Lucene search
K
IbmMost viewed

35598 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2021/01/04 10:53 p.m.49 views

Security Bulletin: IBM API Connect V5 is vulnerable to cross-site scripting in jQuery (CVE-2015-9251)

Summary IBM API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2015-9251 DESCRIPTION: jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-craft...

6.1CVSS0.7AI score0.29726EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/12/18 1:31 p.m.49 views

Security Bulletin: Multiple vulnerabilities in the IBM Java Runtime affect IBM Rational ClearCase (CVE-2020-14577, CVE-2020-14578, CVE-2020-14579)

Summary There are vulnerabilities in the IBM® Runtime Environment Java™ Versions 7 and 8, which is used by IBM Rational ClearCase. These issues were disclosed as part of the IBM SDK, Java Technology Edition Quarterly CPU - Jul 2020 - Includes Oracle Jul 2020 CPU plus one additional vulnerability...

6.8CVSS1.4AI score0.04196EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/12/16 7:34 p.m.49 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Service Tester

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 1.8 and IBM® Runtime Environment Java™ Version 1.8 used by Rational Service Tester. Rational Service Tester has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2020-2781 DESCRIPTION: An...

5.3CVSS1.6AI score0.04948EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/12/16 5:49 p.m.49 views

Security Bulletin: A GNU glibc vulnerability affects IBM Watson Text to Speech and Speech to Text (IBM Watson Speech Services for Cloud Pak for Data 1.2)

Summary A GNU glibc vulnerability, listed below, affects IBM Watson Text to Speech and Speech to Text IBM Watson Speech Services for Cloud Pak for Data 1.2 Vulnerability Details CVEID: CVE-2020-1752 DESCRIPTION: GNU glibc could allow a local attacker to execute arbitrary code on the system, cause...

7CVSS1.3AI score0.00535EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/11/17 10:40 a.m.49 views

Security Bulletin: An unspecified vulnerability in Java SE or Oracle Java SE could allow an unauthenticated attacker

Summary An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause low confidentiality impact, low integrity impact, and no availability impact. An unspecified vulnerability in Java SE related to the 2D component could allow an...

8.3CVSS2.2AI score0.04315EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/11/05 9:51 a.m.49 views

Security Bulletin: Vulnerabilities in Net-SNMP library affect IBM Spectrum Control (CVE-2020-15861, CVE-2020-15862)

Summary Net-SNMP could allow a local authenticated attacker to gain elevated privileges on the system Vulnerability Details CVEID: CVE-2020-15861 DESCRIPTION: Net-SNMP could allow a local authenticated attacker to gain elevated privileges on the system, caused by improper handling of symlinks by...

7.8CVSS2AI score0.00459EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/11/04 5:39 a.m.49 views

Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect WebSphere Application Server shipped with IBM Tivoli Netcool Performance Manager for Wireline July 2020 CPU plus deferred CVE-2020-2590 and CVE-2020-2601

Summary There are vulnerabilities in IBM® SDK Java™ Technology Edition, Version that is used by Tivoli Netcool Performance Manager. This issues is disclosed as part of the IBM Java SDK updates for July 2020. Information about a security vulnerability affecting IBM WebSphere Application Server has...

0.1AI score0.04196EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/10/27 3:51 p.m.49 views

Security Bulletin: Rational Developer for System z is affected due to vulnerabilities in IBM Java IBM SDK, Java Technology Edition - Jan 2014

Summary This advisory covers security vulnerability updates for the January IBM Java IBM SDK, Java Technology Edition releases that affect Rational Developer for System z. Vulnerability Details | Subscribe to My Notifications to be notified of important product support alerts like this. Follow th...

4CVSS0.7AI score0.02414EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/10/09 7:47 p.m.49 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Security Guardium

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 used by IBM Security Guardium. These issues were disclosed as part of the IBM Java SDK updates in Jan 2020. Vulnerability Details CVEID: CVE-2020-2604 DESCRIPTION: An unspecified vulnerability in Java SE...

8.1CVSS1.3AI score0.04903EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/10/07 4:13 p.m.49 views

Security Bulletin: IBM Security Guardium is affected by a kernel vulnerability

Summary IBM Security Guardium has fixed this vulnerability Vulnerability Details CVEID: CVE-2019-3846 DESCRIPTION: Linux Kernel is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the mwifiexupdatebssdescwithie function in...

