Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
IbmRecent
RecentMost viewed

35005 matches found

IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 3:19 a.m.27 views

Security Bulletin: Multiple vulnerabilities in XCC affect Cloud Pak System

Summary Multiple vulnerabilities in XCC affect Cloud Pak System. Vulnerability Details CVEID:CVE-2024-8281 DESCRIPTION: Lenovo XClarity Controller could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by an input validation weakness. An attacker could...

7.2CVSS7.9AI score0.00438EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 3:19 a.m.19 views

Security Bulletin: Improper access restrictions in IBM Jazz for Service Management exposes sensitive information (CVE-2024-47106)

Summary IBM Jazz for Service Management could allow a remote attacker to obtain sensitive information due to improper access restrictions in an unprotected directory CVE-2024-47106. Vulnerability Details CVEID:CVE-2024-47106 DESCRIPTION: IBM Jazz for Service Management could allow a remote attack...

7.5CVSS5.1AI score0.00106EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 3:18 a.m.24 views

Security Bulletin: IBM Integration Bus for z/OS is vulnerable to memory leaking, segmentation fault or heap-use-after-free due to Eclipse Mosquitto (CVE-2024-8376)

Summary IBM Integration Bus for z/OS is vulnerable to memory leaking, segmentation fault or heap-use-after-free due to Eclipse Mosquitto. Vulnerability Details CVEID:CVE-2024-8376 DESCRIPTION: In Eclipse Mosquitto up to version 2.0.18a, an attacker can achieve memory leaking, segmentation fault o...

7.5CVSS7.4AI score0.00295EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 3:18 a.m.82 views

Security Bulletin: IBM Planning Analytics Workspace is affected by vulnerabilities

Summary There are vulnerabilities in multiple Open Source Software OSS components consumed by IBM Planning Analytics Workspace. For more information about the vulnerability impact, refer to the table in the "Related Information" section. This Security Bulletin relates only to the direct usage of...

9.8CVSS10AI score0.92707EPSS
Exploits7Affected Software5
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 3:17 a.m.43 views

Security Bulletin: IBM Observability with Instana for Synthetic PoP is affected by Multiple Security Vulnerabilities

Summary Multiple vulnerabilities were addressed in IBM Observability with Instana for Synthetic PoP build 286 Vulnerability Details CVEID:CVE-2023-37920 DESCRIPTION: An unspecified error with the removal of e-Tugra root certificate in Certifi has an unknown impact and attack vector. CWE:CWE-345:...

9.8CVSS9.3AI score0.9389EPSS
Exploits11Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 3:15 a.m.53 views

Security Bulletin: IBM Cognos Controller is affected by vulnerabilities

Summary There are vulnerabilities in IBM® Java™, IBM® Websphere Application Server Liberty and Open-Source Software OSS components used by IBM Cognos Controller. Please refer to the table in the Related Information section for vulnerability impact. This Security Bulletin relates only to the direc...

9.8CVSS10AI score0.00662EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 3:15 a.m.23 views

Security Bulletin: Vulnerability in Waitress affects IBM Process Mining (CVE-2024-49768)

Summary There is a vulnerability in Waitress that could allow a remote attacker to bypass a protection mechanism and cause a symlink attack. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details...

9.1CVSS6.9AI score0.00572EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 3:14 a.m.33 views

Security Bulletin: IBM InfoSphere DataStage Flow Designer is affected by a path traversal vulnerability (CVE-2024-52363)

Summary A path traversal vulnerability in IBM InfoSphere DataStage Flow Designer was addressed. Vulnerability Details CVEID:CVE-2024-52363 DESCRIPTION: IBM InfoSphere Information Server could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted...

7.5CVSS6.6AI score0.00158EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 3:14 a.m.43 views

Security Bulletin: IBM Concert Software is vulnerable to multiple issues

Summary IBM Concert Software uses multiple open source libraries which are susceptible to various security vulnerabilities. Vulnerability Details CVEID:CVE-2018-25031 DESCRIPTION: swagger-ui could allow a remote attacker to conduct spoofing attacks. By persuading a victim to open a...

9.8CVSS9.8AI score0.8042EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 3:13 a.m.31 views

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data v4.8.7 is vulnerable to multiple Base OS issues

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data v4.8.7 is vulnerable to multiple Base OS issues. We have updated the base image used by our Speech Services and the following vulnerabilities have been addressed. Please read the details for remediation below. Vulnerability...

