXF is vulnerable to a denial of service, caused by the processing of SAML tokens received...

10CVSS1.4AI score0.63029EPSS
Exploits17Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:45 p.m.56 views

Security Bulletin: Multiple Vulnerabilities in OpenSSL affect IBM Security Network Controller

Summary OpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by IBM Security Network Controller. IBM Security Network Controller has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-2108 DESCRIPTION: OpenSSL could allow a remote attacke...

10CVSS1.3AI score0.89058EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:44 p.m.56 views

Security Bulletin: Vulnerabilities in Ntp affect IBM Security Identity Governance

Summary Vulnerabilities in Network Time Protocol NTP that is used by IBM Security Identity Governance Vulnerability Details CVEID: CVE-2015-5194 DESCRIPTION: Network Time Protocol NTP is vulnerable to a denial of service, caused by an uninitialized variable when processing malicious commands. By...

7.5CVSS1.1AI score0.15081EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:38 p.m.56 views

Security Bulletin: Vulnerabilities in Net-SNMP affect IBM Security Access Manager for Web (CVE-2014-3565, CVE-2015-5621)

Summary IBM Security Access Manager for Web is affected by denial of service vulnerabilities in Net-SNMP. Vulnerability Details CVEID: CVE-2014-3565 DESCRIPTION: Net-SNMP is vulnerable to a denial of service, caused by the improper handling of SNMP traps when started with the "-OQ" option. By...

7.5CVSS1.3AI score0.40002EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:31 p.m.56 views

Security Bulletin: A vulnerability in OpenSSH affects IBM Security Network Protection (CVE-2015-5600)

Summary A security vulnerability has been discovered in OpenSSH used with IBM Security Network Protection. Vulnerability Details CVEID: CVE-2015-5600 DESCRIPTION: OpenSSH could allow a local attacker to obtain sensitive information, caused by an error in the keyboard-interactive authentication...

8.5CVSS1.2AI score0.09302EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 8:6 p.m.56 views

Security Bulletin: Multiple security issues in IBM Tealeaf Customer Experience on Cloud Network Capture Add-On

Summary OpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL is used by IBM Tealeaf Customer Experience on Cloud Network Capture Add-On. IBM Tealeaf Customer Experience on Cloud Network Capture Add-On has addressed the applicable CVEs. Multiple...

9.8CVSS1.2AI score0.63029EPSS
Exploits12Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:5 a.m.56 views

Security Bulletin: Multiple vulnerabilities may affect IBM® SDK, Java™ Technology Edition

Summary Java SE issues disclosed in the Oracle October 2016 Critical Patch Update Vulnerability Details CVE IDs: CVE-2016-5582 CVE-2016-5568 CVE-2016-5556 CVE-2016-5573 CVE-2016-5597 CVE-2016-5554 CVE-2016-5542 DESCRIPTION: This bulletin covers all applicable Java SE CVEs published by Oracle as...

9.6CVSS6.8AI score0.05437EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/17 3:8 p.m.55 views

Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities

Summary IBM QRadar SIEM includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. These have been addressed in the update. Vulnerability Details CVEID:CVE-2024-11168 DESCRIPTION: The urllib.parse.urlsplit and urlparse functions improperl...

8.8CVSS7.8AI score0.59501EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/08/02 3:58 p.m.55 views

Security Bulletin: Multiple vulnerabilities affect IBM Db2® on Cloud Pak for Data, and Db2 Warehouse on Cloud Pak for Data

Summary IBM has released the below fix for IBM Db2® on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data in response to multiple vulnerabilities found in multiple components. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details...

9.8CVSS10AI score0.99019EPSS
Exploits16Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/07/01 5:59 p.m.55 views

Security Bulletin: Waitress WSGI Server Vulnerability: HTTP Pipelining Request Handling with Disabled Lookahead

Summary Waitress is a Web Server Gateway Interface server for Python 2 and 3. A remote client may send a request that is exactly recvbytes defaults to 8192 long, followed by a secondary request using HTTP pipelining. When request lookahead is disabled default we won't read any more requests, and...

9.1CVSS7AI score0.00496EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/06/19 5:12 p.m.55 views

Security Bulletin: IBM Security Guardium Insights is affected by multiple vulnerabilities

Summary IBM Security Guardium Insights has addressed the following vulnerabilities Vulnerability Details CVEID:CVE-2020-13949 DESCRIPTION: Apache Thrift is vulnerable to a denial of service, caused by improper input validation. By sending specially-crafted messages, a remote attacker could exploi...

9.8CVSS9.7AI score0.23293EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 3:11 a.m.55 views

Security Bulletin: Multiple Vulnerabilities in IBM CloudPak for AIOps

Summary Multiple vulnerabilities were addressed in IBM Cloud Pak for AIOps version 4.7.1 Vulnerability Details CVEID:CVE-2024-39705 DESCRIPTION: Natural Language Toolkit NLTK could allow a remote attacker to execute arbitrary code on the system, caused by a flaw when an untrusted packages have...

