Lucene search
K
IbmMost viewed

35608 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2021/07/02 9:54 a.m.53 views

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Platform Symphony and IBM Spectrum Symphony

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8 Service Refresh 5 Fix Pack 37 and earlier releases used by IBM Platform Symphony and IBM Spectrum Symphony. IBM Platform Symphony and IBM Spectrum Symphony have addressed the applicable CVEs. Vulnerability...

9.8CVSS8.2AI score0.09393EPSS
Exploits3Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2021/06/29 3:29 p.m.53 views

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Rational ClearQuest (CVE-2021-3449, CVE-2021-3450)

Summary OpenSSL vulnerabilities were disclosed by the OpenSSL Project. OpenSSL is used by IBM Rational ClearQuest. IBM Rational ClearQuest has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2021-3449 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a NULL...

7.4CVSS1AI score0.62906EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/06/25 4:46 p.m.53 views

Security Bulletin: Vulnerabilities in OpenSSH and OpenSSL affect GPFS for Windows V3.5

Summary OpenSSH vulnerabilities were disclosed on July 22 , August 10, and October19, 2016 by the OpenSSH Project. OpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSH and OpenSSL are used by GPFS V3.5 for Windows. GPFS V3.5 for Windows has addressed...

9.8CVSS9AI score0.95707EPSS
Exploits25Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/05/14 9:27 p.m.53 views

Security Bulletin: Multiple Apache Tomcat Vulnerabilities Affect IBM Control Center

Summary Multiple Apache Tomcat vulnerabilities affect IBM Control Center. See vulnerability details for descriptions. Vulnerability Details CVEID: CVE-2020-9484 DESCRIPTION: Apache Tomcat could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe...

7.5CVSS8.3AI score0.87553EPSS
Exploits16Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/05/13 7:23 p.m.53 views

Security Bulletin: A security vulnerability in Node.js xmldom and msgpack5 module affects IBM Cloud Pak for Multicloud Management Managed Service

Summary A security vulnerability in Node.js xmldom and msgpack5 module affects IBM Cloud Pak for Multicloud Management Managed Service. Vulnerability Details CVEID: CVE-2021-21366 DESCRIPTION: Node.js xmldom module could allow a remote attacker to bypass security restrictions, caused by improper...

8.8CVSS2.1AI score0.01649EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/05/04 10:30 p.m.53 views

Security Bulletin: Issues in IBM® Java™ SDK Technology Edition affects IBM Security Identity Manager Virtual Appliance (CVE-2020-14577, CVE-2020-14578, CVE-2020-14579)

Summary There are multiple vulnerabilities in IBM® Java™ SDK Technology Edition used by IBM Security Identity Manager Virtual Appliance. IBM Security Identity Manager Virtual Appliance has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2020-14579 DESCRIPTION: An unspecified...

4.3CVSS2.6AI score0.04044EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/04/28 6:35 p.m.53 views

Security Bulletin: Security vulnerabilities in Apache Tomcat affect multiple IBM Rational products based on IBM's Jazz technology

Summary The Jazz Team Server is shipped with/or supports versions of the Apache Tomcat web server which contains a security vulnerabilities that could potentially impact the following IBM Rational products deployed on Apache Tomcat: Collaborative Lifecycle Management CLM, Rational DOORS Next...

8.1CVSS0.6AI score0.99988EPSS
Exploits39Affected Software7
IBM Security Bulletins
IBM Security Bulletins
added 2021/04/20 6:50 a.m.53 views

Security Bulletin: Vulnerability in Apache Solr affects IBM Operations Analytics - Log Analysis (CVE-2019-17558)

Summary Apache Solr is vulnerable to Remote Code Execution. This has been addressed. Vulnerability Details CVEID: CVE-2019-17558 DESCRIPTION: Apache Solr could allow a remote attacker to execute arbitrary code on the system. By providing a Velocity template through the VelocityResponseWriter, an...

