Lucene search
K
IbmMost viewed

35634 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2021/06/21 11:5 p.m.49 views

Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in Apache httpclient

Summary A vulnerability in Apache httpclient used by IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID: CVE-2020-13956 DESCRIPTION: Apache HttpClient could allow a remote attacker to bypass security restrictions, caused by the improper handling of malformed authority...

5.3CVSS1.1AI score0.08665EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/06/16 7:41 p.m.49 views

Security Bulletin: ICU Vulnerability Affects IBM Control Center (CVE-2020-10531)

Summary International Components for Unicode ICU for C/C++ is vulnerable to a heap-based buffer overflow, caused by an integer overflow. Vulnerability Details CVEID: CVE-2020-10531 DESCRIPTION: International Components for Unicode ICU for C/C is vulnerable to a heap-based buffer overflow, caused ...

8.8CVSS9.4AI score0.02669EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/06/14 2:5 p.m.49 views

Security Bulletin: WebSphere MQ for HP NonStop Server is affected by OpenSSL vulnerabilities (CVE-2021-3449 and CVE-2021-3450)

Summary WebSphere MQ for HP NonStop Server is affected by OpenSSL vulnerabilities CVE-2021-3449 and CVE-2021-3450. Vulnerability Details CVEID: CVE-2021-3449 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference in signaturealgorithms processing. By sendi...

7.4CVSS1AI score0.62906EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/06/04 2:38 a.m.49 views

Security Bulletin: IBM Waston Machine Learning Acclerator is affected by a Python vulnerability

Summary There is a vulnerability in Python used by IBM Watson Machine Learning Accelerator. IBM Watson Machine Learning Accelerator havs addressed the applicable CVE, CVE-2021-3177 by upgrade python to version 3.7.10 Vulnerability Details Refer to the security bulletins listed in the...

9.8CVSS2.2AI score0.23293EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/04/16 5:40 p.m.49 views

Security Bulletin: Vulnerabilities in IBM Java Runtime affecting Tivoli Netcool/OMNIbus (Multiple CVEs)

Summary There are vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 8 that is used by Tivoli Netcool/OMNIbus. These were disclosed as part of the IBM Java SDK updates in October 2020 and January 2021. Vulnerability Details CVEID: CVE-2020-14782 DESCRIPTION: An...

9.8CVSS1.9AI score0.03713EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/04/13 4:24 p.m.49 views

Security Bulletin: IBM Security Guardium is affected by kernel vulnerabilities

Summary IBM Security Guardium has fixed these vulnerabilities Vulnerability Details CVEID: CVE-2019-19049 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a memory leak in the unittestdataadd function in drivers/of/unittest.c. A remote attacker could exploit this...

7.8CVSS1AI score0.05077EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/04/09 6:6 a.m.49 views

Security Bulletin: A vulnerability exists in the IBM® SDK, Java™ Technology Edition affecting IBM Tivoli Network Manager (CVE-2020-14803, CVE-2020-27221).

Summary A vulnerability exists in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Network Manager IP Edition v4.2, which was disclosed in the Oracle January 2021 Critical Patch Update. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes...

1.8AI score0.03122EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/03/16 7:55 p.m.49 views

Security Bulletin: Multiple Security Vulnerabilties have been fixed in the IBM Security Access Manager and IBM Security Verify Access appliances.

Summary Multiple Security Vulnerabilities have been fixed in both the IBM Security Access Manager and IBM Security Verify Access appliances. Vulnerability Details CVEID: CVE-2019-17498 DESCRIPTION: libssh2 is vulnerable to a denial of service, caused by an out-of-bounds read when connecting to a...

9.8CVSS1.1AI score0.17939EPSS
Exploits3Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2021/02/27 3:41 a.m.49 views

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in XStream

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of XStream. Vulnerability Details CVEID: CVE-2020-26258 DESCRIPTION: XStream is vulnerable to server-side request forgery, caused by a flaw when unmarshalling. By manipulating the processed input stream, a remot...

9.3CVSS1.3AI score0.85001EPSS
Exploits11Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/02/25 2:37 p.m.49 views

Security Bulletin: IBM Resilient SOAR is using opensaml-2.6.4.jar that could be vulnerable to bypass security restrictions (CVE-2015-1796)

Summary opensaml-2.6.4.jar vulnerable to CVE-2015-1796, Shibboleth Identity Provider could allow a remote attacker to bypass security restrictions, caused by an error in the PKIX trust component. An attacker could exploit this vulnerability using a certificate issued by the shibmd:KeyAuthority...

