Lucene search
K
IbmMost viewed

35608 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2018/07/26 9:12 p.m.50 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Business Developer.

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 & 8 and IBM® Runtime Environment Java™ Version 7 & 8 used by Rational Business Developer. These issues were disclosed as part of the IBM Java SDK updates in April 2018. Vulnerability Details CVEID:...

7.7CVSS0.9AI score0.15141EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/07/10 8:34 a.m.50 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Rational ClearCase (CVE-2016-3426, CVE-2016-3427)

Summary IBM WebSphere Application Server WAS is shipped as a component of IBM Rational ClearCase. Information about a security vulnerability affecting WAS has been published in a security bulletin. Vulnerability Details Refer to the bulletin "Security Bulletin: Multiple vulnerabilities in IBM® Ja...

10CVSS2.2AI score0.92334EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/23 5:39 a.m.50 views

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Rational DOORS Web Access

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions 7 and 8, which are used by IBM Rational DOORS Web Access. These issues were disclosed as part of the IBM Java SDK updates in April 2018. Vulnerability Details CVEID: CVE-2018-2783 DESCRIPTION: An unspecified...

7.4CVSS1.3AI score0.03966EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 1:27 a.m.50 views

Security Bulletin: GNU C library (glibc) vulnerability affects IBM SDN-VE Unified Controller and IBM SDN-VE Service Appliance (CVE-2015-0235)

Summary GNU C library glibc vulnerability that has been referred to as GHOST affects IBM SDN VE Unified Controller and IBM SDN VE Service Appliance. Vulnerability Details CVEID: CVE-2015-0235 DESCRIPTION:The gethostbyname functions of the GNU C Library glibc are vulnerable to a buffer overflow. B...

10CVSS1.3AI score0.94859EPSS
Exploits29Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 12:28 a.m.50 views

Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Storwize V7000 Unified (CVE-2016-6304, CVE-2016-6303, CVE-2016-2178, CVE-2016-6306 and CVE-2016-2183)

Summary OpenSSL is used by IBM Storwize V7000 Unified. IBM Storwize V7000 Unified has addressed the applicable CVEs. Vulnerability Details OpenSSL is used in IBM Storwize V7000 Unified for providing communication security by encrypting data being transmitted. CVEID: CVE-2016-6304 DESCRIPTION:...

9.8CVSS1.1AI score0.95707EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 12:8 a.m.50 views

Security Bulletin: Mozilla firefox vulnerability issues on IBM Storwize V7000 Unified system (CVE-2014-1493, CVE-2014-1497, CVE-2014-1505, CVE-2014-1508, CVE-2014-1509, CVE-2014-1510, CVE-2014-1511, CVE-2014-1512, CVE-2014-1513, CVE-2014-1514)

Summary IBM Storwize V7000 Unified system is shipped with Mozilla firefox, for which fixes are available for security vulnerabilities. Vulnerability Details CVEID: CVE-2014-1493 CVE-2014-1497 CVE-2014-1505 CVE-2014-1508 CVE-2014-1509 CVE-2014-1510 CVE-2014-1511 CVE-2014-1512 CVE-2014-1513...

10CVSS0.6AI score0.83633EPSS
Exploits17Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 10:33 p.m.50 views

Security Bulletin: IBM Cloud Orchestrator and Cloud Orchestrator Enterprise update of IBM® SDK Java™ Technology Edition and IBM® Runtime Environment Java™

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition and IBM® Runtime Environment Java™ Version that is provided with IBM WebSphere Application Server. These issues were disclosed as part of the IBM Java SDK updates for Oct 2017 CPU . These issues were addressed by IBM...

9.6CVSS8.7AI score0.16181EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 10:33 p.m.50 views

Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance

Summary Multiple vulnerabilities in OpenSSL affect all releases of IBM SmartCloud Provisioning 2.1 for IBM Software Virtual Appliance. This bulletin covers also OpenSSL vulnerabilities that were disclosed on March 1, 2016 by the OpenSSL Project inluding the “DROWN: Decrypting RSA with Obsolete an...

10CVSS8AI score0.82112EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 3:51 p.m.50 views

Security Bulletin: Multiple vulnerabilities in IBM Java JRE affect IBM Tivoli Monitoring

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 1.6, and Version 7 that is shipped as part of multiple IBM Tivoli Monitoring ITM components. Vulnerability Details CVEID: CVE-2018-2579 DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the...

