Lucene search
K
IbmMost viewed

35608 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 5:21 a.m.49 views

Security Bulletin: Rational Build Forge Security Advisory (CVE-2016-8610, CVE-2017-6056, CVE-2017-5647, CVE-2017-5648)

Summary Apache Tomcat and OpenSSL have security vulnerabilities that enables an attacker to exploit the application. Respective security vulnerabilities are discussed in detail in the subsequent sections. Vulnerability Details This section includes the vulnerability details that affect the Ration...

9.1CVSS0.5AI score0.39657EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 5:10 a.m.49 views

Security Bulletin: Vulnerability in IBM Java Runtime affects Rational Publishing Engine (CVE-2015-7575)

Summary There is a vulnerability in IBM® Runtime Environment Java™ Technology Edition, Versions 6 and 7 that are used by Rational Publishing Engine. This vulnerability, commonly referred to as “SLOTH”, was disclosed as part of the IBM Java SDK updates in January 2016. Vulnerability Details CVEID:...

5.9CVSS0.1AI score0.0288EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 5:9 a.m.49 views

Security Bulletin: Multiple security vulnerabilities have been identified in Jazz Team Server shipped with Jazz Reporting Service (CVE-2016-0483, CVE-2015-7575, CVE-2016-0448, CVE-2016-0466)

Summary Jazz Team Server is shipped as a component of Jazz Reporting Service. Information about multiple security vulnerabilities affecting Jazz Team Server and Jazz-based products has been published in a security bulletin. Vulnerability Details Consult the security bulletin Security Bulletin:...

10CVSS2.1AI score0.14714EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 5:8 a.m.49 views

Security Bulletin: Vulnerability in OpenSSL affects Rational Tau (CVE-2015-3194)

Summary OpenSSL vulnerabilities were disclosed on December 3, 2015 by the OpenSSL Project. OpenSSL is used by Rational Tau. Rational Tau has addressed the applicable CVE CVE-2015-3194. Vulnerability Details CVEID: CVE-2015-3194 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by ...

7.5CVSS0.5AI score0.44016EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 4:42 a.m.49 views

Security Bulletin: Security vulnerability in Oracle Java 7 impacts IBM Rational Collaborative Lifecycle Management products (CVE-2013-0422)

Summary Potential security vulnerability issues may occur if you are using the Oracle Java 7 updates reported in Oracle Security Alert for CVE-2013-0422 when using IBM Collaborative Lifecycle Management CLM products Rational Quality Manager, Rational Team Concert and Rational Requirements Compose...

10CVSS0.6AI score0.97612EPSS
Exploits38Affected Software3
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 10:2 p.m.49 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Security Network Protection

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 Service Refresh 10 Fix Pack used by IBM Security Network Protection. These issues were disclosed as part of the IBM Java SDK updates in July 2017. Vulnerability Details CVEID: CVE-2017-10198 DESCRIPTION: An...

9.8CVSS0.6AI score0.05034EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 10:2 p.m.49 views

Security Bulletin: IBM QRadar Network Security is affected by vulnerabilities in Linux kernel

Summary IBM QRadar Network Security has addressed vulnerabilities in Linux kernel. Vulnerability Details CVEID: CVE-2017-6074 DESCRIPTION: Linux kernel is vulnerable to a denial of service, caused by improper handling of DCCPPKTREQUEST packet data structures in the LISTEN state by the...

10CVSS1.7AI score0.24299EPSS
Exploits34Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:59 p.m.49 views

Security Bulletin: Multiple Security vulnerabilities fixed in IBM Security Privileged Identity Manager

Summary There are multiple Security vulnerabilities that are fixed in the IBM Security Privileged Identity Manager Vulnerability Details CVEID: CVE-2016-5957 DESCRIPTION: IBM Security Privileged Identity Manager uses weaker than expected cryptographic algorithms that could allow an attacker to...

9.8CVSS0.9AI score0.63029EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:58 p.m.49 views

Security Bulletin: Vulnerabilities in GNU C library (glibc) affect IBM Security Network Protection

Summary The GNU glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the Name Server Caching Daemon nscd used by multiple programs on the system. Security vulnerabilities have been discovered in glibc used with IBM Security...

9.8CVSS9.7AI score0.05966EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:50 p.m.49 views

Security Bulletin: IBM Security Guardium is affected by Open Source Oracle MySQL Vulnerabilities (multiple CVEs)

Summary IBM Security Guardium is affected by Open Source Oracle MySQL Vulnerabilities. IBM Security Guardium addressed these issues Vulnerability Details CVEID: CVE-2016-0639 DESCRIPTION: An unspecified vulnerability in Oracle MySQL Server related to the Server: Pluggable Authentication component...