4.3CVSS1.3AI score0.01256EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/01/13 5:55 p.m.49 views

Security Bulletin: IBM MaaS360 Mobile Enterprise Gateway vulnerable to denial of service (CVE-2020-11612)

Summary A vulnerability was identified and remediated in the IBM MaaS360 Mobile Enterprise Gateway Vulnerability Details CVEID: CVE-2020-11612 DESCRIPTION: Netty is vulnerable to a denial of service, caused by unbounded memory allocation while decoding a ZlibEncoded byte stream in the ZlibDecoder...

7.5CVSS2.2AI score0.09438EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/01/11 3:49 p.m.49 views

Security Bulletin: OpenSSL for IBM i is affected by CVE-2020-1971

Summary OpenSSL is used by IBM i. IBM i has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2020-1971 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference. If the GENERALNAMEcmp function contain an EDIPARTYNAME, an attacker could exploit...

5.9CVSS1.6AI score0.06968EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/01/06 1:23 p.m.49 views

Security Bulletin: IBM MQ Appliance is affected by a cross-site scripting vulnerability (CVE-2020-7676)

Summary IBM MQ Appliance has addressed a cross-site scripting vulnerability. Vulnerability Details CVEID: CVE-2020-7676 DESCRIPTION: angular.js is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject...

5.4CVSS1.1AI score0.02142EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/01/04 10:53 p.m.49 views

Security Bulletin: IBM API Connect V5 is vulnerable to cross-site scripting in jQuery (CVE-2015-9251)

Summary IBM API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2015-9251 DESCRIPTION: jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-craft...

6.1CVSS0.7AI score0.29726EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/12/18 1:31 p.m.49 views

Security Bulletin: Multiple vulnerabilities in the IBM Java Runtime affect IBM Rational ClearCase (CVE-2020-14577, CVE-2020-14578, CVE-2020-14579)

Summary There are vulnerabilities in the IBM® Runtime Environment Java™ Versions 7 and 8, which is used by IBM Rational ClearCase. These issues were disclosed as part of the IBM SDK, Java Technology Edition Quarterly CPU - Jul 2020 - Includes Oracle Jul 2020 CPU plus one additional vulnerability...

6.8CVSS1.4AI score0.04196EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/12/16 7:34 p.m.49 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Service Tester

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 1.8 and IBM® Runtime Environment Java™ Version 1.8 used by Rational Service Tester. Rational Service Tester has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2020-2781 DESCRIPTION: An...

5.3CVSS1.6AI score0.04948EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/12/16 5:49 p.m.49 views

Security Bulletin: A GNU glibc vulnerability affects IBM Watson Text to Speech and Speech to Text (IBM Watson Speech Services for Cloud Pak for Data 1.2)

Summary A GNU glibc vulnerability, listed below, affects IBM Watson Text to Speech and Speech to Text IBM Watson Speech Services for Cloud Pak for Data 1.2 Vulnerability Details CVEID: CVE-2020-1752 DESCRIPTION: GNU glibc could allow a local attacker to execute arbitrary code on the system, cause...

7CVSS1.3AI score0.00535EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/11/17 10:40 a.m.49 views

Security Bulletin: An unspecified vulnerability in Java SE or Oracle Java SE could allow an unauthenticated attacker

Summary An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause low confidentiality impact, low integrity impact, and no availability impact. An unspecified vulnerability in Java SE related to the 2D component could allow an...

8.3CVSS2.2AI score0.04315EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/11/05 9:51 a.m.49 views

Security Bulletin: Vulnerabilities in Net-SNMP library affect IBM Spectrum Control (CVE-2020-15861, CVE-2020-15862)

Summary Net-SNMP could allow a local authenticated attacker to gain elevated privileges on the system Vulnerability Details CVEID: CVE-2020-15861 DESCRIPTION: Net-SNMP could allow a local authenticated attacker to gain elevated privileges on the system, caused by improper handling of symlinks by...

7.8CVSS2AI score0.00459EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/11/04 5:39 a.m.49 views

Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect WebSphere Application Server shipped with IBM Tivoli Netcool Performance Manager for Wireline July 2020 CPU plus deferred CVE-2020-2590 and CVE-2020-2601

Summary There are vulnerabilities in IBM® SDK Java™ Technology Edition, Version that is used by Tivoli Netcool Performance Manager. This issues is disclosed as part of the IBM Java SDK updates for July 2020. Information about a security vulnerability affecting IBM WebSphere Application Server has...