9.8CVSS9.1AI score0.00944EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 3:13 a.m.27 views

Security Bulletin: A vulnerability in Ruby on Rails affects IBM License Metric Tool v9.

Summary There are vulnerabilities in the Ruby On Rails component used by IBM License Metric Tool. Vulnerability Details CVEID:CVE-2024-47887 DESCRIPTION: railsis vulnerable to a denial of service, caused by a regular expression denial of service ReDoS flaw in HTTP Token authentication in Action...

8.7CVSS6.3AI score0.00557EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 3:12 a.m.33 views

Security Bulletin: Vulnerabilities in Linux Kernel might affect IBM Storage Copy Data Management.

Summary IBM Storage Copy Data Management can be affected by vulnerabilities in Linux Kernel. Vulnerabilities include a local authenticated attacker could exploit these vulnerabilities to cause a denial of service condition as described by the CVEs in the "Vulnerability Details" section...

7.8CVSS7.8AI score0.00018EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 3:11 a.m.51 views

Security Bulletin: Multiple Vulnerabilities in IBM CloudPak for AIOps

Summary Multiple vulnerabilities were addressed in IBM Cloud Pak for AIOps version 4.7.1 Vulnerability Details CVEID:CVE-2024-39705 DESCRIPTION: Natural Language Toolkit NLTK could allow a remote attacker to execute arbitrary code on the system, caused by a flaw when an untrusted packages have...

10CVSS10AI score0.10792EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 3:11 a.m.29 views

Security Bulletin: IBM Guardium Data Security Center is affected by multiple vulnerabilities

Summary IBM Guardium Data Security Center has addressed these vulnerabilties with an update. Vulnerability Details CVEID:CVE-2023-2976 DESCRIPTION: Google Guava could allow a local authenticated attacker to obtain sensitive information, caused by a flaw with using Java's default temporary directo...

10CVSS9.3AI score0.09975EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 3:10 a.m.31 views

Security Bulletin: IBM Maximo Asset Management application is vulnerable to allow a remote attacker to traverse directories on the system. (CVE-2024-45652)

Summary IBM Maximo MXAPIASSET API could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system. Vulnerability Details CVEID:CVE-2024-45652 DESCRIPTION: IBM Maxi...

7.5CVSS6.5AI score0.00074EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 3:10 a.m.11 views

Security Bulletin: IBM Technical Support Appliance - possible security flaws or denial of service

Summary Numerous fixes to the Linux kernel for reported issues related to various security vulnerabilities such as denial of service, unauthorized access, or leakage of sensitive data. Vulnerability Details CVEID:CVE-2022-48773 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, cause...

7.1CVSS9AI score0.00159EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 3:9 a.m.13 views

Security Bulletin: Vulnerabilities in linux-firmware (CVE-2023-20584, CVE-2023-31315, CVE-2023-31356) affect Power HMC.

Summary The linux-firmware library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2023-20584 DESCRIPTION: IOMMU improperly handles certain special address ranges with invalid device table entries DTEs, which may allow an...

7.5CVSS7AI score0.00032EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 3:6 a.m.74 views

Security Bulletin: IBM Concert Software is vulnerable to multiple issues

Summary IBM Concert Software uses multiple open source libraries which are susceptible to various security vulnerabilities. Vulnerability Details CVEID:CVE-2024-3154 DESCRIPTION: CRI-O could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by an arbitrary...

9.8CVSS9.8AI score0.944EPSS
Exploits22Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 3:5 a.m.91 views

Security Bulletin: IBM Cognos Analytics is affected by multiple vulnerabilities

Summary IBM Cognos Analytics is affected by vulnerabilities in IBM WebSphere Application Server Liberty and Open-Source Software OSS. Issues related to these components have been addressed by upgrading or removing the vulnerable libraries. Additionally, a cross-site scripting XSS vulnerability ha...

9.8CVSS10AI score0.944EPSS
Exploits22Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 3:4 a.m.34 views

Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities

Summary IBM QRadar SIEM includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. These have been addressed in the update. Vulnerability Details CVEID:CVE-2023-31346 DESCRIPTION: AMD SEV-SNP Firmware could allow a local authenticated...