10CVSS10AI score0.01421EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/26 6:21 p.m.55 views

Security Bulletin: Multiple Vulnerabilities in IBM CloudPak for AIOps

Summary Multiple vulnerabilities were addressed in IBM Cloud Pak for AIOps version 4.9.0 Vulnerability Details CVEID:CVE-2025-25184 DESCRIPTION: Rack provides an interface for developing web applications in Ruby. Prior to versions 2.2.11, 3.0.12, and 3.1.10, Rack::CommonLogger can be exploited by...

9.8CVSS10AI score0.62474EPSS
Exploits9Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/26 3:55 a.m.55 views

Security Bulletin: IBM Cloud Pak for Security includes components with multiple known vulnerabilities

Summary IBM Cloud Pak for Security includes components with known vulnerabilities. These have been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest version of Cloud Pak for Security...

9.8CVSS10AI score0.09304EPSS
Exploits9Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/26 3:32 a.m.55 views

Security Bulletin: Multiple Vulnerabilities in Apache Ivy affect IBM Cloud Pak System

Summary Vulnerabilities found in Apache Ivy affect IBM Cloud Pak SystemCVE-2022-46751, CVE-2022-2765,CVE-2022-37866. Vulnerability Details CVEID:CVE-2022-46751 DESCRIPTION: Apache Ivy could allow a remote attacker to obtain sensitive information, caused by improper handling of XML external entity...

9.8CVSS7.9AI score0.01855EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/12 11:48 a.m.55 views

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for December 2024 and January 2025

Summary Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 21.0.3-IF039 and 24.0.0-IF004. Vulnerability Details CVEID:CVE-2023-48161 DESCRIPTION: GifLib Project GifLib could allow a local attacker to obtain sensitive information, caused by a heap-based buff...

9.2CVSS10AI score0.66594EPSS
Exploits3Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/04 7:32 p.m.55 views

Security Bulletin: There are multiple vulnerabilities that can affect IBM Storage Scale System that are now included

Summary There are multiple vulnerabilities, used by IBM Storage Scale System, which could provide weaker than expected security that are now fixed. Vulnerability Details CVEID:CVE-2024-26643 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by an error related to page fault...

7.8CVSS9.6AI score0.01075EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/04 6:6 p.m.55 views

Security Bulletin: QRadar Suite Software includes components with multiple known vulnerabilities

Summary QRadar Suite Software includes components with known vulnerabilities. These have been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest version. Vulnerability Details...

9.9CVSS9.7AI score0.99506EPSS
Exploits69Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/29 9:5 p.m.55 views

Security Bulletin: Operations Dashboard is vulnerable to denial of service due to Go (CVE-2023-24534)

Summary Operations Dashboard is vulnerable to denial of service due to Go CVE-2023-24534 with details below. Vulnerability Details CVEID:CVE-2023-24534 DESCRIPTION: HTTP and MIME header parsing can allocate large amounts of memory, even when parsing small inputs, potentially leading to a denial o...

7.5CVSS8.4AI score0.01888EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/10/03 11:11 a.m.55 views

Security Bulletin: Multiple vulnerabilities may affect IBM® SDK, Java™ Technology Edition for IBM Content Collector for SAP Applications

Summary Multiple Vulnerabilities were disclosed as part of the Oracle July 2024 Critical Patch Update. Vulnerability Details CVEID: CVE-2024-21011 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow a remote attacker to cause low availability impact. CVSS...

3.7CVSS4.7AI score0.01361EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/08/10 3:11 a.m.55 views

Security Bulletin: IBM Data Virtualization on Cloud Pak for Data is vulnerable to OpenSSH vulnerability CVE-2024-6387

Summary IBM Data Virtualization on Cloud Pak for Data embeds a variant of the IBM Db2 database server that runs in MPP mode. For MPP functionality such as scale-out, internally the server uses the secure shell SSH protocol for inter-pod communication. SSH protocol is not exposed to external users...

8.1CVSS8.6AI score0.99506EPSS
Exploits68Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/11 5:24 p.m.55 views

Security Bulletin: IBM® Db2® is affected by a vulnerability in the open source zlib library. (CVE-2023-45853)

Summary IBM® Db2® is affected by a vulnerability in the open source zlib library. Vulnerability Details CVEID:CVE-2023-45853 DESCRIPTION: MiniZip is vulnerable to a denial of service, caused by an integer overflow and resultant heap-based buffer overflow in the zipOpenNewFileInZip464 function. By...

9.8CVSS9.5AI score0.02918EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/05/06 4:19 a.m.55 views

Security Bulletin: IBM Sterling Connect:Direct Web Services is vulnerable to security bypass due to PostgreSQL (CVE-2024-0985)

Summary IBM Connect:Direct Web Services uses PostgreSQL. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-0985 DESCRIPTION: PostgreSQL could allow a remote authenticated attacker to bypass security restrictions, caused by a flaw when...

8CVSS8.3AI score0.01465EPSS
Exploits0Affected Software1
Total number of security vulnerabilities5000