Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
IbmRecent
RecentMost viewed

35006 matches found

IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:41 a.m.64 views

Security Bulletin: Multiple vulnerabilities in IBM WebSphere Application Server Liberty, OpenSSL, libcurl, and Apache Xerces C++ XML parser may affect IBM Storage Protect for Virtual Environments: Data Protection for VMware

Summary IBM Storage Protect for Virtual Environments: Data Protection for VMware can be affected by security flaws in IBM WebSphere Application Server Liberty, OpenSSL, libcurl, and Apache Xerces C++ XML parser, and Data Protection for VMware. The flaws can lead to server-side request forgery,...

9.8CVSS9.8AI score0.2625EPSS
Exploits9Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:40 a.m.46 views

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Node.js

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Node.js Vulnerability Details CVEID:CVE-2024-22017 DESCRIPTION: Node.js could allow a local attacker to gain elevated privileges on the system, caused by the failure of setuid to drop all privileges due to...

10CVSS8.4AI score0.01807EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:39 a.m.32 views

Security Bulletin: There are multiple vulnerabilities that can affect IBM Storage Scale System that are now included

Summary There are multiple vulnerabilities that can affect IBM Storage Scale System, which could provide weaker than expected security that are now fixed. Vulnerability Details CVEID:CVE-2024-36889 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by the failure to ensure...

7.8CVSS9.4AI score0.0005EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:38 a.m.16 views

Security Bulletin: This Power System update is being released to address CVE-2023-52340

Summary The Linux kernel is used by the Virtualization Management Interface in PowerVM to support network communication with the Hardware Management Console. This bulletin provides a remediation for the impacted vulnerability, CVE-2023-52340, by upgrading PowerVM and thus addressing the exposure ...

7.5CVSS7AI score0.00084EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:38 a.m.32 views

Security Bulletin: Multiple Security Vulnerabilities discovered in IBM Security Verify Access Appliance

Summary Security Bulletin: Multiple Security Vulnerabilities were addressed in IBM Security Verify Access Appliance and IBM Verify Identity Access Vulnerability Details CVEID:CVE-2018-25091 DESCRIPTION: urllib3 could allow a remote attacker to obtain sensitive information, caused by not removing...

7.5CVSS9.7AI score0.00917EPSS
Exploits3Affected Software2
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:38 a.m.42 views

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation Fixes for May 2024.

Summary In addition to OS level package updates, multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 21.0.3-IF033 and 23.0.2-IF005. Vulnerability Details CVEID:CVE-2024-21501 DESCRIPTION: Node.js sanitize-html module could allow a remote attacker to obtain...

9.8CVSS10AI score0.04265EPSS
Exploits7Affected Software2
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:37 a.m.80 views

Security Bulletin: Multiple vulnerabilities in IBM Spectrum Protect Plus Container backup and restore for Kubernetes and OpenShift

Summary IBM Spectrum Protect Plus Container backup and restore for OpenShift can be affected by vulnerabilities in Python, OpenSSH, Golang Go, Redis, urllib3, dnspython and gunicorn. Vulnerabilities include denial of service, cross-site scripting, gain elevated privileges on the system, allow a...

9.8CVSS9.9AI score0.4932EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:37 a.m.66 views

Security Bulletin: IBM Operational Decision Manager for April 2024 - Multiple CVEs addressed

Summary IBM Operational Decision Manager is vulnerable to multiple remote code execution and denial of service attacks in third party and open source used in the product for various functions. See full list below. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2014-0114...

9.8CVSS9.9AI score0.92332EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:36 a.m.29 views

Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities

Summary IBM QRadar SIEM includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. These have been addressed in the update. Vulnerability Details CVEID:CVE-2024-21235 DESCRIPTION: Vulnerability in Java SE component: Hotspot. Difficult to...

5.4CVSS9.1AI score0.84587EPSS
Exploits15Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:36 a.m.28 views

Security Bulletin: Execution Engine for Apache Hadoop is vulnerable to denial of service, buffer overflow and allow a local authenticated attacker to gain elevated privileges

Summary glibc, gnutls, gnupg are used by Execution Engine for Apache Hadoop in all the components. CVE-2023-0687, CVE-2023-4911, CVE-2021-3998, CVE-2023-5156, CVE-2023-4527, CVE-2023-4813, CVE-2022-3515, CVE-2024-28835, CVE-2024-28834 Vulnerability Details CVEID:CVE-2023-0687 DESCRIPTION: GNU C...