8.8CVSS1.5AI score0.05649EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/09/26 6:24 p.m.49 views

Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Security Key Lifecycle Manager (SKLM) (CVE-2015-0899, CVE-2014-0114, CVE-2016-1181 and CVE-2016-1182)

Summary WebSphere Application Server is shipped as a component of IBM Security Key Lifecycle Manager SKLM. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in t...

8.2CVSS2.7AI score0.95821EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/09/22 2:34 a.m.49 views

Security Bulletin: A vulneraqbility in SQLite affects IBM Cloud Application Performance Managment R esponse Time Monitoring Agent (CVE-2020-15358)

Summary In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation. Vulnerability Details CVEID: CVE-2020-15358 DESCRIPTION: SQLite is vulnerable to a heap-based buffe...

5.5CVSS1.5AI score0.01027EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/08/29 8:59 a.m.49 views

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Go

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Go. Vulnerability Details CVEID: CVE-2020-9283 DESCRIPTION: Golang golang.org/x/crypto is vulnerable to a denial of service, caused by an error during signature verification in the golang.org/x/crypto/ssh...

7.8CVSS1AI score0.83433EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/24 10:19 p.m.49 views

Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Sterling Connect:Direct for Microsoft Windows (CVE-2014-3508, CVE-2014-3511)

Summary There are multiple vulnerabilities in OpenSSL that is used by IBM Sterling Connect:Direct for Microsoft Windows. These issues were disclosed on August 6, 2014 by the OpenSSL Project. Vulnerability Details CVE-ID: CVE-2014-3508 DESCRIPTION: OpenSSL could allow a remote attacker to obtain...

4.3CVSS0.5AI score0.23292EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/24 10:19 p.m.49 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation Application Manager Apr 2020 CPU (CVE-2020-2805, CVE-2020-2803, CVE-2020-2757, CVE-2020-2756)

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition used by IBM Tivoli System Automation Application Manager. These issues were disclosed as part of the IBM Java SDK updates in Apr 2020. Vulnerability Details CVEID: CVE-2020-2805 DESCRIPTION: An unspecified vulnerability...

8.3CVSS1.7AI score0.0623EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/24 10:19 p.m.49 views

Security Bulletin: Multiple Vulnerabilities affect IBM Sterling External Authentication Server

Summary Three Eclipse Jetty request smuggling vulnerabilities were addressed by IBM Sterling External Authentication Server. Vulnerability Details CVE-ID: CVE-2017-7656 Description: Eclipse Jetty is vulnerable to HTTP request smuggling, caused by a flaw in the HTTP/1.x Parser. By sending a...

9.8CVSS0.6AI score0.20985EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/24 5:7 p.m.49 views

Security Bulletin: Multiple Security Vulnerabilities in Jackson-databind Affect IBM Sterling B2B Integrator

Summary IBM Sterling B2B Integrator has addressed multiple security vulnerabilities in jackson-databind Vulnerability Details CVEID: CVE-2020-8840 DESCRIPTION: An unspecified error with the lack of certain xbean-reflect/JNDI blocking in FasterXML jackson-databind has an unknown impact and attack...

9.8CVSS2.3AI score0.26587EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/08 10:12 a.m.49 views

Security Bulletin: Publicly disclosed vulnerability from Kernel affects IBM Netezza Host Management

Summary Kernel is used by IBM Netezza Host Management. IBM Netezza Host Management has addressed the applicable CVE Vulnerability Details CVEID: CVE-2019-3900 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by an error when handling incoming packets in the handlerx function...

7.7CVSS0.3AI score0.04425EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/05/18 10:54 p.m.49 views

Security Bulletin: IBM InfoSphere Information Server is affected by multiple vulnerabilities in Jackson databind

Summary Multiple vulnerabilities in Jackson databind that is used by IBM InfoSphere Information Server were addressed. Vulnerability Details CVEID: CVE-2019-12384 DESCRIPTION: FasterXML jackson-databind 2.x before 2.9.9.1 might allow attackers to have a variety of impacts by leveraging failure to...

9.8CVSS0.3AI score0.45205EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/05/15 5:55 p.m.49 views

Security Bulletin: Multiple vulnerabilities in IBM Java shipped with IBM Transformation Extender Advanced

Summary Multiple vulnerabilities with IBM Java version shipped with IBM Transformation Extender Advanced. These vulnerabilities have been addressed. Vulnerability Details CVEID: CVE-2018-2663 DESCRIPTION: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE...

8.3CVSS0.6AI score0.07525EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/03/30 3:24 p.m.49 views

Security Bulletin: API Connect is impacted by multiple vulnerabilities in Oracle MySQL.