7.5CVSS2.2AI score0.98567EPSS
Exploits12Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/04/09 3:15 a.m.53 views

Security Bulletin: IBM QRadar Network Security is affected by multiple vulnerabilities

Summary IBM QRadar Network Security has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2019-13734 DESCRIPTION: Google Chrome could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write in SQLite. By persuading a victim to visi...

8.8CVSS1.1AI score0.07417EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/04/01 9:5 p.m.53 views

Security Bulletin: Multiple vulnerabilities in Kubernetes affect IBM InfoSphere Information Server

Summary Muiltiple vulnerabilities in Kubernetes that is used by IBM InfoSphere Information Server were addressed. Vulnerability Details CVEID: CVE-2019-9512 DESCRIPTION: Multiple vendors are vulnerable to a denial of service, caused by a Ping Flood attack. By sending continual pings to an HTTP/2...

8.2CVSS0.7AI score0.87806EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/03/23 3:55 p.m.53 views

Security Bulletin: IBM Cloud Pak for Integration is vulnerable to Node.js vulnerabilities (CVE-2020-1971, CVE-2020-8265, and CVE-2020-8287)

Summary IBM Cloud Pak for Integration is vulnerable to Node.js vulnerabilities CVE-2020-1971, CVE-2020-8265, and CVE-2020-8287 with details of each below. Vulnerability Details CVEID: CVE-2020-1971 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference. If...

8.1CVSS0.3AI score0.16296EPSS
Exploits6Affected Software3
IBM Security Bulletins
IBM Security Bulletins
added 2021/03/16 6:52 a.m.53 views

Security Bulletin: A vulnerability was identified and remediated in the IBM MaaS360 Cloud Extender (CVE-2020-13434, CVE-2020-13435)

Summary A vulnerability was identified and remediated in the IBM MaaS360 Cloud Extender Vulnerability Details CVEID: CVE-2020-13435 DESCRIPTION: SQLite is vulnerable to a denial of service, caused by flaw in the sqlite3ExprCodeTarget function in expr.c. By sending a specially-crafted request, a...

5.5CVSS3.1AI score0.01013EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/02/01 8:57 p.m.53 views

Security Bulletin: Vulnerability in Curl affects PowerSC (CVE-2020-8231)

Summary There is a vulnerability in Curl that affects PowerSC. Vulnerability Details CVEID: CVE-2020-8231 DESCRIPTION: cURL libcurl could allow a remote attacker to obtain sensitive information, caused by the improper handling of the CURLOPTCONNECTONLY option. The raw data is sent over that...

7.5CVSS0.3AI score0.03721EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/01/29 2:23 p.m.53 views

Security Bulletin: Vulnerability in IBM Java SDK affects IBM Z Development and Test Environment - Jan 2021

Summary There is a vulnerability in IBM® SDK Java™ Technology Edition, Version 8 that is used by IBM Z Development and Test Environment. The issue was disclosed as part of the IBM Java SDK updates in October 2020 CVE-2020-14577 Vulnerability Details CVEID: CVE-2020-14577 DESCRIPTION: An unspecifi...

4.3CVSS1.1AI score0.03284EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/01/20 3:24 p.m.53 views

Security Bulletin: Vulnerabilities in OpenSSL affect GCM16 & GCM32 KVM Switch Firmware

Summary IBM GCM16 & GCM32 KVM Switch Firmware have addressed the following vulnerabilities in OpenSSL. Vulnerability Details CVEID: CVE-2019-1547 DESCRIPTION: OpenSSL could allow a local authenticated attacker to obtain sensitive information, caused by the ability to construct an EC group missing...

4.7CVSS0.3AI score0.03838EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/11/17 2:31 p.m.53 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM Decision Optimization Center (CVE-2020-14577, CVE-2020-14578, CVE-2020-14579, CVE-2020-14621)

Summary There are multiple vulnerabilities in IBM® SDK Java™ and IBM® Runtime Environment Java™ Versions 7 & 8 used by IBM Decision Optimization Center. IBM Decision Optimization Center has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2020-14621 DESCRIPTION: An unspecified...

