Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
IbmRecent
RecentMost viewed

34986 matches found

IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/19 2:3 a.m.15 views

Security Bulletin:IBM Event Streams is vulnerable to a Deniel of service (DoS) attack due to the path-to-regexp (CVE-2024-45296).

Summary IBM Event Streams is vulnerable to a Denial of Service DoS attack due to the path-to-regexp component, a JavaScript library that converts path strings into regular expressions to match and extract parameters from URLs or other structured data based on defined path patterns. Vulnerability...

7.5CVSS6.4AI score0.00064EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/17 4:49 p.m.18 views

Security Bulletin: IBM i is vulnerable to a privilege escalation vulnerability in IBM TCP/IP Connectivity Utilities for i [CVE-2025-33103].

Summary IBM i contains a privilege escalation vulnerability in IBM TCP/IP Connectivity Utilities for i as described in the vulnerability details section. This bulletin identifies the steps to take to address the vulnerability as described in the remediation/fixes section. Vulnerability Details...

8.8CVSS7.4AI score0.00177EPSS
Exploits0Affected Software6
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/17 9:11 a.m.31 views

Security Bulletin: Vulnerability in Nginx affects IBM Integrated Analytics System (Sailfish)[CVE-2023-44487, CVE-2024-7347].

Summary The Nginx package is used by IBM Integrated Analytics System . IBM Integrated Analytics System has addressed the applicable CVECVE-2023-44487, CVE-2024-7347. Vulnerability Details CVEID:CVE-2023-44487 DESCRIPTION: The HTTP/2 protocol allows a denial of service server resource consumption...

7.5CVSS7.3AI score0.944EPSS
Exploits19Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/17 4:43 a.m.3 views

Security Bulletin: Vulnerability in Apache Tomcat affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in Apache Tomcat has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. The vulnerability has been addressed. Refer to details for additional information...

7.5CVSS6.8AI score0.21539EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/17 4:43 a.m.11 views

Security Bulletin: Vulnerability in cross-spawn affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in cross-spawn has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information...

8.7CVSS6.5AI score0.00067EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/17 4:42 a.m.11 views

Security Bulletin: Vulnerability in path-to-regexp affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in path-to-regexp has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information...

8.7CVSS6.7AI score0.00293EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/16 8:3 p.m.9 views

Security Bulletin: IBM WebSphere Application Server, which is bundled with WebSphere Remote Server, is affected by a cross-site scripting vulnerability due to user ability to embed arbitrary JavaScript code in the Web UI (CVE-2025-33104)

Summary IBM WebSphere Application Server is shipped with IBM WebSphere Remote Server. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the...

7.6CVSS6AI score0.00124EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/16 7:27 p.m.18 views

Security Bulletin: Vulnerabilities in Linux Kernel might affect IBM Storage Defender Copy Data Management

Summary IBM Storage Defender Copy Data Management can be affected by vulnerabilities in Linux Kernel. Vulnerabilities include dmaengine: fix NULL pointer in channel unregistration function dmaasyncdevicechannelregister can fail, integrity overflow issue could possibly leading to bluetooth...

7.8CVSS7.5AI score0.00028EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/16 7:26 p.m.30 views

Security Bulletin: Vulnerabilities in jQuery, Moment, Jackson-mapper-asl and Red Hat JBoss Enterprise Application Platform might affect IBM Storage Defender Copy Data Management.

Summary IBM Storage Defender Copy Data Management can be affected by vulnerabilities in jQuery, Moment, Jackson-mapper-asl and Red Hat JBoss Enterprise Application Platform. Vulnerabilities include an attacker or a remote attacker could use or exploit these vulnerabilities to steal the victim's...

9.8CVSS10AI score0.3466EPSS
Exploits24Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/16 7:25 p.m.20 views

Security Bulletin: Vulnerabilities in Beego and golang crypto might affect IBM Storage Defender Copy Data Management.