Summary IBM API Connect had addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2019-2791 DESCRIPTION: An unspecified vulnerability in Oracle MySQL related to the Server Server: Audit Plug-in component could allow an authenticated attacker to cause low confidentiality impact...

6.5CVSS1.5AI score0.03972EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/03/18 6:25 p.m.49 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Business Developer

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 and IBM® Runtime Environment Java™ Version 8 used by Rational Business Developer. Rational Business Developer has addressed the applicable CVEs. These issues were disclosed as part of the IBM Java SDK and...

6.8CVSS2.6AI score0.03749EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/03/10 9:40 p.m.49 views

Security Bulletin: Multiple security vulnerabilities in IBM Java SDK affects IBM Voice Gateway

Summary Multiple security vulnerabilities in IBM Java SDK affects IBM Voice Gateway Vulnerability Details CVEID: CVE-2020-2604 DESCRIPTION: An unspecified vulnerability in Java SE could allow an unauthenticated attacker to take control of the system. CVSS Base score: 8.1 CVSS Temporal Score: See:...

8.1CVSS1.2AI score0.04903EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/02/26 4:8 p.m.49 views

Security Bulletin: IBM MQ certified container is vulnerable to multiple vulnerabilities within IBM MQ.(CVE-2019-4655, CVE-2019-4560, CVE-2019-4614, CVE-2019-4620)

Summary Multiple vulnerabilities were found within IBM MQ which is packaged with the IBM MQ certified container. Vulnerability Details CVEID: CVE-2019-4655 DESCRIPTION: IBM MQ 9.1.0.0, 9.1.0.1, 9.1.0.2, 9.1.0.3, 9.1.1, 9.1.2, and 9.1.3 is vulnerable to a denial of service attack that would allow ...

8.4CVSS1.2AI score0.01764EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/02/24 7:27 a.m.49 views

Security Bulletin: Multiple vulnerabilities exist in IBM Planning Analytics Local

Summary Vulnerabilities found in several components have been addressed in IBM Planning Analytics 2.0.5. There are vulnerabilities in IBM® Runtime Environment Java™ Version 7. These issues were disclosed as part of the IBM Java SDK updates in October 2017. Multiple vulnerabilities affect componen...

9.1CVSS0.5AI score0.83645EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2020/02/05 12:53 a.m.50 views

Security Bulletin: IBM Sterling B2B Integrator is Vulnerable to a Robot Security Vulnerability (CVE-2017-6168)

Summary IBM Sterling B2B Integrator is vulnerable to a robot security vulnerability. This could allow an attacker to obtain encrypted data in clear text. Vulnerability Details CVEID: CVE-2017-6168 DESCRIPTION: F5 BIG-IP virtual servers configured with a Client SSL profile could allow a remote...

7.4CVSS1.1AI score0.21552EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/02/04 4:40 p.m.49 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server that is shipped with IBM Rational ClearQuest (CVE-2016-3092)

Summary IBM WebSphere Application Server WAS is shipped as a component of IBM Rational ClearQuest. Information about a security vulnerability affecting WAS has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

7.8CVSS1.4AI score0.35927EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/02/04 4:40 p.m.49 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server that is shipped with IBM Rational ClearQuest (CVE-2016-5573, CVE-2016-5597)

Summary IBM WebSphere Application Server WAS is shipped as a component of IBM Rational ClearQuest. Information about a security vulnerability affecting WAS has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

8.3CVSS1AI score0.03937EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/12/20 8:47 a.m.49 views

Security Bulletin: Multiple Vulnerabilities in python affects IBM Watson Studio Local

Summary Security Bulletin: Multiple Vulnerabilities in python affects IBM Watson Studio Local Vulnerability Details CVEID: CVE-2018-14647 DESCRIPTION: Python's elementtree C accelerator failed to initialise Expat's hash salt during initialization. This could make it easy to conduct denial of...

7.5CVSS0.8AI score0.10911EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/12/18 2:26 p.m.49 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM i.

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is used by IBM i. Vulnerability Details CVEID: CVE-2016-3610 DESCRIPTION: An unspecified vulnerability in Oracle Java SE and Java SE Embedded related to the Libraries component has high confidentiality impact, hi...

9.6CVSS0.8AI score0.0669EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/12/18 2:26 p.m.49 views

Security Bulletin: Multiple Vulnerabilities in Samba affect IBM i

Summary Samba is supported on IBM i. IBM i has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2017-15275 DESCRIPTION: Samba could allow a remote attacker to obtain sensitive information, caused by a heap memory information leak. By sending a specially crafted request, an attacker...