5.3CVSS1.5AI score0.04315EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/10/19 4:56 p.m.53 views

Security Bulletin: IBM Security Guardium is affected by vulnerabilities in DB2, which Guardium ships

Summary IBM Security Guardium has fixed these vulnerabilities Vulnerability Details CVEID: CVE-2008-4692 DESCRIPTION: An unspecified error in IBM DB2 related to the failure to drop views and triggers within the Native Managed Provider for .NET has an unknown impact and attack vector. CVSS Base...

10CVSS0.9AI score0.26989EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/10/07 9:15 p.m.53 views

Security Bulletin: Steps to update DataQuant Wrokstation ans DataQuant WebSphere plugins.

Summary Query is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the HTML function. A remote attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site. An attacker could use...

6.9CVSS0.3AI score0.99019EPSS
Exploits11Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/09/27 5:34 p.m.53 views

Security Bulletin: Security Vulnerabilities affect IBM Cloud Private - Netty (CVE-2019-20445, CVE-2019-20444)

Summary Security vulnerabilities affect IBM Cloud Private Vulnerability Details CVEID: CVE-2019-20445 DESCRIPTION: Netty could provide weaker than expected security, caused by non-proper handling of Content-Length and Transfer-Encoding in the HttpObjectDecoder.java. A remote attacker could exploi...

9.1CVSS0.4AI score0.13474EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/09/23 12:38 p.m.53 views

Security Bulletin: Publicly disclosed vulnerabilities from Kernel affect IBM Netezza Host Management

Summary Kernel is used by IBM Netezza Host Management. This bulletin provides mitigation for the reported CVEs Vulnerability Details CVEID: CVE-2020-12655 DESCRIPTION: Linux Kernel could allow a local attacker to bypass security restrictions, caused by a flaw in the xfsagfverify function in...

5.5CVSS0.3AI score0.00461EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/09/08 8:36 p.m.53 views

Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Predictive Insight

Summary OpenSSL vulnerabilities were disclosed on March 1, 2016 by the OpenSSL Project. OpenSSL is used by IBM Predictive Insight. IBM Predictive Insight has addressed the applicable CVEs including the “DROWN: Decrypting RSA with Obsolete and Weakened eNcryption" vulnerability. Vulnerability...

10CVSS9.2AI score0.82112EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/08/31 9:46 p.m.53 views

Security Bulletin: IBM Resilient SOAR is Using Components with Known Vulnerabilities - Apache Tomcat 7.099 (CVE-2020-13935)

Summary Apache Tomcat 7.099 is vulnerable to a denial of service, caused by improper validation of the payload length in a WebSocket frame. By sending multiple requests with invalid payload lengths, a remote attacker could exploit this vulnerability to cause the application to enter into an...

7.5CVSS0.8AI score0.87553EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/08/10 12:46 p.m.53 views

Security Bulletin: IBM Event Streams is affected by multiple Java vulnerabilities

Summary IBM Event Streams is affected by multiple Java vulnerabilities in the Java runtime Vulnerability Details CVEID: CVE-2020-2805 DESCRIPTION: An unspecified vulnerability in Java SE related to the Java SE Libraries component could allow an unauthenticated attacker to take control of the...

8.3CVSS1.3AI score0.0623EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/08/05 6:13 a.m.53 views

Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect WebSphere Application Server shipped with IBM Tivoli Netcool Performance Manager for Wireline April 2020 CPU plus deferred CVE-2019-2949 and CVE-2020-2654

Summary There are vulnerabilities in IBM® SDK Java™ Technology Edition, Version that is used by Tivoli Netcool Performance Manager. This issues is disclosed as part of the IBM Java SDK updates for April 2020. Information about a security vulnerability affecting IBM WebSphere Application Server ha...

0.1AI score0.03823EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/24 10:19 p.m.53 views

Security Bulletin: Vulnerability in GSKit affects IBM Sterling Connect:Direct for UNIX (CVE-2016-2183)

Summary An OpenSSL vulnerability disclosed by the OpenSSL Project affects GSKit. IBM Sterling Connect:Direct for UNIX uses GSKit and therefore is also vulnerable. This vulnerability is known as the SWEET32 Birthday attack. Vulnerability Details CVEID: CVE-2016-2183 DESCRIPTION: OpenSSL could allo...