8.3CVSS0.6AI score0.07525EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 3:49 p.m.50 views

Security Bulletin: Multiple vulnerabilities in IBM JRE affect IBM Tivoli Composite Application Manager for Transactions (Multiple CVEs)

Summary There are multiple vulnerabilities in IBM JRE Version 6.0, 7.0 and 8.0 that is used by IBM Tivoli Composite Application Manager for Transactions. These issues were disclosed as part of the IBM JRE updates in Oct 2017. Vulnerability Details CVEID: CVE-2017-10345 DESCRIPTION: An unspecified...

7.5CVSS1.1AI score0.03305EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 3:36 p.m.50 views

Security Bulletin: IBM MessageSight affected by GSKit Sweet32 Birthday attacks (CVE-2016-2183)

Summary IBM MessageSight is affected by a GSKit vulnerability in the MQClient. Vulnerability Details CVEID: CVE-2016-2183 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DES/3DES cipher, used as a part of the SSL/TLS protocol. By...

7.5CVSS1.5AI score0.95707EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 3:27 p.m.50 views

Security Bulletin: Multiple Expat XML Parser vulnerabilities in Prospect

Summary There are potential multiple Expat xml parser vulnerabilities in Prospect Core 8.0.7 Server. Vulnerability Details CVEID: CVE-2012-0876 DESCRIPTION: Expat is vulnerable to a denial of service, caused by insufficient randomization of hash data structures. By sending multiple...

9.8CVSS0.6AI score0.13335EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 3:15 p.m.50 views

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Tivoli Netcool/OMNIbus (Multiple CVEs)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Versions 6 and 7 that are used by Tivoli Netcool/OMNIbus. These were disclosed as part of the IBM Java SDK updates in October 2015. Vulnerability Details CVEID: CVE-2015-4872 DESCRIPTION: An unspecifi...

5CVSS0.6AI score0.04695EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 3:4 p.m.50 views

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Tivoli Netcool/OMNIbus (Multiple CVEs)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Versions 6 and 7 that are used by Tivoli Netcool/OMNIbus. . These issues were disclosed as part of the IBM Java SDK updates in April 2015. This bulletin also addresses FREAK: Factoring Attack on...

5CVSS1.6AI score0.98685EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 3:3 p.m.50 views

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM WebSphere Application Server shipped with Tivoli Business Service Manager. (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects IBM WebSphere Application Server shipped with Tivoli Business Service Manager. IBM WebSphere Application Server is shipped as a component of Tivoli Business Service Manager. Information about th...

4.3CVSS0.2AI score0.9986EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 5:27 a.m.50 views

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Rational Service Tester.

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 1.8 and 1.7 used by Rational Service Tester. These issues were disclosed as part of the IBM Java SDK updates in October 2017. Vulnerability Details CVEID: CVE-2017-10388 DESCRIPTION: An unspecified vulnerability...

7.5CVSS1.2AI score0.03206EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 5:24 a.m.50 views

Security Bulletin: Vulnerability in IBM Java Runtime affects Rational Publishing Engine

Summary There are multiple vulnerabilities in IBM Java Runtime Environment, Versions 6 and 7 that are used by Rational Publishing Engine. Vulnerability Details CVEID: CVE-2017-10198 DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the Java SE, Java SE Embedded, JRockit...

9.8CVSS0.5AI score0.05034EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 5:20 a.m.50 views

Security Bulletin: Security vulnerabilities in Apache Tomcat affect Rational Reporting for Development Intelligence

Summary The Rational Reporting for Development Intelligence RRDI is shipped with a version of the Apache Tomcat web server which contains security vulnerabilities that could have a potential security impact. Vulnerability Details CVEID: CVE-2016-0762 DESCRIPTION: Apache Tomcat could allow a remot...

9.1CVSS0.3AI score0.10303EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 5:13 a.m.50 views

Security Bulletin: A security vulnerability has been identified in Jazz Team Server shipped with Jazz Reporting Service (CVE-2016-3427)

Summary Jazz Team Server is shipped as a component of Jazz Reporting Service JRS. Information about a security vulnerabilities affecting Jazz Team Server and Jazz-based products has been published in a security bulletin. Vulnerability Details Consult the security bulletin Security Bulletin:...

10CVSS2AI score0.92334EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 4:56 a.m.51 views

Security Bulletin: Rational Build Forge Security Advisory (CVE-2014-0075, CVE-2014-0099)

Summary Apache Tomcat has security vulnerabilities that can lead to a denial of service DOS attack or obtain sensitive information. To avoid this issue in IBM Rational Build Forge, you should use the latest version Apache Tomcat Server which contains the fix for these problems Vulnerability Detai...