9.8CVSS1.2AI score0.21408EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/12/17 10:56 p.m.49 views

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Sterling External Authentication Server

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 1.8 used by IBM Sterling External Authentication Server. These issues were disclosed as part of the IBM Java SDK updates in Jul 2017. Vulnerability Details CVEID: CVE-2017-10116 DESCRIPTION: An unspecified...

8.3CVSS1AI score0.03524EPSS
Exploits0Affected Software4
IBM Security Bulletins
IBM Security Bulletins
added 2019/11/06 7:5 p.m.49 views

Security Bulletin: IBM QRadar SIEM is vulnerable to Jetty Vulnerabilities (CVE-2017-7656, CVE-2017-7657, CVE-2017-7658, CVE-2018-12536)

Summary IBM QRadar SIEM is vulnerable to Jetty Vulnerabilities Vulnerability Details CVEID: CVE-2017-7658 DESCRIPTION: In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x all non HTTP/1.x configurations, and 9.4.x all HTTP/1.x configurations, when presented with two content-lengths headers,...

9.8CVSS0.8AI score0.20985EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/11/04 6:33 a.m.49 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Content Classification

Summary There are multiple vulnerabilities in IBM® SDK Java Technology Edition, Version 6 and IBM® Runtime Environment Java Version 7 used by IBM Content Classification. These issues were disclosed as part of the IBM Java SDK updates in Jul 2019. Vulnerability Details CVEID: CVE-2019-11775...

9.8CVSS1.2AI score0.04351EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/10/24 7:30 a.m.49 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Cloud Manager with OpenStack

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, 7.0.10.50 used by IBM Cloud Manager with OpenStack. IBM Cloud Manager with OpenStack has addressed the applicable CVEs. These issues were disclosed as part of the IBM® Runtime Environment Java™ updates in July 2019...

9.8CVSS0.8AI score0.09393EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/10/18 3:10 a.m.49 views

Security Bulletin: Multiple Security Vulnerabilities affecting IBM Netezza Host Management

Summary IBM Netezza Host Management is affected by multiple Open Source security vulnerabilities in: GNU glibc, NTP address spoofing and NTP, NTPd and ntpcrypto.c disclosure. Vulnerability Details CVE-ID: CVE-2014-9297 Description: Network Time Protocol NTP Project NTP daemon ntpd could allow a...

6.8CVSS0.7AI score0.06135EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/10/18 3:10 a.m.49 views

Security Bulletin: Multiple vulnerabilities in BIND affects IBM Netezza Host Management

Summary BIND is used by IBM Netezza Host Management. IBM Netezza Host Management has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-2776 DESCRIPTION: ISC BIND is vulnerable to a denial of service, caused by an assertion failure in buffer.c while a nameserver is building...

7.8CVSS0.4AI score0.89482EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/10/18 3:10 a.m.49 views

Security Bulletin: Multiple vulnerabilities in NTP and OpenSSL affect IBM Netezza Firmware Diagnostics

Summary Open Source NTP and OpenSSL are used by IBM Netezza Firmware Diagnostics. IBM Netezza Firmware Diagnostics Support Tools has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-2183 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused...

7.5CVSS0.7AI score0.95707EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/09/24 9:8 a.m.49 views

Security Bulletin: Multiple Vulnerabilities in IBM HTTP Server bundled with IBM Cloud Pak System (CVE-2019-0211 CVE-2019-0220)

Summary IBM HTTP Server is used by WebSphere Application Server bundled with IBM Cloud Pak System formerly known as PureApplication System. Information about security vulnerabilities affecting IBM HTTP Server have been published in a security bulletin. Vulnerability Details Consult the following...

7.8CVSS1.3AI score0.65005EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/07/31 7:44 p.m.49 views

Security Bulletin: Remote Execution Vulnerability Affects Red Hat Linux Used By IBM WebSphere Application Server in IBM Cloud (CVE-2019-12735)

Summary There is a security vulnerability that affects Red Hat Linux used by IBM WebSphere Application Server in the IBM Cloud. Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands via the :source! command in a modeline, as demonstrated by execute i...