9.1CVSS10AI score0.04916EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 3:3 a.m.85 views

Security Bulletin: Multiple Vulnerabilities in IBM CloudPak for AIOps

Summary Multiple vulnerabilities were addressed in IBM Cloud Pak for AIOps version 4.7.0 Vulnerability Details CVEID:CVE-2024-43380 DESCRIPTION: floraison fugit is vulnerable to a denial of service, caused by improper input validation by the natural parser. By sending a specially crafted request,...

8.8CVSS10AI score0.88537EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 3:2 a.m.38 views

Security Bulletin: IBM Technical Suppport Appliance - possible security flaws or denial of service

Summary Numerous fixes to the Linux kernel for reported issues related to various security vulnerabilities such as demnial of service, unauthorized access, or leakage of sensitive data. Vulnerability Details CVEID:CVE-2021-46984 DESCRIPTION: Linux Kernel could allow a local attacker to obtain...

7.8CVSS8.9AI score0.00031EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 3:2 a.m.18 views

Security Bulletin: Red Hat OpenShift on IBM Cloud is affected by a runc security vulnerability (CVE-2024-45310)

Summary Red Hat OpenShift on IBM Cloud is affected by a security vulnerability found in the runc component which could allow a remote attacker to bypass security restrictions CVE-2024-45310 Vulnerability Details CVEID: CVE-2024-45310 Description: Open Container Initiative runc could allow a remot...

3.6CVSS6.4AI score0.0015EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:58 a.m.57 views

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 8.0.6

Summary In addition to updates of open source dependencies, the following security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 8.0.6 Vulnerability Details CVEID:CVE-2024-2398 DESCRIPTION: cURL libcurl is vulnerable to a denial of service, caused by a memory le...

9.8CVSS9.5AI score0.02269EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:58 a.m.6 views

Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in cert-manager

Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of cert-manager. Vulnerability Details CVEID:CVE-2024-36537 DESCRIPTION: cert-manager could allow a remote authenticated attacker to gain elevated privileges on the system, caused by an insecure permissions flaw. By obtaining...

7.2CVSS7.2AI score0.00173EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:57 a.m.73 views

Security Bulletin: Multiple vulnerabilites in IBM Rational Build Forge.

Summary IBM Rational Build Forge 8.0.0.27 addresses multiple vulnerabilites Vulnerability Details CVEID:CVE-2024-40898 DESCRIPTION: Apache HTTP Server is vulnerable to server-side request forgery, caused by an error on Windows with modrewrite in server/vhost context. By sending a specially crafte...

9.8CVSS9.8AI score0.9067EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:57 a.m.93 views

Security Bulletin: IBM Aspera Console has addressed multiple vulnerabilities.

Summary This Security Bulletin addresses multiple vulnerabilities that have been remediated in IBM Aspera Console 3.4.5. Vulnerability Details CVEID:CVE-2024-40725 DESCRIPTION: Apache HTTP Server allow a remote attacker to obtain sensitive information, caused by an incomplete fix for CVE-2024-398...

9.8CVSS9AI score0.92346EPSS
Exploits5Affected Software5
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:56 a.m.53 views

Security Bulletin: IBM Aspera Console has addressed multiple vulnerabilities (CVE-2024-38477, CVE-2021-38963, CVE-2024-38475, CVE-2024-38474)

Summary This Security Bulletin addresses multiple vulnerabilities that have been remediated in IBM Aspera Console 3.4.5. Vulnerability Details CVEID:CVE-2024-38477 DESCRIPTION: Apache HTTP Server is vulnerable to a denial of service, caused by a NULL pointer dereference flaw in modproxy. By sendi...

9.8CVSS9.6AI score0.93858EPSS
Exploits1Affected Software5
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:56 a.m.68 views

Security Bulletin: IBM Planning Analytics Workspace is affected by vulnerabilities

Summary There are vulnerabilities in multiple Open Source Software OSS components consumed by IBM Planning Analytics Workspace. These issues have been addressed by upgrading or removing the vulnerable libraries. Additionally, two Malicious File Upload vulnerabilities have been addressed. Please...

9.8CVSS9.7AI score0.93858EPSS
Exploits2Affected Software5
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:56 a.m.92 views

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for August 2024.

Summary Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 21.0.3-IF036 and 24.0.0-IF002. Vulnerability Details CVEID:CVE-2024-38473 DESCRIPTION: Apache HTTP Server could allow a remote attacker to bypass security restrictions, caused by an encoding flaw in...