Summary IBM Storage Defender Copy Data Management can be affected by vulnerabilities in Beego and golang crypto. Vulnerabilities include Applications and libraries which misuse connection.serverAuthenticate via callback field ServerConfig.PublicKeyCallback may be susceptible to an authorization...

9.8CVSS10AI score0.32338EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/16 7:24 p.m.45 views

Security Bulletin: Vulnerabilities in Apache Tomcat might affect IBM Storage Defender Copy Data Management.

Summary IBM Storage Defender Copy Data Management can be affected by vulnerabilities in Apache Tomcat . Vulnerabilities include Time-of-check Time-of-use TOCTOU Race Condition, Allocation of Resources Without Limits or Throttling, allows remote attackers to cause a denial of service CPU consumpti...

10CVSS9.1AI score0.9413EPSS
Exploits55Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/16 7:24 p.m.30 views

Security Bulletin: Vulnerabilities in FasterXML jackson-databind, Apache Struts, Red Hat JBoss Enterprise Application Platform and jquery-bbq might affect IBM Storage Defender Copy Data Management.

Summary IBM Storage Defender Copy Data Management can be affected by vulnerabilities in FasterXML jackson-databind, Apache Struts, Red Hat JBoss Enterprise Application Platform and jquery-bbq. Vulnerabilities include an attacker, an unauthenticated attacker and remote attacker could exploit these...

9.8CVSS10AI score0.82379EPSS
Exploits16Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/16 7:23 p.m.34 views

Security Bulletin: Vulnerabilities in Spring Boot, Spring Security and Spring Framework might affect IBM Storage Defender Copy Data Management.

Summary IBM Storage Defender Copy Data Management can be affected by vulnerabilities in Spring Boot, Spring Security and Spring Framework. Vulnerabilities include an attacker could exploit this vulnerability to execute arbitrary code, obtain system and session information and cause a denial of...

7.5CVSS10AI score0.00282EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/16 7:22 p.m.41 views

Security Bulletin: Vulnerabilities in XStream and Apache MINA might affect IBM Storage Defender Copy Data Management.

Summary IBM Storage Defender Copy Data Management can be affected by vulnerabilities in XStream and Apache MINA. Vulnerabilities include allowing attackers to exploit the deserialization process by sending specially crafted malicious serialized data, potentially leading to remote code execution R...

10CVSS9.7AI score0.88091EPSS
Exploits11Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/16 7:21 p.m.25 views

Security Bulletin: Vulnerabilities in Pivota Spring Framework, VMware Tanzu Spring Framework, VMware Spring Framework might affect IBM Storage Defender Copy Data Management.

Summary IBM Storage Defender Copy Data Management can be affected by vulnerabilities in Pivota Spring Framework, VMware Tanzu Spring Framework, VMware Spring Framework. Vulnerabilities include an attacker and remote attacker could exploit these vulnerabilities to execute arbitrary code on the...

9.8CVSS8.8AI score0.63828EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/16 6:20 p.m.7 views

Security Bulletin: Vulnerability in OpenSSL (CVE-2024-13176) affects PowerVM

Summary OpenSSL is used by PowerVM to support virtual TPM operations. This bulletin provides a remediation for the impacted vulnerability, CVE-2024-13176 by upgrading PowerVM and thus addressing the exposure to the openssl vulnerability. Vulnerability Details CVEID:CVE-2024-13176 DESCRIPTION: Iss...

4.1CVSS5.8AI score0.00075EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/16 4:18 p.m.12 views

Security Bulletin: This Power System update is being released to address CVE-2024-41007

Summary The Linux kernel is used by the Virtualization Management Interface in PowerVM to support network communication with the Hardware Management Console. This bulletin provides a remediation for the impacted vulnerability, CVE-2024-41007, by upgrading PowerVM and thus addressing the exposure ...

3.3CVSS6.4AI score0.0002EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/16 4:16 p.m.16 views

Security Bulletin: This Power System update is being released to address CVE-2024-2511

Summary The OpenSSL package is used by the Virtualization Management Interface in PowerVM to support network communication with the Hardware Management Console. This bulletin provides a remediation for the impacted vulnerability, CVE-2024-2511, by upgrading PowerVM and thus addressing the exposur...