9.8CVSS9.6AI score0.6505EPSS
Exploits27Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:34 a.m.55 views

Security Bulletin: Multiple vulnerabilities affect IBM Db2® on Cloud Pak for Data, and Db2 Warehouse on Cloud Pak for Data

Summary IBM has released the below fix for IBM Db2® on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data in response to multiple vulnerabilities found in multiple components. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details...

9.8CVSS9.7AI score0.8434EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:34 a.m.22 views

Security Bulletin: Multiple vulnerabilities in IBM Cloud Pak for Multicloud Management

Summary Multiple vulnerabilities in IBM Cloud Pak for Multicloud Management have been delivered in a HotFix for 2.3 FP9 Vulnerability Details CVEID:CVE-2024-6600 DESCRIPTION: Mozilla Firefox could allow a remote attacker to gain unauthorized access to the system, caused by a memory corruption in...

9.8CVSS10AI score0.00768EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:32 a.m.196 views

Security Bulletin: Vulnerabilities in axios affect IBM Voice Gateway

Summary Security Vulnerabilities in base image packages affect IBM Voice Gateway. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2023-6597 DESCRIPTION: Python could provide weaker than expected security, caused by an issue with tempfile.TemporaryDirectory fails removing...

8.6CVSS10AI score0.00725EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:31 a.m.41 views

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Operator package issues

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Operator package issues. We have performed updates to the Operators used by our Speech Services. The following vulnerabilities have been addressed in this update. Please read the details for...

9.8CVSS9.8AI score0.03367EPSS
Exploits11Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:30 a.m.19 views

Security Bulletin: Vulnerabilities in linux-firmware (CVE-2022-46329, CVE-2023-20592) affect Power HMC.

Summary The linux-firmware library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2022-46329 DESCRIPTION: Intel PROSet/Wireless WiFi and Killer WiFi products could allow a local authenticated attacker to gain elevated...

8.2CVSS6.6AI score0.0036EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:30 a.m.47 views

Security Bulletin: IBM MaaS360 Cloud Extender Agent, Configuration Utility, Email Notification, Real Time Action and Base Module affected by multiple vulnerabilities (CVE-2023-46219, CVE-2023-46218, CVE-2023-52071, CVE-2024-0853)

Summary Vulnerabilities contained within libcurl a 3rd party component were addressed in the IBM MaaS360 Cloud Extender Agent, Configuration Utility, Email Notification, Realtime Action and Base Modules. Vulnerability Details CVEID:CVE-2023-46219 DESCRIPTION: cURL libcurl could allow a remote...

6.5CVSS8AI score0.00213EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:29 a.m.36 views

Security Bulletin: IBM Security Verify Governance - Identity Manager virtual appliance has multiple vulnerabilities

Summary Multiple security vulnerabilities in the dependent components have been addressed in IBM Security Verify Governance - Identity Manager virtual appliance. Vulnerability Details CVEID:CVE-2023-52425 DESCRIPTION: libexpat is vulnerable to a denial of service, caused by improper system resour...

7.8CVSS9.3AI score0.0844EPSS
Exploits9Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:29 a.m.38 views

Security Bulletin: IBM Security Guardium is affected by multiple Kernel vulnerabilities

Summary IBM Security Guardium has addressed these vulnerabilities in an update. Vulnerability Details CVEID:CVE-2024-0443 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a flaw in the blkgs destruction path in block/blk-cgroup.c. A local authenticated attacker could...

9.1CVSS9AI score0.02683EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:28 a.m.79 views

Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities

Summary IBM QRadar SIEM includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. These have been addressed in the update. Vulnerability Details CVEID:CVE-2024-30203 DESCRIPTION: GNU Emacs could provide weaker than expected security,...

9.8CVSS9.9AI score0.00977EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:27 a.m.75 views

Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities

Summary IBM QRadar SIEM includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. These have been addressed in the update. Vulnerability Details CVEID:CVE-2019-13224 DESCRIPTION: oniguruma is vulnerable to a denial of service, caused by ...

9.8CVSS9.6AI score0.89361EPSS
Exploits14Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:24 a.m.52 views

Security Bulletin: IBM Cloud Pak for Network Automation 2.7 fixes multiple security vulnerabilities

Summary IBM Cloud Pak for Network Automation 2.7 fixes multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details CVEID:CVE-2023-24998 DESCRIPTION: Apache Commons FileUpload and Tomcat are vulnerable to a denial of service, caused by not limit the number of request parts t...