7.5CVSS0.4AI score0.95707EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/20 8:9 p.m.53 views

Security Bulletin: WML CE: SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c.

Summary Tensorflow uses SQLite as its embedded SQL database engine. SQLite through 3.32.0 has an integer overflow in sqlite3strvappendf in printf.c so it has been updated to 3.32.3 in WML CE. Vulnerability Details CVEID: CVE-2020-13435 DESCRIPTION: SQLite is vulnerable to a denial of service,...

5.5CVSS1.5AI score0.01013EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/05/18 9:14 p.m.53 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM InfoSphere Information Server

Summary There are multiple vulnerabilities in the IBM® SDK Java™ Technology Edition, Versions 7 and 8 that are used by IBM InfoSphere Information Server. These issues were disclosed as part of the IBM Java SDK updates in October 2019 and January 2020. Vulnerability Details CVEID: CVE-2020-2593...

7.2CVSS1.2AI score0.0404EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/04/23 1:50 p.m.53 views

Security Bulletin: A vulnerability in IBM Java SDK affects IBM Cloud App Management (CVE-2020-2593)

Summary An unspecified vulnerability in Java SE related to the Java SE Networking component could allow an unauthenticated attacker to cause low confidentiality impact, low integrity impact, and no availability impact. This vulnerability has been addressed by IBM Cloud App Management in a later...

5.8CVSS2.2AI score0.02984EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/02/27 10:36 a.m.53 views

Security Bulletin: IBM Security SiteProtector System is affected by Apache HTTP Server vulnerabilities

Summary IBM Security SiteProtector System has addressed the following vulnerabilities in Apache HTTP Server. Vulnerability Details CVEID: CVE-2019-10092 DESCRIPTION: In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the modproxy error page. An attacke...

6.1CVSS0.2AI score0.81466EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/02/11 6:43 a.m.53 views

Security Bulletin: Security Vulnerability in OpenSSL affect IBM Netezza Analytics

Summary OpenSSL is used by IBM Netezza Analytics. IBM Netezza Analytics has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2019-1552 DESCRIPTION: OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification...

3.3CVSS1AI score0.00678EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/02/07 2:17 a.m.53 views

Security Bulletin: Aspera Web Application (Faspex, Console, Orchestrator, Shares) are affected by Apache vulnerabilities (CVE-2019-9517, CVE-2019-10097)

Summary Aspera Web Application Faspex, Console, Shares, Orchestrator have affected the following Apache vulnerabilities. Vulnerability Details CVEID: CVE-2019-9517 DESCRIPTION: Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of...

7.8CVSS1.7AI score0.52873EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/02/07 2:2 a.m.53 views

Security Bulletin: Aspera Web Applications (Faspex, Console, Shares) are affected by Apache Vulnerabilities (CVE-2019-10081, CVE-2019-10082, CVE-2019-10092, CVE-2019-10098), )

Summary Aspera Web Applications Faspex, Console, Shares have addressed the following Apache vulnerabilities. Vulnerability Details CVEID: CVE-2019-10081 DESCRIPTION: HTTP/2 2.4.20 through 2.4.39 very early pushes, for example configured with "H2PushResource", could lead to an overwrite of memory ...

9.1CVSS0.3AI score0.81466EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/12/20 9:21 p.m.53 views

Security Bulletin: Multiple Vulnerabilities in libCurl affects IBM Watson Studio Local

Summary Multiple Vulnerabilities in libCurl affects IBM Watson Studio Local Vulnerability Details CVEID: CVE-2019-5482 DESCRIPTION: Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3. CVSS Base score: 6.3 CVSS Temporal Score: See:...