5.9CVSS6.3AI score0.08833EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/16 3:4 p.m.12 views

Security Bulletin: Multiple Vulnerabilities affecting IBM Decision Optimization for Cloud Pak for Data are addressed

Summary There are multiple vulnerabilities impacting IBM Decision Optimization for Cloud Pak for Data. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2025-22150 DESCRIPTION: Undici is an HTTP/1.1 client. Starting in version 4.5.0 and pri...

6.8CVSS7.6AI score0.00883EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/16 2:54 p.m.13 views

Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect IBM WebSphere Application Server and IBM WebSphere Application Server Liberty due to the April 2025 CPU

Summary There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVEs listed in this document might affect some configurations of IBM WebSphere Application Server traditiona...

7.8CVSS7.2AI score0.00234EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/16 12:1 p.m.6 views

Security Bulletin: There is a vulnerability in WebSphere Liberty used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2024-47535)

Summary There is a vulnerability in WebSphere Liberty used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2024-47535 DESCRIPTION: Netty is an asynchronous event-driven network application framework for rapid development of maintainable high...

5.5CVSS5.4AI score0.00467EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/16 11:59 a.m.21 views

Security Bulletin: IBM Maximo Asset Management is vulnerable to Apache poi-ooxml-3.9-20121203 in BIRT (CVE-2016-5000, CVE-2017-12626, CVE-2017-5644, CVE-2019-12415, CVE-2022-26336)

Summary IBM Maximo Asset Management is vulnerable to Apache poi-ooxml-3.9-20121203 in BIRT Vulnerability Details CVEID:CVE-2016-5000 DESCRIPTION: The XLSX2CSV example in Apache POI before 3.14 allows remote attackers to read arbitrary files via a crafted OpenXML document containing an external...

7.5CVSS7.1AI score0.01114EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/16 10:33 a.m.9 views

Security Bulletin: There is a vulnerability in netty-common-4.1.115.Final.jar used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2025-25193)

Summary There is a vulnerability in netty-common-4.1.115.Final.jar used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2025-25193 DESCRIPTION: Netty, an asynchronous, event-driven network application framework, has a vulnerability in versions up ...

5.5CVSS5.5AI score0.00096EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/16 8:6 a.m.30 views

Security Bulletin: Due to the use of Apache Tomcat, IBM ApplinX is vulnerable to an Improper Encoding or Escaping of Output vulnerability (CVE-2025-31651) and an Improper Input Validation vulnerability (CVE-2025-31651).

Summary Due to the use of Apache Tomcat, IBM ApplinX is vulnerable to an Improper Encoding or Escaping of Output vulnerability CVE-2025-31651 and an Improper Input Validation vulnerability CVE-2025-31651. Apache Tomcat has been updated within IBM ApplinX in order to address the vulnerabilities...

9.8CVSS7.1AI score0.2185EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/16 1:36 a.m.27 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects App Connect Professional

Summary There are multiple vulnerabilities in the IBM SDK Java Technology used by App Connect Professional. These issue were disclosed as part of the IBM Java SDK updates in October 2024, App Connect Professional has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2024-21235...

5.3CVSS5.8AI score0.00303EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/16 12:54 a.m.14 views

Security Bulletin: IBM Content Navigator is vulnerable to HTML injection.

Summary IBM Content Navigator has addressed the following vulnerability. Vulnerability Details CVEID:CVE-2024-51475 DESCRIPTION: IBM Content Navigator is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web...

6.1CVSS6.8AI score0.00093EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/15 10:55 p.m.10 views

Security Bulletin: Astronomer with IBM is vulnerable to buffer overflow due to the OpenSSL package (CVE-2021-3711).