5CVSS0.6AI score0.2006EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:59 p.m.50 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM Security Access Manager appliances

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition, Version 8 and IBM Runtime Environment Java Version 8 used by IBM Security Access Manager version 8 and 9 appliances. These issues were disclosed as part of the IBM Java SDK updates in January 2017. Vulnerability Detail...

9CVSS2.5AI score0.95707EPSS
Exploits11Affected Software3
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:59 p.m.50 views

Security Bulletin: Fixes for Multiple Security Vulnerabilities in IBM Security Identity Governance and Intelligence available

Summary There are multiple security vulnerabilities in various components used by IBM Security Identity Governance and Intelligence Virtual Appliance Vulnerability Details CVEID: CVE-2017-3289 DESCRIPTION: An unspecified vulnerability in Oracle Java SE and Java SE Embedded related to the Hotspot...

9.6CVSS1.2AI score0.95707EPSS
Exploits13Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:49 p.m.50 views

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Security Network Active Bypass (CVE-2016-6304, CVE-2016-6303, CVE-2016-2181, CVE-2016-6309, CVE-2016-7052 )

Summary OpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL is used by IBM Security Network Active Bypass. IBM Security Network Active Bypass has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-6303 DESCRIPTION: OpenSSL is...

10CVSS1.1AI score0.70223EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:44 p.m.50 views

Security Bulletin: IBM Security Access Manager for Web is affected by vulnerabilities in OpenSSH (CVE-2016-3115, CVE-2016-1908)

Summary Vulnerabilities have been identified in OpenSSH. IBM Security Access Manager for Web uses OpenSSH and is affected by these vulnerabilities. Vulnerability Details CVEID: CVE-2016-3115 DESCRIPTION: OpenSSH could allow a remote authenticated attacker to execute arbitrary commands on the...

9.8CVSS2.1AI score0.37016EPSS
Exploits13Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:42 p.m.50 views

Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Security Network Protection

Summary There are multiple vulnerabilities in OpenSSL that is used by IBM Security Network Protection. These vulnerabilities include CVE-2016-0799, CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-2108, CVE-2016-2109, and CVE-2016-2842. Vulnerability Details CVEID: CVE-2016-0799 DESCRIPTION:...

10CVSS1.4AI score0.89058EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:41 p.m.51 views

Security Bulletin: Vulnerabilities in Open Source openSSL affect IBM Security Identity Governance Appliance

Summary Vulnerabilities in Open Source openssl that is used by IBM Security Identity Governance Vulnerability Details CVEID: CVE-2016-0797 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference in the BNhex2bn/BNdec2bn function. An attacker could exploit...

10CVSS1.8AI score0.82112EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:40 p.m.50 views

Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Security Network Protection

Summary OpenSSL vulnerabilities were disclosed on March 1, 2016 by the OpenSSL Project. OpenSSL is used by IBM Security Network Protection. IBM Security Network Protection has addressed the applicable CVEs including the “DROWN: Decrypting RSA with Obsolete and Weakened eNcryption" vulnerability...

10CVSS2.1AI score0.82112EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:38 p.m.50 views

Security Bulletin: IBM Security Access Manager for Web is affected by multiple NTP vulnerabilities

Summary The Network Time Protocol NTP is used to synchronize a computer's time with another referenced time source. IBM Security Access Manager for Web uses NTP and is affected by multiple NTP vulnerabilities. Vulnerability Details CVEID: CVE-2014-9297 DESCRIPTION: Network Time Protocol NTP Proje...

7.5CVSS0.9AI score0.05292EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 8:13 p.m.50 views

Security Bulletin: Multiple Vulnerabilities in IBM Java SDK Affect IBM Emptoris Strategic Supply Management Suite of Products and IBM Emptoris Services Procurement

Summary The IBM Emptoris Strategic Supply Management suite of products are affected by multiple security vulnerabilities that exist in the IBM SDK Java Technology Edition that is shipped with IBM WebSphere Application Server. The security bulletin includes issues that were disclosed as part of th...

8.3CVSS8.2AI score0.06905EPSS
Exploits0Affected Software6
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 8:9 p.m.50 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Emptoris Strategic Supply Management and IBM Emptoris Services Procurement products.

Summary The IBM Emptoris Strategic Supply Management Suite and IBM Emptoris Services Procurement products are affected by multiple security vulnerabilities that exist in the IBM SDK Java Technology Edition that is shipped with IBM WebSphere Application Server. The security bulletin includes issue...

