Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
IbmRecent
RecentMost viewed

34986 matches found

IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/14 7:43 p.m.10 views

Security Bulletin: Vulnerability in expressjs serve-static affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in expressjs serve-static has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional...

5CVSS7.2AI score0.00919EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/14 7:43 p.m.5 views

Security Bulletin: Vulnerability in Protobuf affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in Protobuf has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information...

8.7CVSS7AI score0.00134EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/14 7:42 p.m.9 views

Security Bulletin: Vulnerability in jshttp cookie affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in jshttp cookie has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information...

6.9CVSS7AI score0.00205EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/14 7:42 p.m.14 views

Security Bulletin: Vulnerability in Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been...

3.7CVSS6.6AI score0.00279EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/14 7:42 p.m.8 views

Security Bulletin: Vulnerability in Java SE affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in Java SE has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerabili...

3.7CVSS6AI score0.00096EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/14 7:26 p.m.11 views

Security Bulletin: Vulnerability in expressjs body-parser affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in expressjs body-parser has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional informatio...

7.5CVSS7AI score0.01387EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/14 7:24 p.m.13 views

Security Bulletin: Vulnerability in Java SE affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in Java SE has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerabili...

3.7CVSS5.8AI score0.00144EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/14 7:23 p.m.10 views

Security Bulletin: Vulnerability in Netty netty-incubator-codec-ohttp affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in Netty netty-incubator-codec-ohttp has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additiona...

9.1CVSS7AI score0.00404EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/14 7:23 p.m.14 views

Security Bulletin: Vulnerability in Bootstrap affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in Bootstrap has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information...

6.3AI score
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/14 7:22 p.m.11 views

Security Bulletin: Vulnerability in SaxEventRecorder by QOS.CH logback version 0.1 to 1.3.14 and 1.4.0 to 1.5.12 on the Java platform, affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in SaxEventRecorder by QOS.CH logback version 0.1 to 1.3.14 and 1.4.0 to 1.5.12 on the Java platform, has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The...

5.9CVSS8AI score0.00169EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/14 7:22 p.m.7 views

Security Bulletin: Vulnerability in Java SE affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in Java SE has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerabili...

3.7CVSS6AI score0.00054EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/14 7:22 p.m.16 views

Security Bulletin: Vulnerability in pypa/setuptools affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in pypa/setuptools has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information...

8.8CVSS7.9AI score0.09875EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/14 7:21 p.m.8 views

Security Bulletin: Vulnerability in aiohttp affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in aiohttp has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerabili...

7.5CVSS7AI score0.0042EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/14 7:21 p.m.13 views

Security Bulletin: Vulnerability in Java SE affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in Java SE has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerabili...

5.3CVSS5.9AI score0.00303EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/14 7:20 p.m.7 views

Security Bulletin: Vulnerability in axios affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in axios has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerability...

7.1AI score
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/14 7:19 p.m.9 views

Security Bulletin: Vulnerability in Java SE affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in Java SE has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerabili...

4.8CVSS5.8AI score0.00171EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/14 6:7 p.m.14 views

Security Bulletin: Astronomer with IBM is vulnerable to remote attacks due to the crewjam saml package (CVE-2020-27846).

Summary crewjam saml is used by Astronomer with IBM as part of identity verification. Vulnerability Details CVEID:CVE-2020-27846 DESCRIPTION: crewjam saml could allow a remote attacker to bypass security restrictions, caused by a signature verification vulnerability. By sending a specially-crafte...

10CVSS7AI score0.07544EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/14 4:46 p.m.15 views

Security Bulletin: Multiple Vulnerabilities in IBM Event Streams

Summary Multiple vulnerabilities were addressed in IBM Event Streams version 11.7.0. Vulnerability Details CVEID:CVE-2024-52798 DESCRIPTION: path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cau...

8.7CVSS7.3AI score0.00528EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/14 4:42 p.m.18 views

Security Bulletin: Improper Privilege Management vulnerability in IBM Event Streams

Summary IBM Event Streams is vulnerable to Improper Privilege Management vulnerability in Apache Kafka Clients to escalate from REST API access to filesystem/environment access, which may be undesirable in certain environments like in a SaaS. Vulnerability Details CVEID:CVE-2024-31141 DESCRIPTION...

6.5CVSS6.9AI score0.00156EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/14 2:58 p.m.28 views

Security Bulletin: IBM i is vulnerable to a machine-in-the-middle attack due to mishandling error codes when verifying the host key by OpenSSH. [CVE-2025-26465]

Summary OpenSSH used by IBM i is vulnerable to a machine-in-the-middle attack due to mishandling error codes when verifying the host key as described in the vulnerability details section. This bulletin identifies the steps to take to address the vulnerability as described in the remediation/fixes...