Summary OpenSSL is used by Astronomer with IBM as part of secure communications. Vulnerability Details CVEID:CVE-2021-3711 DESCRIPTION: OpenSSL is vulnerable to a buffer overflow, caused by improper bounds checking by the EVPPKEYdecrypt function within implementation of the SM2 decryption. By...

9.8CVSS8.2AI score0.02544EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/15 10:54 p.m.9 views

Security Bulletin: Astronomer with IBM is vulnerable to arbitrary code execution due to the LangChain package (CVE-2023-38896).

Summary LangChain is used by Astronomer with IBM as part of LLM processing. Vulnerability Details CVEID:CVE-2023-38896 DESCRIPTION: LangChain could allow a remote attacker to execute arbitrary code on the system, caused by improper neutralization of user supplied-input by the frommathprompt and...

9.8CVSS7.6AI score0.01049EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/15 10:53 p.m.9 views

Security Bulletin: Astronomer with IBM is vulnerable to arbitrary code execution due to the LangChain package (CVE-2023-39659).

Summary LangChain is used by Astronomer with IBM as part of LLM processing. Vulnerability Details CVEID:CVE-2023-39659 DESCRIPTION: LangChain could allow a remote attacker to execute arbitrary code on the system, caused by improper neutralization of user supplied-input by the PythonAstREPLTool.ru...

9.8CVSS7.6AI score0.01594EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/15 10:52 p.m.16 views

Security Bulletin: Astronomer with IBM is vulnerable to security restriction bypass due to the Perl package (CVE-2023-47100).

Summary Perl is used by Astronomer with IBM as part of core processing. Vulnerability Details CVEID:CVE-2023-47100 DESCRIPTION: Perl could allow a remote attacker to bypass security restrictions, caused by improper handling of property name by the Sparseunipropstring function in regcomp.c. By usi...

6.7AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/15 8:36 p.m.17 views

Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in Apache CXF (CVE-2025-23184)

Summary A vulnerability in Apache CXF that is used by InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2025-23184 DESCRIPTION: A potential denial of service vulnerability is present in versions of Apache CXF before 3.5.10, 3.6.5 and 4.0.6. In some edge cases, the...

7.5CVSS6.5AI score0.00147EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/15 8:23 p.m.9 views

Security Bulletin: IBM Information Server is affected by an Information Disclosure vulnerability (CVE-2025-1138)

Summary An Information Disclosure vulnerability in IBM Information Server was addressed. Vulnerability Details CVEID:CVE-2025-1138 DESCRIPTION: IBM InfoSphere Information Server could disclose sensitive information to an authenticated user that could aid in further attacks against the system...

4.3CVSS5.8AI score0.00172EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/15 4:59 p.m.21 views

Security Bulletin: Multiple vulnerabilities affect IBM® Semeru Runtime

Summary This bulletin for IBM Semeru Runtime covers all applicable Java SE CVEs published by OpenJDK as part of their April 2025 Vulnerability Advisory, plus CVE-2025-2900 and CVE-2025-4447. For more information please refer to OpenJDK's April 2025 Vulnerability Advisory and the CVE links below...

7.8CVSS6.8AI score0.00234EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/15 4:57 p.m.25 views

Security Bulletin: Multiple vulnerabilities affect IBM® SDK, Java™ Technology Edition

Summary This bulletin for IBM SDK, Java Technology Edition covers all applicable Java SE CVEs published by Oracle as part of their April 2025 Critical Patch Update, plus CVE-2025-4447. For more information please refer to Oracle's April 2025 CPU Advisory and the CVE links referenced below...

7.8CVSS6.3AI score0.00234EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/15 2:37 p.m.9 views

Security Bulletin: Vulnerability in Jsonpath-plus affects IBM watsonx Assistant for IBM Cloud Pak for Data

Summary A potential vulnerability in Jsonpath-plus has been identified that affects IBM watsonx Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-21534 DESCRIPTION: Jsonpath-plus could all...