7.5CVSS10AI score0.43407EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:23 a.m.73 views

Security Bulletin: IBM Automation Decision Services - Multiple CVEs addressed (February 2024)

Summary IBM Automation Decision Services is vulnerable to denial of service attacks in third party and open source used in the product for various functions. See full list below. This vulnerability has been addressed. Vulnerability Details CVEID:CVE-2023-36054 DESCRIPTION: MIT Kerberos 5 aka krb5...

9CVSS9.9AI score0.01096EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:23 a.m.21 views

Security Bulletin: IBM QRadar Use Case Manager app is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. The update addresses these issues. Vulnerability Details CVEID:CVE-2024-45590 DESCRIPTION: expressjs body-parser is vulnerable to a denial of service, caused by ...

9.8CVSS9.4AI score0.54845EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:22 a.m.44 views

Security Bulletin: IBM Maximo Application Suite - IoT Component uses aiohttp-3.8.6-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl which is vulnerable to CVE-2024-23829, CVE-2023-49082, CVE-2024-23334 and CVE-2023-49081

Summary IBM Maximo Application Suite - IoT Component uses aiohttp-3.8.6-cp37-cp37m-manylinux217x8664.manylinux2014x8664.whl which is vulnerable to CVE-2024-23829, CVE-2023-49082, CVE-2024-23334 and CVE-2023-49081. This bulletin contains information regarding the vulnerability and its fixture...

7.5CVSS7.1AI score0.93602EPSS
Exploits18Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:22 a.m.29 views

Security Bulletin: Multiple vulnerabilities in Samba may affect IBM Storage Scale SMB protocol access method (CVE-2023-4091, CVE-2023-42669, CVE-2023-3961, CVE-2023-42670)

Summary Multiple samba vulnerabilities may affect IBM Storage Scale SMB protocol access method that could allow a remote authenticated attacker to execute arbitrary code or denial of the service on the system. Vulnerability Details CVEID:CVE-2023-4091 DESCRIPTION: Samba could allow a remote...

9.8CVSS8.3AI score0.01941EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:22 a.m.47 views

Security Bulletin: IBM QRadar Wincollect is vulnerable to using components with known vulnerabilities

Summary IBM QRadar Wincollect is vulnerable to using components with known vulnerabilities. IBM has addressed the relevant vulnerabilities with updates. Vulnerability Details CVEID:CVE-2020-19909 DESCRIPTION: cURL libcurl is vulnerable to a denial of service, caused by an integer overflow in...

9.8CVSS9.6AI score0.2625EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:21 a.m.55 views

Security Bulletin: Multiple vulnerabilities affect PowerSC and PowerSC MFA

Summary There are multiple vulnerabilities in PowerSC and PowerSC MFA. Vulnerability Details CVEID:CVE-2023-50939 DESCRIPTION: IBM PowerSC 1.3, 2.0, and 2.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID:...

9.8CVSS7AI score0.0009EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:20 a.m.71 views

Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities

Summary IBM QRadar SIEM includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. These have been addressed in the update. Vulnerability Details CVEID:CVE-2023-42503 DESCRIPTION: Apache Commons Compress is vulnerable to a denial of...

9.8CVSS9.5AI score0.0696EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:19 a.m.25 views

Security Bulletin: IBM Cognos Dashboards on Cloud Pak for Data has addressed security vulnerabilities

Summary There are vulnerabilities in IBM® Java™ Version 8 used by IBM Cognos Dashboards on Cloud Pak. IBM Cognos Dashboards on Cloud Pak has addressed these vulnerabilities by upgrading IBM® Java™. There are vulnerabilities in Open-Source Software OSS components consumed by IBM Cognos Dashboards ...

9.8CVSS9.7AI score0.24463EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:18 a.m.27 views

Security Bulletin: Multiple vulnerabilities in IBM WebSphere Application Server Liberty, OpenSSL, libcurl, and IBM Java may affect IBM Storage Protect for Virtual Environments: Data Protection for Microsoft Hyper-V

Summary IBM Storage Protect for Virtual Environments: Data Protection for Microsoft Hyper-V can be affected by security flaws in IBM WebSphere Application Server Liberty, OpenSSL, libcurl, and IBM Java. The flaws can lead to denial of service, sensitive information exposure, memory resource...

7.5CVSS8.1AI score0.00537EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:18 a.m.72 views

Security Bulletin: IBM Operational Decision Manager for January 2024 - Multiple CVEs addressed

Summary IBM Operational Decision Manager is vulnerable to multiple remote code execution and denial of service attacks in third party and open source used in the product for various functions. See full list below. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2023-34054...

9.8CVSS8.5AI score0.90845EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:17 a.m.69 views

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for March 2024.