6.8CVSS6.7AI score0.61739EPSS
Exploits4Affected Software6
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/14 1:53 p.m.20 views

Security Bulletin: IBM SDK Java Technology Edition is vulnerable to CVE-2024-27267, affecting WebSphere Service Registry and Repository due to July 2024 CPU

Summary IBM SDK Java Technology Edition is vulnerable to CVE-2024-27267, used by WebSphere Service Registry and Repository. These issues were disclosed as part of the IBM Java SDK updates in January 2024. These issues are also addressed by WebSphere Application Server shipped with WebSphere Servi...

5.9CVSS6.5AI score0.00022EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/14 12:8 p.m.8 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to gunicorn-22.0.0-py3-none-any.whl CVE-2024-6827

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to gunicorn-22.0.0-py3-none-any.whl CVE-2024-6827. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-6827 DESCRIPTION: Gunicorn version 21.2.0 does not properly...

7.5CVSS6.4AI score0.00029EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/14 8:39 a.m.14 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to jinja2-3.1.5-py3-none-any.whl CVE-2025-27516

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to jinja2-3.1.5-py3-none-any.whl CVE-2025-27516. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2025-27516 DESCRIPTION: Jinja is an extensible templating engine. Prio...

8.8CVSS7.2AI score0.00121EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/14 8:7 a.m.32 views

Security Bulletin: Vulnerability in [All] linux (Kernel) affects IBM Integrated Analytics System (Sailfish) [CVE-2024-26906, CVE-2024-26982].

Summary The All linux Kernel package is used by IBM Integrated Analytics System . IBM Integrated Analytics System has addressed the applicable CVE CVE-2024-26906, CVE-2024-26982. Vulnerability Details CVEID:CVE-2024-26906 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a...

7.1CVSS6.5AI score0.00031EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/14 8:0 a.m.27 views

Security Bulletin: Vulnerability in [All] linux (Kernel) affects IBM Integrated Analytics System (Sailfish) [CVE-2024-27059, CVE-2024-27052, CVE-2024-27048, CVE-2024-27014].

Summary The All linux Kernel package is used by IBM Integrated Analytics System . IBM Integrated Analytics System has addressed the applicable CVE CVE-2024-27059, CVE-2024-27052, CVE-2024-27048, CVE-2024-27014. Vulnerability Details CVEID:CVE-2024-27059 DESCRIPTION: In the Linux kernel, the...

7.4CVSS6.5AI score0.00011EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/14 5:52 a.m.12 views

Security Bulletin: Vulnerability in [All] linux (Kernel) affects IBM Integrated Analytics System (Sailfish) [CVE-2024-36960].

Summary The All linux Kernel package is used by IBM Integrated Analytics System . IBM Integrated Analytics System has addressed the applicable CVE CVE-2024-36960. Vulnerability Details CVEID:CVE-2024-36960 DESCRIPTION: In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx...

7.1CVSS6.4AI score0.00013EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/14 5:34 a.m.28 views

Security Bulletin: Vulnerability in [All] linux (Kernel) affects IBM Integrated Analytics System (Sailfish) [11 CVES].

Summary The All linux Kernel package is used by IBM Integrated Analytics System . IBM Integrated Analytics System has addressed the applicable CVE CVE-2024-41093, CVE-2024-42079, CVE-2024-45018, CVE-2024-40961, CVE-2024-35839, CVE-2024-38608, CVE-2024-38586, CVE-2024-39503, CVE-2024-40984,...

7.8CVSS6.8AI score0.00053EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/13 11:45 a.m.15 views

Security Bulletin: Vulnerabilities in Linux Kernel affect IBM Spectrum Protect Plus

Summary IBM Spectrum Protect Plus can be affected by vulnerabilities in Linux. Vulnerabilities include obtaining sensitive information, causing a denial of service condition, the elevation of privileges, remote execution of arbitrary code and bypassing security restrictions, as described by the...

7.5CVSS9.2AI score0.00049EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/13 7:55 a.m.22 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to transformers-4.46.3-py3-none-any.whl CVE-2024-12720

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to transformers-4.46.3-py3-none-any.whl CVE-2024-12720. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-12720 DESCRIPTION: A Regular Expression Denial of Service...

8.8CVSS7.7AI score0.79534EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/13 7:38 a.m.9 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to Django-4.2.17-py3-none-any.whl CVE-2024-56374

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to Django-4.2.17-py3-none-any.whl CVE-2024-56374. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-56374 DESCRIPTION: An issue was discovered in Django 5.1 before...

7.5CVSS6.9AI score0.00084EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/13 7:22 a.m.18 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to netty-common-4.1.117.Final.jar CVE-2025-25193

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to netty-common-4.1.117.Final.jar CVE-2025-25193. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2025-25193 DESCRIPTION: Netty, an asynchronous, event-driven network...