10CVSS1.6AI score0.10144EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:50 p.m.49 views

Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Tivoli Security Policy Manager (CVE-2016-3092)

Summary IBM WebSphere Application Server WAS is shipped as a component of IBM Tivoli Security Policy Manager TSPM. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Please consult the security...

7.8CVSS2.6AI score0.35927EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:44 p.m.49 views

Security Bulletin: IBM Security Access Manager for Mobile is affected by vulnerabilities in OpenSSH (CVE-2016-3115, CVE-2016-1908)

Summary Vulnerabilities have been identified in OpenSSH. IBM Security Access Manager for Mobile uses OpenSSH and is affected by these vulnerabilities. Vulnerability Details CVEID: CVE-2016-3115 DESCRIPTION: OpenSSH could allow a remote authenticated attacker to execute arbitrary commands on the...

9.8CVSS9.4AI score0.37016EPSS
Exploits13Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:42 p.m.49 views

Security Bulletin: OpenSource Oracle MySQL Vulnerability affects IBM Security Guardium (CVE-2016-2047)

Summary Oracle MySQL, MariaDB and Percona Server could allow a remote attacker to bypass security restrictions. IBM Security Guardium has addressed the applicable CVE Vulnerability Details CVEID: CVE-2016-2047 DESCRIPTION: Oracle MySQL, MariaDB and Percona Server could allow a remote attacker to...

5.9CVSS1.3AI score0.03741EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:42 p.m.49 views

Security Bulletin: IBM Security Access Manager for Mobile is affected by a vulnerability in nss-util (CVE-2016-1950)

Summary Network Security Services NSS, which is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. A heap-based buffer overflow vulnerability in the NSS libraries affects IBM Security Access Manager for Mobile. Vulnerability...

8.8CVSS1.9AI score0.04192EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:41 p.m.49 views

Security Bulletin: A vulnerability in SQLite affects IBM Security Access Manager for Web (CVE-2015-3416)

Summary There is a denial of service vulnerability in SQLite, which affects IBM Security Access Manager for Web. Vulnerability Details CVEID: CVE-2015-3416 DESCRIPTION: SQLite is vulnerable to a denial of service, caused by the failure to properly handle precision and width values during...

7.5CVSS1.7AI score0.05531EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:40 p.m.49 views

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Security Access Manager for Web (CVE-2015-3194, CVE-2015-3195, CVE-2015-3196)

Summary OpenSSL vulnerabilities were disclosed on December 3, 2015 by the OpenSSL Project. OpenSSL is used by IBM Security Access Manager for Web. IBM Security Access Manager for Web has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2015-3194 DESCRIPTION: OpenSSL is vulnerable t...

7.5CVSS0.8AI score0.44016EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:30 p.m.49 views

Security Bulletin: Vulnerability in OpenSSL affects IBM Security SiteProtector System (CVE-2015-1788)

Summary An OpenSSL denial of service vulnerability disclosed by the OpenSSL Project affects GSKit. IBM Security SiteProtector System uses GSKit and addressed the applicable CVE. Vulnerability Details CVEID: CVE-2015-1788 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by an erro...

4.3CVSS1.2AI score0.23222EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:26 p.m.49 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM Security Access Manager for Web and IBM Tivoli Access Manager for e-business

Summary There are multiple vulnerabilities in IBM® SDKs Java™ Technology Edition, Version 5.0, 6, 6R1, 7, 7R1 and IBM® Runtime Environment Java™ Technology Edition that is used by IBM Security Access Manager for Web and IBM Tivoli Access Manager for e-business. These issues were disclosed as part...

5CVSS0.7AI score0.98685EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 7:48 p.m.49 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Emptoris Strategic Supply Management, and IBM Emptoris Services Procurement.

Summary The IBM Emptoris Strategic Supply Management Suite and IBM Emptoris Services Procurement products are affected by multiple security vulnerabilities that exist in IBM SDK Java Technology Edition that is shipped with IBM WebSphere Application Server. The security bulletin includes issues...

5.5CVSS7.9AI score0.0381EPSS
Exploits0Affected Software6
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 2:17 p.m.49 views

Security Bulletin: IBM Streams may be affected by XMLsoft Libxml2 vulnerabilities

Summary The libxml2 library, used by IBM Streams may have security vulnerabilities. IBM Streams has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2017-9050 DESCRIPTION: libxml2 is vulnerable to a heap-based buffer overflow, caused by a buffer over-read flaw in the xmlDictAddStri...