9.8CVSS0.8AI score0.17939EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/12/19 9:1 p.m.53 views

Security Bulletin: IBM Cognos Business Intelligence has addressed multiple vulnerabilties

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 7 used by IBM Cognos Business Intelligence. These issues were disclosed as part of the IBM Java SDK updates in October 2018, January 2019, April 2019, July 2019 and October 2019. IBM Cognos Business Intelligence...

9.8CVSS0.7AI score0.94494EPSS
Exploits17Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/12/19 4:54 p.m.53 views

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Tivoli Netcool/OMNIbus (Multiple CVEs)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Versions 5, 6, and 7 that are used by Tivoli Netcool/OMNIbus. These issues were disclosed as part of the IBM Java SDK updates in January 2015. This bulletin also addresses the “FREAK: Factoring Attack...

5.4CVSS1.7AI score0.67234EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/12/18 2:26 p.m.53 views

Security Bulletin: IBM i is affected by DHCP vulnerabilities (CVE-2015-8605 and CVE-2016-2774).

Summary IBM i DHCP is vulnerable to several security vulnerabilities. Vulnerability Details CVEID: CVE-2015-8605 DESCRIPTION: ISC DHCP is vulnerable to a denial of service, caused by the failure to properly check the UDP payload length. By sending a specially crafted packet with an invalid IPv4 U...

7.1CVSS0.9AI score0.7645EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/12/18 2:26 p.m.53 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM i

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is used by IBM i. Vulnerability Details CVEID: CVE-2015-2638 DESCRIPTION: An unspecified vulnerability related to the 2D component has complete confidentiality impact, complete integrity impact, and complete...

10CVSS0.6AI score0.44595EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/11/18 1:57 p.m.53 views

Security Bulletin: Vulnerabilities in OpenSSL affect WebSphere Cast Iron Cloud Integration (CVE-2015-3197)

Summary OpenSSL vulnerabilities were disclosed on January 28, 2016 by the OpenSSL Project. OpenSSL is used by WebSphere Cast Iron Cloud Integration, has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2015-3197 DESCRIPTION: OpenSSL could allow a remote attacker to conduct...

5.9CVSS1.1AI score0.10731EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/10/18 3:50 a.m.53 views

Security Bulletin: Vulnerabilities in Bash affect IBM PureData System for Operational Analytics (CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, CVE-2014-6278)

Summary Six Bash vulnerabilities were disclosed in September 2014. This bulletin addresses the vulnerabilities that have been referred to as “Bash Bug” or “Shellshock” and two memory corruption vulnerabilities. Bash is used by the IBM PureData System for Operational Analytics. Vulnerability Detai...

10CVSS1.7AI score0.99999EPSS
Exploits158Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/10/18 3:36 a.m.53 views

Security Bulletin: L1TF - L1 Terminal Fault Attack affect IBM Netezza Host Management

Summary Open Source Linux Kernel is used by IBM Netezza Host Management. IBM Netezza Host Management has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2018-3646 DESCRIPTION: Multiple Intel CPUs could allow a local attacker to obtain sensitive information, caused by a flaw in the...

5.6CVSS0.5AI score0.08101EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/10/03 10:50 p.m.53 views

Security Bulletin: IBM Cloud Private for Data is affected by a privilege escalation vulnerability in Kubernetes API server

Summary IBM Cloud Private for Data is affected by a security vulnerability in Kubernetes which in some cases can allow unauthorized access to the Kubernetes API Server and/or trusted user privilege escalation. Vulnerability Details CVEID: CVE-2018-1002105 DESCRIPTION: Kubernetes could allow a...

9.8CVSS1.5AI score0.86978EPSS
Exploits10Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/09/11 5:35 p.m.53 views

Security Bulletin: Vyatta 5600 vRouter Software Patches - Release 1801-zb

Summary AT&T has released versions 1801-zb for the Vyatta 5600. Details of these releases can be found at https://cloud.ibm.com/docs/infrastructure/virtual-router-appliance?topic=virtual-router-appliance-at-t-vyatta-5600-vrouter-software-patchesat-t-vyatta-5600-vrouter-software-patches...