5.5CVSS6.9AI score0.00096EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/13 7:21 a.m.3 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to gunicorn-22.0.0-py3-none-any.whl CVE-2024-6827

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to gunicorn-22.0.0-py3-none-any.whl CVE-2024-6827. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-6827 DESCRIPTION: Gunicorn version 21.2.0 does not properly...

7.5CVSS6.9AI score0.00029EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/13 7:17 a.m.9 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to netty-handler-4.1.117.Final.jar CVE-2025-24970

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to netty-handler-4.1.117.Final.jar CVE-2025-24970. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2025-24970 DESCRIPTION: Netty, an asynchronous, event-driven network...

7.5CVSS7.1AI score0.00953EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/12 5:40 p.m.20 views

Security Bulletin: IBM App Connect Enterprise Certified Container UBI updates

Summary IBM App Connect Enterprise Certified Container ACEcc is built on the Red Hat Universal Base Images. ACEcc operator versions 12.0.11 LTS and 12.11.0 contain fixes to the listed CVEs found in the base images. This bulletin provides patch information to address the reported vulnerabilities...

9.8CVSS8.6AI score0.70344EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/12 3:48 p.m.8 views

Security Bulletin: Denial of Service Vulnerability in IBM 4769 Developers Toolkit (CVE-2025-3632)

Summary A vulnerability has been discovered in the IBM 4769 Developers Toolkit that could allow a remote attacker to cause a denial of service against the hardware security module HSM. Vulnerability Details CVEID:CVE-2025-3632 DESCRIPTION: IBM 4769 Developers Toolkit could allow a remote attacker...

7.5CVSS6.9AI score0.00301EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/12 1:28 p.m.14 views

Security Bulletin: Security vulnerability affect IBM Business Automation Workflow - CVE-2022-42920

Summary IBM Business Automation Workflow packages a vulnerable copy of Apache BCEL in an OSGi bundle. Vulnerability Details CVEID:CVE-2022-42920 DESCRIPTION: Apache Commons BCEL could allow a remote attacker to bypass security restrictions, caused by an out-of-bounds write flaw in the APIs. By...

9.8CVSS7.1AI score0.03797EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/12 12:16 p.m.14 views

Security Bulletin: On Linux systems, when temporary credential caching is enabled, the Snowflake JDBC Driver will cache temporary credentials locally in a world-readable file, affects watsonx.data

Summary Snowflake JDBC provides a JDBC type 4 driver that supports core functionality, allowing Java program to connect to Snowflake. Snowflake discovered and remediated a vulnerability in the Snowflake JDBC Driver. On Linux systems, when temporary credential caching is enabled, the Snowflake JDB...

7.8CVSS6.9AI score0.00154EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/09 8:44 p.m.34 views

Security Bulletin: Multiple vulnerabilities which can affect IBM Storage Scale cloudkit and CES S3 are now addressed. (CVE-2025-22868, CVE-2025-22869)

Summary There are several vulnerabilities in IBM Storage Scale which could provide weaker than expected security that are now addressed CVE-2024-45337, CVE-2024-45338 Vulnerability Details CVEID:CVE-2025-22868 DESCRIPTION: An attacker can pass a malicious malformed token which causes unexpected...

9.1CVSS7.4AI score0.32338EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/09 5:18 p.m.25 views

Security Bulletin: IBM App Connect Enterprise Certified Container IntegrationServer and IntegrationRuntime operands that use the Snowflake connector are vulnerable to improper preservation of permissions [CVE-2025-24791]

Summary Node.js module snowflake-sdk is used by IBM App Connect Enterprise Certified Container for connecting to Snowflake. IBM App Connect Enterprise Certified Container IntegrationServer and IntegrationRuntime operands that run flows containing the Snowflake connector are vulnerable to improper...

5.5CVSS6.1AI score0.00022EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/09 2:59 p.m.17 views

Security Bulletin: IBM App Connect Enterprise Certified Container operands are vulnerable to denial of service, SSRF and credential leakage [CVE-2025-27152, CVE-2025-27789, CVE-2025-32996, CVE-2025-32997]

Summary Node.js modules axios and http-proxy-middleware are used by IBM App Connect Enterprise Certified Container for HTTP communications. Node.js module Babel is used for internal code generation. IBM App Connect Enterprise Certified Container operands are vulnerable to denial of service, SSRF...

8.7CVSS6.3AI score0.00212EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/09 12:22 p.m.7 views

Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use mapping assistance are vulnerable to denial of service [CVE-2024-6827, CVE-2025-1194]

Summary Python modules gunicorn and transformers are used by IBM App Connect Enterprise Certified Container when providing mapping assistance. IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use mapping assistance are vulnerable to denial of service. This bulletin...