9.1CVSS1.4AI score0.04888EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 1:38 p.m.49 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Decision Optimization Center

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 6 that is used by IBM Decision Optimization Center. These issues were disclosed as part of the IBM Java SDK updates in January 2016 and includes the vulnerability commonly referred to as “SLOTH”. Vulnerabilit...

10CVSS1.1AI score0.14714EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 1:6 p.m.49 views

Security Bulletin: ClassLoader manipulation with Apache Struts affecting InfoSphere Identity Insight (CVE-2014-0114)

Summary There is a ClassLoader manipulation vulnerability in Apache Struts that is used by InfoSphere Identity Insight. Vulnerability Details CVEID: CVE-2014-0114 Apache Struts 1.X could allow a remote attacker to execute arbitrary code on the system, caused by the failure to restrict the setting...

7.5CVSS1.4AI score0.96121EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 10:42 p.m.49 views

Security Bulletin: A security vulnerability in IBM Java Runtime affects IBM Cognos Planning (CVE-2016-3427)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 6 that is used by IBM Cognos Planning. These issues were disclosed as part of the IBM Java SDK updates in April 2016. Vulnerability Details CVEID: CVE-2016-3427 DESCRIPTION: An unspecified vulnerability related t...

10CVSS0.9AI score0.92334EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:9 a.m.49 views

Security Bulletin: IBM API Connect is affected by an OpenSSL vulnerability (CVE-2017-3736)

Summary IBM API Connect has addressed the following vulnerability. OpenSSL could allow a remote attacker to obtain sensitive information, caused by a carry propagation flaw in the x8664 Montgomery squaring function bnsqrx8xinternal. An attacker with online access to an unpatched system could...

6.5CVSS6.8AI score0.10133EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:8 a.m.49 views

Security Bulletin: CICS Transaction Gateway for Multiplatforms

Summary Multiple security vulnerabilities exist in the JREs shipped with CICS Transaction Gateway CICS TG for client applications. CICS TG itself is not vulnerable to all these risks but client side applications using the CICS TG supplied JREs might be. Vulnerability Details CVEID: CVE-2017-10345...

9.8CVSS0.8AI score0.07489EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:8 a.m.49 views

Security Bulletin: Aspera Applications are affected by a Nginx vulnerability

Summary Aspera Applications has addressed the following vulnerability: Nginx could allow a remote attacker to obtain sensitive information caused by an integer overflow in nginx range filter mode. Vulnerability Details CVEID: CVE-2017-7529 DESCRIPTION: Nginx could allow a remote attacker to obtai...

7.5CVSS2AI score0.62597EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:8 a.m.49 views

Security Bulletin: API Connect OpenSSL CVE-2016-2183

Summary OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DES/3DES cipher, used as a part of the SSL/TLS protocol. This vulnerability is known as the SWEET32 Birthday attack. Vulnerability Details CVEID: CVE-2016-2183 DESCRIPTION: OpenSSL could allow...

7.5CVSS6.8AI score0.95707EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:7 a.m.49 views

Security Bulletin: Multiple security vulnerabilities affect IBM WebSphere Application Server in Bluemix

Summary There are multiple vulnerabiltities in the IBM® SDK Java™ Technology Edition that is shipped with IBM WebSphere Application Server. These issues were disclosed as part of the IBM Java SDK updates in January 2017. These may affect some configurations of IBM WebSphere Application Server...

8.8CVSS0.7AI score0.95707EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:7 a.m.49 views

Security Bulletin: Vulnerabilities in OpenSSL affect IBM WebSphere MQ (CVE-2016-2106, CVE-2016-2109)

Summary OpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by IBM WebSphere MQ. IBM WebSphere MQ has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-2106 DESCRIPTION: OpenSSL is vulnerable to a heap-based buffer overflow, caused by...

10CVSS1.1AI score0.77906EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:6 a.m.49 views

Security Bulletin: Multiple vulnerabilities may affect IBM® WebSphere Real Time

Summary Java SE issues disclosed in the Oracle July 2016 Critical Patch Update Vulnerability Details CVE IDs: CVE-2016-3598 CVE-2016-3511 CVE-2016-3485 DESCRIPTION: This bulletin covers all applicable Java SE CVEs published by Oracle as part of their July 2016 Critical Patch Update. For more...

9.6CVSS0.6AI score0.0669EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:5 a.m.49 views

Security Bulletin: Multiple vulnerabilities have been identified in WebSphere Application Server shipped with WebSphere Service Registry and Repository (CVE-2016-0466, CVE-2015-7575, CVE-2016-0448)

Summary WebSphere Application Server is shipped as a component of WebSphere Service Registry and Repository. Information about security vulnerabilities affecting WebSphere Application Server have been published in a security bulletin. Vulnerability Details Please consult the security bulletin...