9CVSS7.7AI score0.95707EPSS
Exploits11Affected Software7
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 8:4 p.m.50 views

Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with WebSphere Partner Gateway Advanced/Enterprise Edition(CVE-2016-3092)

Summary WebSphere Application Server is shipped as a component of WebSphere Partner Gateway. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Please consult the security bulletin Apache Commons...

2.5AI score0.35927EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 7:47 p.m.50 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Emptoris Strategic Supply Management, and IBM Emptoris Services Procurement.

Summary The IBM Emptoris Strategic Supply Management Suite and IBM Emptoris Services Procurement products are affected by multiple security vulnerabilities that exist in IBM SDK Java Technology Edition that is shipped with IBM WebSphere Application Server. The security bulletin includes issues...

5CVSS5.2AI score0.9986EPSS
Exploits1Affected Software6
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 1:47 p.m.50 views

Security Bulletin: Vulnerabilities in OpenSSL affect IBM InfoSphere Information Server

Summary OpenSSL vulnerabilities were disclosed on January 26, 2017 by the OpenSSL Project. OpenSSL is used by IBM InfoSphere Information Server. IBM InfoSphere Information Server has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2017-3731 DESCRIPTION: OpenSSL is vulnerable to a...

7.5CVSS7.3AI score0.57595EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 1:41 p.m.50 views

Security Bulletin: Vulnerability in Apache Taglibs affects IBM InfoSphere Information Server (CVE-2015-0254)

Summary An Apache Taglibs vulnerability while processing XML data was addressed by IBM InfoSphere Information Server. Vulnerability Details CVEID: CVE-2015-0254 DESCRIPTION: Apache Standard Taglibs could allow a remote attacker to execute arbitrary code on the system, caused by an XML External...

7.5CVSS1.6AI score0.1326EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 11:46 p.m.50 views

Security Bulletin: Multiple vulnerabilities in IBM® Java Runtime affect IBM Cognos Command Center

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 6 that is used by IBM Cognos Command Center. These issues were disclosed as part of the IBM Java SDK updates in April 2017. Vulnerability Details CVEID: CVE-2017-3544 DESCRIPTION: An unspecifi...

9.8CVSS1.6AI score0.07489EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 10:50 p.m.50 views

Security Bulletin: Vulnerability in Apache Struts affects IBM Social Media Analytics (CVE-2017-5638)

Summary An Apache Struts vulnerability was addressed by IBM Social Media Analytics. Vulnerability Details CVEID: CVE-2017-5638 DESCRIPTION: Apache Struts could allow a remote attacker to execute arbitrary code on the system, caused by an error when performing a file upload based on Jakarta...

10CVSS8.3AI score0.99999EPSS
Exploits44Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:6 a.m.50 views

Security Bulletin: Multiple vulnerabilities may affect IBM® WebSphere Real Time

Summary Java SE issues disclosed in the Oracle October 2016 Critical Patch Update Vulnerability Details CVE IDs: CVE-2016-5568 CVE-2016-5556 CVE-2016-5573 CVE-2016-5597 CVE-2016-5554 CVE-2016-5542 DESCRIPTION: This bulletin covers all applicable Java SE CVEs published by Oracle as part of their...

9.6CVSS0.5AI score0.04885EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:6 a.m.50 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Development Package for Apache Spark

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8.0 that is provided with IBM Development Package for Apache Spark. These issues are disclosed as part of the IBM Java SDK updates in July 2016. Vulnerability Details If you run Java code using the IBM runtim...

9.6CVSS2.5AI score0.0669EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:6 a.m.50 views

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Workload Deployer (CVE-2016-2105, CVE-2016-2106, CVE-2016-2108, CVE-2016-2109)

Summary OpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by IBM Workload Deployer. IBM Workload Deployer has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-2105 DESCRIPTION: OpenSSL is vulnerable to a heap-based buffer overflow,...

10CVSS8.2AI score0.77906EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:3 a.m.50 views

Security Bulletin: Multiple vulnerabilities in current releases of IBM® WebSphere Real Time

Summary Java SE issues disclosed in the Oracle October 2015 Critical Patch Update, plus CVE-2015-5006 Vulnerability Details CVE IDs: CVE-2015-4844 CVE-2015-4843 CVE-2015-4805 CVE-2015-4860 CVE-2015-4883 CVE-2015-4835 CVE-2015-4810 CVE-2015-4806 CVE-2015-4871 CVE-2015-4902 CVE-2015-4872...

10CVSS0.7AI score0.13354EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/08 8:43 a.m.49 views

Security Bulletin: Improper Unicode Handling in validator isLength() Leads to Input Length Bypass (Pre-13.15.22) affects watsonx.data

Summary Versions of the package validator before 13.15.22 are vulnerable to Incomplete Filtering of One or More Instances of Special Elements in the isLength function that does not take into account Unicode variation selectors \uFE0F, \uFE0E appearing in a sequence which lead to improper string...