0.1AI score0.04196EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/10/27 3:51 p.m.49 views

Security Bulletin: Rational Developer for System z is affected due to vulnerabilities in IBM Java IBM SDK, Java Technology Edition - Jan 2014

Summary This advisory covers security vulnerability updates for the January IBM Java IBM SDK, Java Technology Edition releases that affect Rational Developer for System z. Vulnerability Details | Subscribe to My Notifications to be notified of important product support alerts like this. Follow th...

4CVSS0.7AI score0.02414EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/10/07 4:13 p.m.49 views

Security Bulletin: IBM Security Guardium is affected by a kernel vulnerability

Summary IBM Security Guardium has fixed this vulnerability Vulnerability Details CVEID: CVE-2019-3846 DESCRIPTION: Linux Kernel is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the mwifiexupdatebssdescwithie function in...

8.8CVSS1.5AI score0.05649EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/09/26 6:24 p.m.49 views

Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Security Key Lifecycle Manager (SKLM) (CVE-2015-0899, CVE-2014-0114, CVE-2016-1181 and CVE-2016-1182)

Summary WebSphere Application Server is shipped as a component of IBM Security Key Lifecycle Manager SKLM. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in t...

8.2CVSS2.7AI score0.96121EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/09/22 2:34 a.m.49 views

Security Bulletin: A vulneraqbility in SQLite affects IBM Cloud Application Performance Managment R esponse Time Monitoring Agent (CVE-2020-15358)

Summary In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation. Vulnerability Details CVEID: CVE-2020-15358 DESCRIPTION: SQLite is vulnerable to a heap-based buffe...

5.5CVSS1.5AI score0.01027EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/08/29 8:59 a.m.49 views

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Go

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Go. Vulnerability Details CVEID: CVE-2020-9283 DESCRIPTION: Golang golang.org/x/crypto is vulnerable to a denial of service, caused by an error during signature verification in the golang.org/x/crypto/ssh...

7.8CVSS1AI score0.83433EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/24 10:19 p.m.49 views

Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Sterling Connect:Direct for Microsoft Windows (CVE-2014-3508, CVE-2014-3511)

Summary There are multiple vulnerabilities in OpenSSL that is used by IBM Sterling Connect:Direct for Microsoft Windows. These issues were disclosed on August 6, 2014 by the OpenSSL Project. Vulnerability Details CVE-ID: CVE-2014-3508 DESCRIPTION: OpenSSL could allow a remote attacker to obtain...

4.3CVSS0.5AI score0.23292EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/24 10:19 p.m.49 views

Security Bulletin: Multiple Vulnerabilities affect IBM Sterling External Authentication Server

Summary Three Eclipse Jetty request smuggling vulnerabilities were addressed by IBM Sterling External Authentication Server. Vulnerability Details CVE-ID: CVE-2017-7656 Description: Eclipse Jetty is vulnerable to HTTP request smuggling, caused by a flaw in the HTTP/1.x Parser. By sending a...

9.8CVSS0.6AI score0.20985EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/24 10:19 p.m.49 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation Application Manager Apr 2020 CPU (CVE-2020-2805, CVE-2020-2803, CVE-2020-2757, CVE-2020-2756)

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition used by IBM Tivoli System Automation Application Manager. These issues were disclosed as part of the IBM Java SDK updates in Apr 2020. Vulnerability Details CVEID: CVE-2020-2805 DESCRIPTION: An unspecified vulnerability...

8.3CVSS1.7AI score0.0623EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/24 5:7 p.m.49 views

Security Bulletin: Multiple Security Vulnerabilities in Jackson-databind Affect IBM Sterling B2B Integrator

Summary IBM Sterling B2B Integrator has addressed multiple security vulnerabilities in jackson-databind Vulnerability Details CVEID: CVE-2020-8840 DESCRIPTION: An unspecified error with the lack of certain xbean-reflect/JNDI blocking in FasterXML jackson-databind has an unknown impact and attack...

9.8CVSS2.3AI score0.26587EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/08 10:12 a.m.49 views

Security Bulletin: Publicly disclosed vulnerability from Kernel affects IBM Netezza Host Management

Summary Kernel is used by IBM Netezza Host Management. IBM Netezza Host Management has addressed the applicable CVE Vulnerability Details CVEID: CVE-2019-3900 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by an error when handling incoming packets in the handlerx function...