Summary In addition to OS level package updates, multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 21.0.3-IF031 and 23.0.2-IF003. Vulnerability Details CVEID:CVE-2023-44270 DESCRIPTION: PostCSS could allow a remote attacker to bypass security restrictions,...

9.8CVSS9.7AI score0.86989EPSS
Exploits8Affected Software2
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:16 a.m.41 views

Security Bulletin: IBM SOAR QRadar Plugin App is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM SOAR QRadar Plugin App has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2023-38263 DESCRIPTION: IBM SOAR QRadar Plugin App could allow an...

9.8CVSS7.6AI score0.0095EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:13 a.m.14 views

Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in Plugin Framework for Java (PF4J)

Summary IBM Watson Discovery Cartridge for IBM Cloud Pak for Data contains a vulnerable version of Plugin Framework for Java PF4J. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2023-40828 DESCRIPTION: Plugin Framework for Java PF4J coul...

7.5CVSS7.9AI score0.01089EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 2:12 a.m.66 views

Security Bulletin: IBM Storage Ceph is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor in Grafana (CVE-2023-1387)

Summary Grafana is used by IBM Storage Ceph in the dashboard. CVE-2023-1387 This bulletin identifies the steps to take to address the vulnerability in Grafana. Vulnerability Details CVEID:CVE-2023-1387 DESCRIPTION: Grafana could allow a remote authenticated attacker to obtain sensitive informatio...

7.5CVSS5.4AI score0.00291EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/14 8:25 p.m.16 views

Security Bulletin: A security vulnerability has been identified in open source tomcat library used in IBM Quantum Safe Explorer (Mac and Windows Service)

Summary A security vulnerability has been identified in open source tomcat librarytomcat-embed-core-10.1.34 used in IBM Quantum Safe Explorer Mac and Windows Service Vulnerability Details CVEID:CVE-2025-24813 DESCRIPTION: Path Equivalence: 'file.Name' Internal Dot leading to Remote Code Execution...

10CVSS8.1AI score0.9413EPSS
Exploits44Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/14 8:23 p.m.14 views

Security Bulletin: Vulnerability in certifi affects IBM Cloud Pak for Data System 2.0 (CPDS 2.0) [CVE-2024-39689]

Summary The certifi package is used by IBM Cloud Pak for Data System 2.0 . IBM Cloud Pak for Data System 2.0 has addressed the applicable CVE CVE-2024-39689 Vulnerability Details CVEID:CVE-2024-39689 DESCRIPTION: Certifi is a curated collection of Root Certificates for validating the...

7.5CVSS9.2AI score0.26297EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/14 8:20 p.m.10 views

Security Bulletin: Vulnerability in certifi affects IBM Cloud Pak for Data System 2.0 (CPDS 2.0) [CVE-2023-37920]

Summary The certifi package is used by IBM Cloud Pak for Data System 2.0 . IBM Cloud Pak for Data System 2.0 has addressed the applicable CVE CVE-2023-37920 Vulnerability Details CVEID:CVE-2023-37920 DESCRIPTION: Certifi is a curated collection of Root Certificates for validating the...

9.8CVSS9AI score0.00119EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/14 6:39 p.m.25 views

Security Bulletin: IBM Maximo Application Suite is vulnerable to Unrestricted File Upload (CVE-2025-1500)

Summary IBM Maximo Application Suite is vulnerable to Unrestricted File Upload which could allow an authenticated user to upload a file with dangerous types that could be executed by another user if opened CVE-2025-1500. Vulnerability Details CVEID:CVE-2025-1500 DESCRIPTION: IBM Maximo Applicatio...

8CVSS6.3AI score0.00123EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/14 5:53 p.m.19 views

Security Bulletin: A vulnerability in Go affects IBM Robotic Process Automation for Cloud Pak which could lead to an authorization bypass (CVE-2024-45337).

Summary A vulnerability in Go affects IBM Robotic Process Automation for Cloud Pak which could lead to an authorization bypass CVE-2024-45337. Go is used by IBM Robotic Process Automation for Cloud Pak as part of its deployment. This bulletin identifies the fix required to resolve the...

9.1CVSS9.7AI score0.3863EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/14 3:17 p.m.40 views

Security Bulletin: IBM InfoSphere Information Server is affected by multiple vulnerabilities in ingress-nginx

Summary Multiple vulnerabilities in ingress-nginx that is used by IBM InfoSphere Information Server were addressed. Vulnerability Details CVEID:CVE-2025-1097 DESCRIPTION: A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the auth-tls-match-cn Ingre...