8.7CVSS6AI score0.00454EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/06/19 5:35 a.m.49 views

Security Bulletin: IBM Guardium Data Security Center is affected by multiple vulnerabilities

Summary IBM Guardium Data Security Center has addressed these vulnerabilities with an update Vulnerability Details CVEID:CVE-2019-12900 DESCRIPTION: bzip2 is vulnerable to a denial of service, caused by an out-of-bounds write flaw when there are many selectors in the BZ2decompress function in...

9.8CVSS9.6AI score0.14859EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/29 2:24 a.m.49 views

Security Bulletin: IBM Robotic Process Automation is vulnerable to exposure of Azure bot credentials (CVE-2022-22490)

Summary Security Bulletin: IBM Robotic Process Automation is vulnerable to exposure of Azure bot credentials CVE-2022-22490 Vulnerability Details CVEID:CVE-2022-22490 DESCRIPTION: IBM Robotic Process Automation could allow a privileged user to obtain sensitive Azure bot credential information. CV...

4.9CVSS4.9AI score0.00661EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/29 2:16 a.m.49 views

Security Bulletin: IBM QRadar SIEM is vulnerable to cross-site scripting (XSS) (CVE-2022-22345)

Summary IBM QRadar SIEM is vulnerable to cross site scripting XSS. IBM QRadar SIEM has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2022-22320 DESCRIPTION: IBM QRadar is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the...

4.8CVSS4.9AI score0.01814EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/25 10:44 a.m.49 views

Security Bulletin: Multiple Vulnerabilities in IBM webMethods API Management

Summary Multiple vulnerabilities were addressed in the latest fix release for IBM webMethods API Management 11.1 Vulnerability Details CVEID:CVE-2024-23672 DESCRIPTION: Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket...

8.8CVSS10AI score0.03005EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 2:30 a.m.49 views

Security Bulletin: IBM MaaS360 Cloud Extender Agent, Configuration Utility, Email Notification, Real Time Action and Base Module affected by multiple vulnerabilities (CVE-2023-46219, CVE-2023-46218, CVE-2023-52071, CVE-2024-0853)

Summary Vulnerabilities contained within libcurl a 3rd party component were addressed in the IBM MaaS360 Cloud Extender Agent, Configuration Utility, Email Notification, Realtime Action and Base Modules. Vulnerability Details CVEID:CVE-2023-46219 DESCRIPTION: cURL libcurl could allow a remote...

6.5CVSS8AI score0.01685EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/26 3:48 a.m.49 views

Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOPs

Summary Multiple vulnerabilities were fixed in IBM Cloud Pak for Watson AIOps Vulnerability Details CVEID:CVE-2022-42004 DESCRIPTION: FasterXML jackson-databind is vulnerable to a denial of service, caused by a lack of a check in in the BeanDeserializer.deserializeFromArray function. By sending a...

7.7CVSS9.8AI score0.1158EPSS
Exploits11Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/26 3:30 a.m.49 views

Security Bulletin: IBM Security Verify Governance stores user credentials in plain clear text which can be read by a local user (CVE-2022-22470)

Summary IBM Security Verify Governance is vulnerable to exposure of user credentials to local users due to storage of credentials in cleartext CVE-2022-22470. This vulnerability has been removed by a code fix. Vulnerability Details CVEID:CVE-2022-22470 DESCRIPTION: IBM Security Verify Governance...

5.5CVSS5.3AI score0.00121EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/22 6:54 p.m.49 views

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Cloud Transformation Advisor

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8.0.5.35 used by IBM Cloud Transformation Advisor. IBM Cloud Transformation Advisor has addressed the applicable CVEs. These issues were disclosed as part of the IBM Java SDK updates in July 2019. Vulnerability...

9.8CVSS8.6AI score0.09393EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/12/17 6:26 p.m.49 views

Security Bulletin: Security Vulnerabilities have been identified in IBM Java Runtime as shipped with Tivoli Federated Identity Manager

Summary IBM Java Runtime as shipped with Tivoli Federated Identity Manager. Information about security vulnerabilities affecting IBM Java Runtime have been published in a security bulletin. Vulnerability Details CVEID:CVE-2019-2766 DESCRIPTION: Vulnerability in the Java SE, Java SE Embedded...

9.8CVSS9.4AI score0.09393EPSS
Exploits3Affected Software1
Total number of security vulnerabilities5000