7.5CVSS4.5AI score0.00032EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/09 9:6 a.m.9 views

Security Bulletin: IBM Maximo Application Suite Ai-Service Component uses A bug in PSL validation logic in Apache HttpClient 5.4.x disables domain checks, affecting cookie management and host name verification. Discovered by the Apache HttpClient team.

Summary Security Bulletin: IBM Maximo Application Suite Ai-Service Component uses A bug in PSL validation logic in Apache HttpClient 5.4.x disables domain checks, affecting cookie management and host name verification. Discovered by the Apache HttpClient team.This bulletin contains information...

7.5CVSS6.2AI score0.00071EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/09 9:5 a.m.11 views

Security Bulletin: IBM Maximo Application Suite Ai-Service Component uses A vulnerability classified as problematic has been found in PyTorch 2.6.0. Affected is the function torch.jit.jit_module_from_flatbuffer.

Summary Security Bulletin: IBM Maximo Application Suite Ai-Service Component uses A vulnerability classified as problematic has been found in PyTorch 2.6.0. Affected is the function torch.jit.jitmodulefromflatbuffer.This bulletin contains information regarding the vulnerability and its fixture...

5.5CVSS6.2AI score0.00017EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/09 9:4 a.m.8 views

Security Bulletin: IBM Maximo Application Suite Ai-Service Component uses A vulnerability classified as problematic has been found in PyTorch 2.6.0. Affected is the function torch.jit.jit_module_from_flatbuffer.

Summary Security Bulletin: IBM Maximo Application Suite Ai-Service Component uses A vulnerability classified as problematic has been found in PyTorch 2.6.0. Affected is the function torch.jit.jitmodulefromflatbuffer.This bulletin contains information regarding the vulnerability and its fixture...

5.5CVSS6.1AI score0.00087EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/09 9:3 a.m.11 views

Security Bulletin: IBM Maximo Application Suite Ai-Service Component uses A vulnerability classified as critical was found in PyTorch 2.6.0. This vulnerability affects the function torch.lstm_cell. The manipulation leads to memory corruption.

Summary Security Bulletin: IBM Maximo Application Suite Ai-Service Component uses A vulnerability classified as critical was found in PyTorch 2.6.0. This vulnerability affects the function torch.lstmcell. The manipulation leads to memory corruption.This bulletin contains information regarding the...

5.5CVSS5.3AI score0.0015EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/09 9:2 a.m.12 views

Security Bulletin: IBM Maximo Application Suite Ai-Service Component uses A vulnerability was found in PyTorch 2.6.0+cu124. It has been declared as critical. Affected by this vulnerability is the function torch

Summary Security Bulletin: IBM Maximo Application Suite Ai-Service Component uses A vulnerability was found in PyTorch 2.6.0+cu124. It has been declared as critical. Affected by this vulnerability is the function torch.This bulletin contains information regarding the vulnerability and its fixture...

5.5CVSS5.4AI score0.00124EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/09 9:1 a.m.11 views

Security Bulletin: IBM Maximo Application Suite Ai-Service Component uses A vulnerability was found in PyTorch 2.6.0+cu124. It has been declared as critical. Affected by this vulnerability is the function torch

Summary Security Bulletin: IBM Maximo Application Suite Ai-Service Component uses A vulnerability was found in PyTorch 2.6.0+cu124. It has been declared as critical. Affected by this vulnerability is the function torch.This bulletin contains information regarding the vulnerability and its fixture...

7.5CVSS6.1AI score0.00084EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/09 9:0 a.m.20 views

Security Bulletin: IBM Maximo Application Suite Ai-Service Component uses Hugging Face Transformers MobileViTV2 Deserialization of Untrusted Data Remote Code Execution Vulnerability.

Summary Security Bulletin: IBM Maximo Application Suite Ai-Service Component uses Hugging Face Transformers MobileViTV2 Deserialization of Untrusted Data Remote Code Execution Vulnerability. .This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details...

8.8CVSS7AI score0.79534EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/08 11:59 p.m.19 views

Security Bulletin: Multiple security vulnerabilities affecting IBM Knowledge Catalog for IBM Cloud Pak for Data

Summary Multiple security vulnerabilities impacting IBM Knowledge Catalog for IBM Cloud Pak for Data. These vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2024-11393 DESCRIPTION: Hugging Face Transformers MaskFormer Model Deserialization of Untrusted Data Remote Code Executi...

8.8CVSS7.8AI score0.79534EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/05/08 11:52 p.m.51 views

Security Bulletin: Multiple security vulnerabilities affecting IBM Knowledge Catalog for IBM Cloud Pak for Data

Summary Multiple security vulnerabilities impacting IBM Knowledge Catalog for IBM Cloud Pak for Data. These vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2023-45133 DESCRIPTION: Babel could allow a local attacker to execute arbitrary code on the system, caused by a flaw in...

9.3CVSS9.6AI score0.00885EPSS
Exploits2Affected Software1
Total number of security vulnerabilities34986