2.8AI score0.05453EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:4 a.m.49 views

Security Bulletin: CICS Transaction Gateway for Multiplatforms

Summary Multiple security vulnerablilities exist in the JREs shipped with CICS TG for client applications. CICS TG itself is not vulnerable to all these risks but client side applications using the CICS TG supplied JREs might be. Vulnerability Details CVEID: CVE-2015-4844 DESCRIPTION: An...

10CVSS0.9AI score0.13354EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:3 a.m.49 views

Security Bulletin: CICS Transaction Gateway for Multiplatforms

Summary Multiple security vulnerablilities exist in the JREs shipped with CICS TG for client applications. CICS TG itself is not vulnerable to all these risks but client side applications using the CICS TG supplied JREs might be. Vulnerability Details CVEID: CVE-2015-2638 DESCRIPTION: An...

10CVSS0.6AI score0.44595EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:3 a.m.49 views

Security Bulletin: Multiple vulnerabilities in current releases of IBM® WebSphere Real Time

Summary Java SE issues disclosed in the Oracle April 2015 Critical Patch Update, plus four additional CVEs Vulnerability Details CVE IDs: CVE-2015-0491 CVE-2015-0459 CVE-2015-0469 CVE-2015-0458 CVE-2015-0480 CVE-2015-0488 CVE-2015-0486 CVE-2015-0478 CVE-2015-0477 CVE-2015-0204 CVE-2015-0192...

10CVSS0.4AI score0.98685EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:2 a.m.49 views

Security Bulletin: Multiple vulnerabilities in current releases of the IBM® SDK, Java™ Technology Edition

Summary Java SE issues disclosed in the Oracle April 2015 Critical Patch Update, plus four additional CVEs Vulnerability Details CVE IDs: CVE-2015-0491 CVE-2015-0459 CVE-2015-0469 CVE-2015-0458 CVE-2015-0480 CVE-2015-0488 CVE-2015-0486 CVE-2015-0478 CVE-2015-0477 CVE-2015-0204 CVE-2015-0192...

10CVSS0.9AI score0.98685EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:2 a.m.49 views

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect WebSphere DataPower XC10 Appliance: CVE-2015-0138, CVE-2014-6593, CVE-2015-0410

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition. These vulnerabilities affect WebSphere DataPower XC10 versions 2.1 and 2.5. These issues were disclosed as part of the IBM Java SDK updates in January 2015. This bulletin also addresses the “FREAK:...

5CVSS1.4AI score0.67234EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:1 a.m.49 views

Security Bulletin: Multiple vulnerabilities in current releases of the IBM® SDK, Java™ Technology Edition

Summary Java SE issues disclosed in the Oracle July 2014 Critical Patch Update, plus 2 additional vulnerabilities Vulnerability Details CVE IDs: CVE-2014-3086 CVE-2014-4227 CVE-2014-4262 CVE-2014-4219 CVE-2014-4209 CVE-2014-4220 CVE-2014-4268 CVE-2014-4218 CVE-2014-4252 CVE-2014-4266 CVE-2014-426...

10CVSS0.7AI score0.05577EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/19 2:41 p.m.48 views

Security Bulletin: Updating Java in Identity Insight 9.0.0.1 for security update

Summary Identity Insight customers are advised to update OpenJDK 8 to version 8.0.492 for the security update in Java. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products| Versions ---|--- IBM InfoSphere...

8.1CVSS6.8AI score0.01361EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/29 2:22 a.m.48 views

Security Bulletin: IBM Robotic Process Automation is vulnerable to disclosure of chatbot credentials (CVE-2022-33954))

Summary Security Bulletin: IBM Robotic Process Automation is vulnerable to disclosure of chatbot credentials CVE-2022-33954 Vulnerability Details CVEID:CVE-2022-33954 DESCRIPTION: IBM Robotic Process Automation could allow a user with psychical access to the system to obtain sensitive information...

4.6CVSS4.6AI score0.00237EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/25 10:49 a.m.48 views

Security Bulletin: Multiple Vulnerabilities in IBM webMethods B2B

Summary Multiple vulnerabilities were addressed in the latest fix release for IBM webMethods B2B 11.1 Vulnerability Details CVEID:CVE-2015-6644 DESCRIPTION: Bouncy Castle in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to obtain sensitive information via a crafted...

7.5CVSS10AI score0.08878EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 2:42 a.m.48 views

Security Bulletin: IBM Security Verify Access is vulnerable to multiple Security Vulnerabilities

Summary The IBM Security Verify Access Appliance and IBM Security Verify Access Container has addressed multiple vulnerabilities in release 10.0.0.8. Vulnerability Details CVEID:CVE-2024-31883 DESCRIPTION: IBM Security Verify Access, under certain configurations, could allow an unauthenticated...