7.7CVSS0.3AI score0.04425EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/05/18 10:54 p.m.49 views

Security Bulletin: IBM InfoSphere Information Server is affected by multiple vulnerabilities in Jackson databind

Summary Multiple vulnerabilities in Jackson databind that is used by IBM InfoSphere Information Server were addressed. Vulnerability Details CVEID: CVE-2019-12384 DESCRIPTION: FasterXML jackson-databind 2.x before 2.9.9.1 might allow attackers to have a variety of impacts by leveraging failure to...

9.8CVSS0.3AI score0.45205EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/05/15 5:55 p.m.49 views

Security Bulletin: Multiple vulnerabilities in IBM Java shipped with IBM Transformation Extender Advanced

Summary Multiple vulnerabilities with IBM Java version shipped with IBM Transformation Extender Advanced. These vulnerabilities have been addressed. Vulnerability Details CVEID: CVE-2018-2663 DESCRIPTION: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE...

8.3CVSS0.6AI score0.07525EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/03/30 3:24 p.m.49 views

Security Bulletin: API Connect is impacted by multiple vulnerabilities in Oracle MySQL.

Summary IBM API Connect had addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2019-2791 DESCRIPTION: An unspecified vulnerability in Oracle MySQL related to the Server Server: Audit Plug-in component could allow an authenticated attacker to cause low confidentiality impact...

6.5CVSS1.5AI score0.03972EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/03/18 6:25 p.m.49 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Business Developer

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 and IBM® Runtime Environment Java™ Version 8 used by Rational Business Developer. Rational Business Developer has addressed the applicable CVEs. These issues were disclosed as part of the IBM Java SDK and...

6.8CVSS2.6AI score0.03749EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/03/10 9:40 p.m.49 views

Security Bulletin: Multiple security vulnerabilities in IBM Java SDK affects IBM Voice Gateway

Summary Multiple security vulnerabilities in IBM Java SDK affects IBM Voice Gateway Vulnerability Details CVEID: CVE-2020-2604 DESCRIPTION: An unspecified vulnerability in Java SE could allow an unauthenticated attacker to take control of the system. CVSS Base score: 8.1 CVSS Temporal Score: See:...

8.1CVSS1.2AI score0.04903EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/02/26 4:8 p.m.49 views

Security Bulletin: IBM MQ certified container is vulnerable to multiple vulnerabilities within IBM MQ.(CVE-2019-4655, CVE-2019-4560, CVE-2019-4614, CVE-2019-4620)

Summary Multiple vulnerabilities were found within IBM MQ which is packaged with the IBM MQ certified container. Vulnerability Details CVEID: CVE-2019-4655 DESCRIPTION: IBM MQ 9.1.0.0, 9.1.0.1, 9.1.0.2, 9.1.0.3, 9.1.1, 9.1.2, and 9.1.3 is vulnerable to a denial of service attack that would allow ...

8.4CVSS1.2AI score0.01764EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/02/24 7:27 a.m.49 views

Security Bulletin: Multiple vulnerabilities exist in IBM Planning Analytics Local

Summary Vulnerabilities found in several components have been addressed in IBM Planning Analytics 2.0.5. There are vulnerabilities in IBM® Runtime Environment Java™ Version 7. These issues were disclosed as part of the IBM Java SDK updates in October 2017. Multiple vulnerabilities affect componen...

9.1CVSS0.5AI score0.83645EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2020/02/05 12:53 a.m.50 views

Security Bulletin: IBM Sterling B2B Integrator is Vulnerable to a Robot Security Vulnerability (CVE-2017-6168)

Summary IBM Sterling B2B Integrator is vulnerable to a robot security vulnerability. This could allow an attacker to obtain encrypted data in clear text. Vulnerability Details CVEID: CVE-2017-6168 DESCRIPTION: F5 BIG-IP virtual servers configured with a Client SSL profile could allow a remote...

7.4CVSS1.1AI score0.21552EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/02/04 4:40 p.m.49 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server that is shipped with IBM Rational ClearQuest (CVE-2016-3092)

Summary IBM WebSphere Application Server WAS is shipped as a component of IBM Rational ClearQuest. Information about a security vulnerability affecting WAS has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

7.8CVSS1.4AI score0.35927EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/02/04 4:40 p.m.49 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server that is shipped with IBM Rational ClearQuest (CVE-2016-5573, CVE-2016-5597)

Summary IBM WebSphere Application Server WAS is shipped as a component of IBM Rational ClearQuest. Information about a security vulnerability affecting WAS has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

8.3CVSS1AI score0.03937EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/12/20 8:47 a.m.49 views

Security Bulletin: Multiple Vulnerabilities in python affects IBM Watson Studio Local

Summary Security Bulletin: Multiple Vulnerabilities in python affects IBM Watson Studio Local Vulnerability Details CVEID: CVE-2018-14647 DESCRIPTION: Python's elementtree C accelerator failed to initialise Expat's hash salt during initialization. This could make it easy to conduct denial of...