9.8CVSS10AI score0.93858EPSS
Exploits7Affected Software2
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:55 a.m.15 views

Security Bulletin: Multiple vulnerabilities in IBM webMethods Integration

Summary An authenticated developer user can utilize webMethods Integration Server to create a user through the scheduler service and then elevate that user to an administrator using runAsUser. This action provides elevated privileges for the developer user. webMethods Integration Server could...

9.9CVSS8.1AI score0.00237EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:55 a.m.26 views

Security Bulletin: IBM Controller is affected by vulnerabilities

Summary There are vulnerabilities in IBM® Websphere Application Server Liberty and Open-Source Software OSS components used by IBM Controller. Additionally, due to weak password requirements, IBM Controller is susceptible to compromised user accounts. Please refer to the table in the Related...

8.7CVSS9.5AI score0.12634EPSS
Exploits2Affected Software2
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:54 a.m.49 views

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities found in Java, Node.js and IBM WebSphere Application Server Liberty

Summary There are multiple vulnerabilities in Java, Node.js and IBM WebSphere Application Server Liberty used by IBM Cloud Transformation Advisor. Vulnerability Details CVEID:CVE-2024-22020 DESCRIPTION: Node.js could allow a remote attacker to execute arbitrary code on the system. By embedding...

8CVSS10AI score0.0239EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:54 a.m.57 views

Security Bulletin: IBM Instana Observability is affected by multiple vulnerabilities within Instana Agent container image

Summary Multiple vulnerabilities were remediated in IBM Observability with Instana within Instana Agent container image build 279. Vulnerability Details CVEID:CVE-2024-24790 DESCRIPTION: An unspecified error related to various Is methods IsPrivate, IsLoopback, etc did not work as expected for...

9.8CVSS8.8AI score0.64852EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:53 a.m.86 views

Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities

Summary IBM QRadar SIEM includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. These have been addressed in the update. Vulnerability Details CVEID:CVE-2024-24806 DESCRIPTION: libuv is vulnerable to server-side request forgery, caused...

8.6CVSS9.5AI score0.00675EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:50 a.m.45 views

Security Bulletin: Denial of service, directory traversal, and other vulnerabilities might affect IBM Storage Defender – Resiliency Service

Summary IBM Storage Defender – Resiliency Service is vulnerable to denial of service, directory traversal, and others. The vulnerabilities have been addressed. CVE-2024-49767, CVE-2024-49766, CVE-2024-39614, CVE-2024-38875, CVE-2024-41989, CVE-2024-41990, CVE-2024-41991, CVE-2024-47119,...

9.1CVSS8.9AI score0.06838EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:50 a.m.71 views

Security Bulletin: IBM QRadar Network Packet Capture includes components with multiple known vulnerabilities

Summary The product includes multiple vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. IBM has addressed the relevant CVEs. Vulnerability Details CVEID:CVE-2024-0553 DESCRIPTION: GnuTLS could allow a remote attacker to obtain sensitive...

7.8CVSS9.8AI score0.17234EPSS
Exploits19Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:49 a.m.60 views

Security Bulletin: IBM Engineering Requirements Management DOORS/DWA vulnerabilities addressed in 9.7.2.9

Summary Apache Portable Runtime, The Expat XML Parser and DOORS Web Access are identified as vulnerable components with multiple reported vulnerabilities. The IBM Engineering Requirements Management DOORS/DWA product version 9.7.2.8 is vulnerable to the below mentioned CVEs. Remediation actions a...

9.8CVSS10AI score0.48782EPSS
Exploits12Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:49 a.m.45 views

Security Bulletin: Multiple Vulnerabilities in IBM Datacap

Summary Multiple vulnerabilities were addressed in IBM Datacap version 9.1.9 Interim Fix 005 Vulnerability Details CVEID:CVE-2024-39734 DESCRIPTION: IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 does not set the secure attribute on authorization tokens or session cookies. Attackers...

9.8CVSS7AI score0.00423EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:48 a.m.74 views

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for September and October 2024.

Summary Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 21.0.3-IF037 and 24.0.0-IF003. Vulnerability Details CVEID:CVE-2024-39249 DESCRIPTION: Async is vulnerable to a denial of service, caused by the ReDoS Regular Expression Denial of Service while...