7.5CVSS7.6AI score0.03028EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/26 2:47 a.m.48 views

Security Bulletin: IBM Spectrum Control is vulnerable to multiple weaknesses related IBM WebSphere Application Server Liberty and FasterXML jackson-databind

Summary Vulnerabilities in IBM WebSphere Application Server Liberty and FasterXML jackson-databind such as HTTP header injection, identity spoofing, denial of service may affect IBM Spectrum Control. Vulnerability Details CVEID:CVE-2022-34165 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0...

8.8CVSS6.9AI score0.02824EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/26 2:43 a.m.48 views

Security Bulletin: IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps is vulnerable to information disclosure and weaker security (CVE-2022-43901, CVE-2022-43900)

Summary IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps could disclose sensitive information and contain weaker than expected security. This has been addressed. Vulnerability Details CVEID:CVE-2022-43901 DESCRIPTION: IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps could...

6.5CVSS6AI score0.00194EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/05 5:1 p.m.48 views

Security Bulletin: IBM Aspera Shares is vulnerable to multiple high severity vulnerabilities (CVE-2022-1586, CVE-2022-4304, CVE-2023-0215, CVE-2023-0286, CVE-2019-20838, CVE-2022-2068, CVE-2022-1587)

Summary This Security Bulletin addresses multiple high severity OpenSSL security vulnerabilities that have been remediated in IBM Aspera Shares 1.10.0 PL4. Vulnerability Details CVEID:CVE-2022-1586 DESCRIPTION: PCRE2 could allow a remote attacker to execute arbitrary code on the system, caused by...

10CVSS9.7AI score0.95764EPSS
Exploits1Affected Software5
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/09 10:41 a.m.48 views

Security Bulletin: Multiple Vulnerabilities in IBM Application Performance Management

Summary Multiple vulnerabilities were addressed in IBM Application Performance Management 8.1.4.0 IF17 patch Vulnerability Details CVEID:CVE-2024-22329 DESCRIPTION: IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.3 are vulnerable to...

8.7CVSS9.1AI score0.02772EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/10/17 8:51 a.m.48 views

Security Bulletin: IBM Observability with Instana for Self-Hosted Standard Edition is affected by Multiple Security Vulnerabilities

Summary Multiple vulnerabilities were remediated in IBM Observability with Instana for Self-Hosted Standard Edition 281. Vulnerability Details CVEID:CVE-2022-41722 DESCRIPTION: Golang Go could allow a remote attacker to traverse directories on the system, caused by a flaw in the filepath.Clean...

7.5CVSS9.6AI score0.03796EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/25 7:7 p.m.48 views

Security Bulletin: Vulnerabilities in Google Protocol Buffers affect IBM watsonx.data

Summary Google Protocol Buffers and protobuf-java core and lite have multiple vulnerabilities that can affect watsonx.data. These vulnerablities include denail of service attacks and remote code executions, Vulnerability Details CVEID:CVE-2015-5237 DESCRIPTION: Google Protocol Buffers could allow...

8.8CVSS8.5AI score0.05106EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/10 3:18 p.m.48 views

Security Bulletin: Vulnerabilities in openssl library (CVE-2023-3446, CVE-2023-3817, CVE-2023-5678) affect Power HMC.

Summary The openssl library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2023-3446 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a flaw when using the DHcheck, DHcheckex or EVPPKEYparamcheck functio...

5.3CVSS6.4AI score0.05533EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/08/22 10:51 a.m.48 views

Security Bulletin: Multiple Vulnerabilities in IBM Application Performance Management

Summary Multiple vulnerabilities were addressed in IBM Application Performance Management 8.1.4.0 IF16 patch Vulnerability Details CVEID:CVE-2023-32342 DESCRIPTION: IBM GSKit could allow a remote attacker to obtain sensitive information, caused by a timing-based side channel in the RSA Decryption...

7.5CVSS10AI score0.09149EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/08/03 12:43 a.m.48 views

Security Bulletin: IBM MQ Appliance is affected by multiple open source vulnerabilities.

Summary IBM MQ Appliance has addressed multiple open source vulnerabilities. Vulnerability Details CVEID:CVE-2023-2162 DESCRIPTION: Linux Kernel could allow a local attacker to obtain sensitive information, caused by a use-after-free flaw in the iscsiswtcpsessioncreate function in...

7.5CVSS9.4AI score0.00816EPSS
Exploits0Affected Software1
Total number of security vulnerabilities5000