7.5CVSS0.8AI score0.10911EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/12/18 2:26 p.m.49 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM i.

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is used by IBM i. Vulnerability Details CVEID: CVE-2016-3610 DESCRIPTION: An unspecified vulnerability in Oracle Java SE and Java SE Embedded related to the Libraries component has high confidentiality impact, hi...

9.6CVSS0.8AI score0.0669EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/12/18 2:26 p.m.49 views

Security Bulletin: Multiple Vulnerabilities in Samba affect IBM i

Summary Samba is supported on IBM i. IBM i has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2017-15275 DESCRIPTION: Samba could allow a remote attacker to obtain sensitive information, caused by a heap memory information leak. By sending a specially crafted request, an attacker...

9.8CVSS1.2AI score0.21408EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/12/17 10:56 p.m.49 views

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Sterling External Authentication Server

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 1.8 used by IBM Sterling External Authentication Server. These issues were disclosed as part of the IBM Java SDK updates in Jul 2017. Vulnerability Details CVEID: CVE-2017-10116 DESCRIPTION: An unspecified...

8.3CVSS1AI score0.03524EPSS
Exploits0Affected Software4
IBM Security Bulletins
IBM Security Bulletins
added 2019/11/06 7:5 p.m.49 views

Security Bulletin: IBM QRadar SIEM is vulnerable to Jetty Vulnerabilities (CVE-2017-7656, CVE-2017-7657, CVE-2017-7658, CVE-2018-12536)

Summary IBM QRadar SIEM is vulnerable to Jetty Vulnerabilities Vulnerability Details CVEID: CVE-2017-7658 DESCRIPTION: In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x all non HTTP/1.x configurations, and 9.4.x all HTTP/1.x configurations, when presented with two content-lengths headers,...

9.8CVSS0.8AI score0.20985EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/11/04 6:33 a.m.49 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Content Classification

Summary There are multiple vulnerabilities in IBM® SDK Java Technology Edition, Version 6 and IBM® Runtime Environment Java Version 7 used by IBM Content Classification. These issues were disclosed as part of the IBM Java SDK updates in Jul 2019. Vulnerability Details CVEID: CVE-2019-11775...

9.8CVSS1.2AI score0.04351EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/10/24 7:30 a.m.49 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Cloud Manager with OpenStack

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, 7.0.10.50 used by IBM Cloud Manager with OpenStack. IBM Cloud Manager with OpenStack has addressed the applicable CVEs. These issues were disclosed as part of the IBM® Runtime Environment Java™ updates in July 2019...

9.8CVSS0.8AI score0.09393EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/10/18 3:10 a.m.49 views

Security Bulletin: Multiple vulnerabilities in BIND affects IBM Netezza Host Management

Summary BIND is used by IBM Netezza Host Management. IBM Netezza Host Management has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-2776 DESCRIPTION: ISC BIND is vulnerable to a denial of service, caused by an assertion failure in buffer.c while a nameserver is building...

7.8CVSS0.4AI score0.89482EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/10/18 3:10 a.m.49 views

Security Bulletin: Multiple vulnerabilities in NTP and OpenSSL affect IBM Netezza Firmware Diagnostics

Summary Open Source NTP and OpenSSL are used by IBM Netezza Firmware Diagnostics. IBM Netezza Firmware Diagnostics Support Tools has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-2183 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused...

7.5CVSS0.7AI score0.95707EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/10/18 3:10 a.m.49 views

Security Bulletin: Multiple Security Vulnerabilities affecting IBM Netezza Host Management

Summary IBM Netezza Host Management is affected by multiple Open Source security vulnerabilities in: GNU glibc, NTP address spoofing and NTP, NTPd and ntpcrypto.c disclosure. Vulnerability Details CVE-ID: CVE-2014-9297 Description: Network Time Protocol NTP Project NTP daemon ntpd could allow a...

6.8CVSS0.7AI score0.06135EPSS
Exploits0Affected Software1
Total number of security vulnerabilities5000