9.8CVSS7.7AI score0.92707EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/15 2:29 p.m.9 views

Security Bulletin: IBM MQ for HPE NonStop Server is affected by denial of service vulnerability (CVE-2025-23225)

Summary IBM MQ for HPE NonStop Server has addressed a denial of service vulnerability CVE-2025-23225, when a message without an MQXQH header is put to an XMITQ. Vulnerability Details CVEID:CVE-2025-23225 DESCRIPTION: IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD could allow an authenticated user to...

6.5CVSS6.3AI score0.00184EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/15 11:32 a.m.12 views

Security Bulletin: Vulnerability in commons-compress affects IBM Integrated Analytics System (Sailfish) [CVE-2024-25710, CVE-2024-26308]

Summary The commons-compress package is used by IBM Integrated Analytics System . IBM Integrated Analytics System has addressed the applicable CVECVE-2024-25710, CVE-2024-26308. Vulnerability Details CVEID:CVE-2024-25710 DESCRIPTION: Loop with Unreachable Exit Condition 'Infinite Loop'...

8.1CVSS6.4AI score0.00392EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/15 11:20 a.m.12 views

Security Bulletin: Vulnerability in [All] linux (Kernel) affects IBM Integrated Analytics System (Sailfish) [CVE-2021-47301, CVE-2024-27070].

Summary The All linux Kernel package is used by IBM Integrated Analytics System . IBM Integrated Analytics System has addressed the applicable CVECVE-2021-47301, CVE-2024-27070. Vulnerability Details CVEID:CVE-2021-47301 DESCRIPTION: In the Linux kernel, the following vulnerability has been...

7.8CVSS6.5AI score0.00019EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/14 8:57 p.m.9 views

Security Bulletin: Vulnerability in VMware Tanzu Spring Framework affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in VMware Tanzu Spring Framework has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional...

4.3CVSS7.1AI score0.00809EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/14 8:57 p.m.9 views

Security Bulletin: Vulnerability in Netty affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in Netty has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerability...

5.3CVSS6.9AI score0.00343EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/14 7:57 p.m.13 views

Security Bulletin: Vulnerability in libssh affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in libsshp has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerabili...

5.3CVSS6.5AI score0.00363EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/14 7:56 p.m.14 views

Security Bulletin: Vulnerability in libssh affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in libssh has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerabilit...

4.8CVSS7.4AI score0.00051EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/14 7:56 p.m.8 views

Security Bulletin: Vulnerability in scikit-learn affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in scikit-learn has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information...

4.7CVSS6.3AI score0.00037EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/14 7:56 p.m.18 views

Security Bulletin: Vulnerability in Webpack and Rspack affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in Webpack and Rspack has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information...

6.4CVSS6.7AI score0.0152EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/14 7:55 p.m.8 views

Security Bulletin: Vulnerability in expressjs express affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in expressjs express has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information...

5CVSS7.2AI score0.00123EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/14 7:50 p.m.12 views

Security Bulletin: IBM WebSphere Application Server is affected by a cross-site scripting vulnerability (CVE-2025-33104)

Summary IBM WebSphere Application Server is affected by a cross-site scripting vulnerability. Vulnerability Details CVEID:CVE-2025-33104 DESCRIPTION: IBM WebSphere Application Server is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the W...

7.6CVSS4.7AI score0.00124EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/14 7:47 p.m.14 views

Security Bulletin: Vulnerability in Jinja affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in Jinja has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerability...

8.8CVSS7.3AI score0.00573EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/14 7:46 p.m.7 views

Security Bulletin: Vulnerability in nanoid (aka Nano ID) affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in nanoid aka Nano ID has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information...

4.3CVSS6.8AI score0.00107EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/14 7:43 p.m.17 views

Security Bulletin: Vulnerability in expressjs body-parser affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in expressjs body-parser has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional informatio...

7.5CVSS7AI score0.01387EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/14 7:43 p.m.12 views

Security Bulletin: Vulnerability in pillarjs affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in pillarjs has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information...

5CVSS7.2AI score0.00175EPSS
Exploits0Affected Software2
Total number of security vulnerabilities34986