7.8CVSS0.7AI score0.97549EPSS
Exploits44Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/07/09 5:30 a.m.53 views

Security Bulletin: A vulnerability in IBM Java SDK and IBM Java Runtime affect Rational Business Developer.

Summary There is a vulnerability in IBM® SDK Java™ Technology Edition, Version 7 & 8 and IBM® Runtime Environment Java™ Version 7 & 8 used by Rational Business Developer. Rational Business Developer has addressed the applicable CVE. This issue was disclosed as part of the IBM Java SDK and Runtime...

7.5CVSS1.3AI score0.0441EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/05/01 5:50 p.m.53 views

Security Bulletin: Vyatta 5600 vRouter Software Patches - Releases 1801-w and 1801-y

Summary AT&T has released versions 1801-w and 1801-y for the Vyatta 5600. Details of these releases can be found at https://cloud.ibm.com/docs/infrastructure/virtual-router-appliance?topic=virtual-router-appliance-at-t-vyatta-5600-vrouter-software-patchesat-t-vyatta-5600-vrouter-software-patches...

9.8CVSS1AI score0.58204EPSS
Exploits22Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/31 2:25 a.m.53 views

Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in libxml2 (CVE-2016-9318 CVE-2016-9597)

Summary IBM Dynamic System Analysis DSA Preboot has addressed the following vulnerabilities in libxml2. Vulnerability Details Summary IBM Dynamic System Analysis DSA Preboot has addressed the following vulnerabilities in libxml2. Vulnerability Details CVEID: CVE-2016-9318 Description: Libxml2 cou...

7.5CVSS0.3AI score0.04484EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2018/11/02 5:50 a.m.53 views

Security Bulletin: Vulnerability in IBM Java Runtime affect IBM SONAS (CVE-2016-0705)

Summary There is a vulnerability in IBM® Runtime Environment Java™ Technology Edition, that is used by IBM SONAS. IBM SONAS has addressed the applicable CVEs. Vulnerability Details IBM SONAS is shipped with Java. Java is required for SONAS administration, for executing SONAS specific commands on...

10CVSS1.3AI score0.26335EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/10/17 3:25 p.m.53 views

Security Bulletin: Apache Struts Vulnerability Can Affect IBM Sterling Order Management (CVE-2018-11776)

Summary IBM Sterling Order Management uses Apache Struts 2 and is affected by some of the vulnerabilities that exist in Apache Struts 2 Vulnerability Details CVEID: CVE-2018-11776 DESCRIPTION: Apache Struts could allow a remote attacker to execute arbitrary code on the system, caused by an error...

9.3CVSS1.2AI score0.99993EPSS
Exploits41Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/10/03 4:25 p.m.53 views

Security Bulletin: Vulnerabilities in libjpeg affect IBM BladeCenter Advanced Management Module (AMM)

Summary IBM BladeCenter Advanced Management Module AMM has addressed the following vulnerabilities in libjpeg. Vulnerability Details CVEID: CVE-2018-11813 DESCRIPTION: libjpeg is vulnerable to a denial of service, caused by a large loop in the readpixel function in rdtarga.c. By persuading a vict...

8.8CVSS2.1AI score0.04765EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/08/21 7:48 p.m.53 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM Security Access Manager

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 6, 7 & 8 and IBM® Runtime Environment Java™ Versions 6,7 & 8 used by IBM Security Access Manager software and appliances. These issues were disclosed as part of the IBM Java SDK updates in January 2018...

8.3CVSS2.5AI score0.06905EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2018/08/03 4:23 a.m.53 views

Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Rational Application Developer for WebSphere Software included in Rational Developer for i and Rational Developer for AIX and Linux

Summary Portions of IBM Rational Application Developer for WebSphere Software are shipped as a component of Rational Developer for i RPG and COBOL + Modernization Tools, Java and EGL editions, and Rational Developer for AIX and Linux. OpenSSL vulnerabilities were disclosed on March 1, 2016 by the...

10CVSS0.5AI score0.32414EPSS
Exploits2Affected Software2
Total number of security vulnerabilities5000