9.3CVSS2.2AI score0.19111EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/07/29 6:44 p.m.49 views

Security Bulletin: Secure Gateway is affected by a Denial of Service vulnerability (CVE-2019-5428)

Summary Secure Gateway has addressed the following vulnerability: CVE-2019-5428 Vulnerability Details CVEID: CVE-2019-5428 DESCRIPTION: Node.js jQuery module is vulnerable to a denial of service, caused by a prototype pollution flaw. By sending a specially-crafted request to inject properties on...

1.2AI score
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/05/29 6:35 p.m.49 views

Security Bulletin: Multiple security vulnerabilities have been identified in IBM HTTP Server shipped with IBM Rational ClearCase (CVE-2019-0211, CVE-2019-0220)

Summary IBM HTTP Server IHS is shipped as a component of IBM Rational ClearCase. Information about a security vulnerability affecting IHS has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section. Affected Products and...

7.8CVSS0.8AI score0.65005EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/05/21 7:45 p.m.49 views

Security Bulletin: Guardium StealthBits Integration is affected by an OpenSSL vulnerability

Summary IBM Security Guardium is aware of the following vulnerability Vulnerability Details CVE-ID: CVE-2019-1559 Description: OpenSSL could allow a remote attacker to obtain sensitive information, caused by the failure to immediately close the TCP connection after the hosts encounter a zero-leng...

5.9CVSS1.5AI score0.17139EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/05/20 11:30 p.m.49 views

Security Bulletin: IBM Aspera Faspex, IBM Aspera Console are affected by OpenSSL Vulnerability (CVE-2018-0739)

Summary IBM Aspera Faspex, IBM Aspera Console have addressed the following OpenSSL vulnerability. Vulnerability Details Vulnerability Details CVEID: CVE-2018-0739 DESCRIPTION: OpenSSL is vulnerable to a denial of service. By sending specially crafted ASN.1 data with a recursive definition, a remo...

6.5CVSS1.4AI score0.19295EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/05/17 4:10 p.m.49 views

Security Bulletin: A vulnerability in Docker affects PowerKVM

Summary PowerKVM is affected by a vulnerability in Docker. IBM has now addressed this vulnerability. Vulnerability Details CVEID: CVE-2019-5736 DESCRIPTION: Runc could allow a local attacker to execute arbitrary commands on the system, cause by the improper handling of system file descriptors whe...

9.3CVSS2.2AI score0.9857EPSS
Exploits33Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/04/30 1:30 p.m.49 views

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect CICS Transaction Gateway

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions 7.0, 7.1 and 8.0 used by CICS Transaction Gateway. CICS Transaction Gateway has addressed the applicable CVEs. Vulnerability Details If you run your own Java code using the IBM Java Runtime delivered with this...

6.8CVSS0.5AI score0.03392EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/04/05 11:50 a.m.49 views

Security Bulletin: Multiple Vulnerabilities in OpenSSL affect IBM Worklight and IBM MobileFirst Platform Foundation

Summary OpenSSL vulnerabilities were disclosed on 30 October 2018 and later by the OpenSSL Project. OpenSSL is used by IBM Worklight and IBM MobileFirst Platform Foundation. IBM Worklight and IBM MobileFirst Platform Foundation have addressed the applicable CVEs. Vulnerability Details CVE-ID:...

5.9CVSS0.6AI score0.17139EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/03/21 5:15 p.m.49 views

Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with WebSphere Remote Server (CVE-2018-4030)

Summary WebSphere Application Server is shipped with WebSphere Remote Server. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

7.5CVSS2.2AI score0.01168EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/31 2:25 a.m.49 views

Security Bulletin: Vulnerabilities in cracklib, dhcp, expat, libgcrypt and lighttpd affect IBM Flex System Chassis Management Module (CMM)

Summary IBM Flex System Chassis Management Module CMM has addressed the following vulnerabilities. Vulnerability Details Summary IBM Flex System Chassis Management Module CMM has addressed the following vulnerabilities. Vulnerability Details: CVEID: CVE-2016-6318 Description: cracklib is vulnerab...

7.8CVSS0.6AI score0.7645EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/31 2:25 a.m.49 views

Security Bulletin: Vulnerabilities in cURL/libcURL affect IBM Flex System Chassis Management Module

Summary IBM Chassis Management Module has addressed the following vulnerabilities in cURL/libcURL. Vulnerability Details Summary IBM Chassis Management Module has addressed the following vulnerabilities in cURL/libcURL. Vulnerability Details CVE-ID: CVE-2016-5419 Description: cURL/libcURL could...

7.5CVSS0.8AI score0.15063EPSS
Exploits0Affected Software1
Total number of security vulnerabilities5000