9.8CVSS8.6AI score0.91918EPSS
Exploits21Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/14 2:59 p.m.13 views

Security Bulletin: Vulnerabilities in dependencies affect IBM Voice Gateway

Summary Security Vulnerabilities in dependencies affect IBM Voice Gateway. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2025-24970 DESCRIPTION: Netty, an asynchronous, event-driven network application framework, has a vulnerability starting in version 4.1.91.Final and...

8.1CVSS7.2AI score0.00953EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/14 1:15 p.m.9 views

Security Bulletin: A vulnerability exists in the IBM Robotic Process Automation Control Center where user sessions are not invalidate after logout

Summary A vulnerability exists in IBM Robotic Process Automation Control Center where user sessions are not invalidate after logout. This bulletin identifies the fixes or remediations available to resolve this vulnerability. Vulnerability Details CVEID:CVE-2024-49825 DESCRIPTION: IBM Robotic...

6.3CVSS6.6AI score0.00093EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/14 1:14 p.m.10 views

Security Bulletin: A vulnerability in vite affects IBM Robotic Process Automation which could result in incorrect validation for WebSocket Connections (CVE-2025-24010).

Summary A vulnerability in vite affects IBM Robotic Process Automation which could result in incorrect validation for WebSocket Connections CVE-2025-24010. Vite is used by IBM Robotic Process Automation as part of it's user interface. This bulletin identifies the fixes required to resolve the...

6.5CVSS6.6AI score0.00092EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/14 10:55 a.m.31 views

Security Bulletin: IBM Asset Data Dictionary uses jackson-mapper-asl-1.9.2.jar which is vulnerable to CVE-2019-10172, CVE-2019-10202.

Summary IBM Asset Data Dictionary uses jackson-mapper-asl-1.9.2.jar which is vulnerable to CVE-2019-10172, CVE-2019-10202. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2019-10172 DESCRIPTION: Jackson-mapper-asl could allow a remot...

9.8CVSS7.5AI score0.07423EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/14 10:52 a.m.26 views

Security Bulletin: IBM Asset Data Dictionary uses jetty-http-9.4.48.v20220622.jar which is vulnerable to CVE-2024-6763.

Summary IBM Asset Data Dictionary uses jetty-http-9.4.48.v20220622.jar which is vulnerable to CVE-2024-6763. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-6763 DESCRIPTION: Eclipse Jetty is a lightweight, highly scalable,...

5.3CVSS6.6AI score0.01189EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/14 10:25 a.m.26 views

Security Bulletin: IBM Maximo Application Suite - Predict Component vulnerable to Microsoft LightGBM could allow a remote attacker to execute arbitrary code on the system.

Summary Security Bulletin: IBM Maximo Application Suite - Predict Component vulnerable to Microsoft LightGBM could allow a remote attacker to execute arbitrary code on the system.. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details...

8.1CVSS7.6AI score0.01877EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/14 10:22 a.m.24 views

Security Bulletin: Vulnerability in Apache Solr (lucene), Apache ZooKeeper and Logstash affect IBM Operations Analytics - Log Analysis (CVE-2024-9823, CVE-2024-47554)

Summary There is a potential denial of service with Apache Commons IO, Eclipse Jetty that affect Apache Solr lucene, Apache ZooKeeper and Logstash used by IBM Operations Analytics - Log Analysis Vulnerability Details CVEID:CVE-2024-9823 DESCRIPTION: There exists a security vulnerability in Jetty'...

7.5CVSS6.8AI score0.0068EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/14 9:38 a.m.10 views

Security Bulletin: IBM Maximo Application Suite uses nanoid-3.3.7.tgz which is vulnerable to CVE-2024-55565.

Summary IBM Maximo Application Suite uses nanoid-3.3.7.tgz which is vulnerable to CVE-2024-55565. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-55565 DESCRIPTION: nanoid aka Nano ID before 5.0.9 mishandles non-integer values...

4.3CVSS6.6AI score0.00107EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/14 9:36 a.m.13 views

Security Bulletin: IBM Maximo Application Suite uses requests-2.31.0-py3-none-any.whl which is vulnerable to CVE-2024-35195.

Summary IBM Maximo Application Suite uses requests-2.31.0-py3-none-any.whl which is vulnerable to CVE-2024-35195. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-35195 DESCRIPTION: Psf Requests could allow a local authenticated...

5.6CVSS6.2AI score0.00074EPSS
Exploits0Affected Software1
Total number of security vulnerabilities35006