8.5CVSS9.9AI score0.64852EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:48 a.m.34 views

Security Bulletin: Multiple Vulnerabilities in IBM CloudPak for AIOps

Summary Multiple vulnerabilities were addressed in IBM Cloud Pak for AIOps version 4.8.0 Vulnerability Details CVEID:CVE-2023-52492 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a NULL pointer dereference flaw in the channel unregistration function. By sending a...

8.7CVSS10AI score0.00421EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:47 a.m.41 views

Security Bulletin: Multiple vulnerabilities affect IBM Db2® on Cloud Pak for Data, and Db2 Warehouse on Cloud Pak for Data

Summary IBM has released the below fix for IBM Db2® on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data in response to multiple vulnerabilities found in multiple components. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details...

9.9CVSS10AI score0.91924EPSS
Exploits21Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:47 a.m.29 views

Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities

Summary IBM Security Guardium has addressed these vulnerabilities in an update. Vulnerability Details CVEID:CVE-2023-52581 DESCRIPTION: Linux Kernel could allow a local authenticated attacker to execute arbitrary code on the system, caused by a memory leak when more than 255 elements expired. By...

8.1CVSS8AI score0.76397EPSS
Exploits68Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:46 a.m.83 views

Security Bulletin: Multiple Vulnerabilities in IBM CloudPak for AIOps

Summary Multiple vulnerabilities were addressed in IBM Cloud Pak for AIOps version 4.6.0 Vulnerability Details CVEID:CVE-2022-25857 DESCRIPTION: Java package org.yaml:snakeyam is vulnerable to a denial of service, caused by missing to nested depth limitation for collections. By sending a...

8.2CVSS10AI score0.75933EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:43 a.m.40 views

Security Bulletin: IBM Security QRadar EDR Software has multiple vulnerabilities

Summary IBM Security QRadar EDR Software is affected by multiple vulnerabilities which could allow a remote attacker to bypass security restrictions or execute arbitrary code on the system. These vulnerabilities have been addressed in the latest update. Vulnerability Details CVEID:CVE-2023-28154...

10CVSS10AI score0.52083EPSS
Exploits9Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:42 a.m.30 views

Security Bulletin: IBM Technical Suppport Appliance - possible security flaws or denial of service

Summary Numerous fixes to the Linux kernel for reported issues related to various security vulnerabilities such as demnial of service, unauthorized access, or leakage of sensitive data. Vulnerability Details CVEID:CVE-2019-25162 DESCRIPTION: Linux Kernel s vulnerable to a denial of service, cause...

7.8CVSS9.4AI score0.00074EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:42 a.m.34 views

Security Bulletin: IBM Cloud Pak for Network Automation 2.7.4 addresses multiple security vulnerabilities

Summary IBM Cloud Pak for Network Automation 2.7.4 addresses multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details CVEID:CVE-2022-48554 DESCRIPTION: File is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the filecopystr function in...

7.8CVSS9.5AI score0.08423EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:42 a.m.48 views

Security Bulletin: IBM Security Verify Access is vulnerable to multiple Security Vulnerabilities

Summary The IBM Security Verify Access Appliance and IBM Security Verify Access Container has addressed multiple vulnerabilities in release 10.0.0.8. Vulnerability Details CVEID:CVE-2024-31883 DESCRIPTION: IBM Security Verify Access, under certain configurations, could allow an unauthenticated...

7.5CVSS7.6AI score0.00622EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:41 a.m.64 views

Security Bulletin: Multiple vulnerabilities in IBM WebSphere Application Server Liberty, OpenSSL, libcurl, and Apache Xerces C++ XML parser may affect IBM Storage Protect for Virtual Environments: Data Protection for VMware

Summary IBM Storage Protect for Virtual Environments: Data Protection for VMware can be affected by security flaws in IBM WebSphere Application Server Liberty, OpenSSL, libcurl, and Apache Xerces C++ XML parser, and Data Protection for VMware. The flaws can lead to server-side request forgery,...

9.8CVSS9.8AI score0.2625EPSS
Exploits9Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:40 a.m.46 views

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Node.js

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Node.js Vulnerability Details CVEID:CVE-2024-22017 DESCRIPTION: Node.js could allow a local attacker to gain elevated privileges on the system, caused by the failure of setuid to drop all privileges due to...

10CVSS8.4AI score0.01807EPSS
Exploits1Affected Software1
Total number of security vulnerabilities35005