Lucene search
K

35634 matches found

IBM Security Bulletins
IBM Security Bulletins
•added 2025/05/16 10:33 a.m.•13 views

Security Bulletin: There is a vulnerability in netty-common-4.1.115.Final.jar used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2025-25193)

Summary There is a vulnerability in netty-common-4.1.115.Final.jar used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2025-25193 DESCRIPTION: Netty, an asynchronous, event-driven network application framework, has a vulnerability in versions up ...

5.5CVSS5.5AI score0.00357EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2025/05/16 8:6 a.m.•31 views

Security Bulletin: Due to the use of Apache Tomcat, IBM ApplinX is vulnerable to an Improper Encoding or Escaping of Output vulnerability (CVE-2025-31651) and an Improper Input Validation vulnerability (CVE-2025-31651).

Summary Due to the use of Apache Tomcat, IBM ApplinX is vulnerable to an Improper Encoding or Escaping of Output vulnerability CVE-2025-31651 and an Improper Input Validation vulnerability CVE-2025-31651. Apache Tomcat has been updated within IBM ApplinX in order to address the vulnerabilities...

9.8CVSS7.1AI score0.66933EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2025/05/16 1:36 a.m.•28 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects App Connect Professional

Summary There are multiple vulnerabilities in the IBM SDK Java Technology used by App Connect Professional. These issue were disclosed as part of the IBM Java SDK updates in October 2024, App Connect Professional has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2024-21235...

5.3CVSS5.8AI score0.01157EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2025/05/16 12:54 a.m.•14 views

Security Bulletin: IBM Content Navigator is vulnerable to HTML injection.

Summary IBM Content Navigator has addressed the following vulnerability. Vulnerability Details CVEID:CVE-2024-51475 DESCRIPTION: IBM Content Navigator is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web...

6.1CVSS6.8AI score0.00219EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2025/05/15 10:55 p.m.•11 views

Security Bulletin: Astronomer with IBM is vulnerable to buffer overflow due to the OpenSSL package (CVE-2021-3711).

Summary OpenSSL is used by Astronomer with IBM as part of secure communications. Vulnerability Details CVEID:CVE-2021-3711 DESCRIPTION: OpenSSL is vulnerable to a buffer overflow, caused by improper bounds checking by the EVPPKEYdecrypt function within implementation of the SM2 decryption. By...

9.8CVSS8.2AI score0.87816EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2025/05/15 10:54 p.m.•9 views

Security Bulletin: Astronomer with IBM is vulnerable to arbitrary code execution due to the LangChain package (CVE-2023-38896).

Summary LangChain is used by Astronomer with IBM as part of LLM processing. Vulnerability Details CVEID:CVE-2023-38896 DESCRIPTION: LangChain could allow a remote attacker to execute arbitrary code on the system, caused by improper neutralization of user supplied-input by the frommathprompt and...

9.8CVSS7.6AI score0.01515EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2025/05/15 10:53 p.m.•10 views

Security Bulletin: Astronomer with IBM is vulnerable to arbitrary code execution due to the LangChain package (CVE-2023-39659).

Summary LangChain is used by Astronomer with IBM as part of LLM processing. Vulnerability Details CVEID:CVE-2023-39659 DESCRIPTION: LangChain could allow a remote attacker to execute arbitrary code on the system, caused by improper neutralization of user supplied-input by the PythonAstREPLTool.ru...

9.8CVSS7.6AI score0.01267EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2025/05/15 10:52 p.m.•16 views

Security Bulletin: Astronomer with IBM is vulnerable to security restriction bypass due to the Perl package (CVE-2023-47100).

Summary Perl is used by Astronomer with IBM as part of core processing. Vulnerability Details CVEID:CVE-2023-47100 DESCRIPTION: Perl could allow a remote attacker to bypass security restrictions, caused by improper handling of property name by the Sparseunipropstring function in regcomp.c. By usi...

6.7AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2025/05/15 8:36 p.m.•18 views

Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in Apache CXF (CVE-2025-23184)

Summary A vulnerability in Apache CXF that is used by InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2025-23184 DESCRIPTION: A potential denial of service vulnerability is present in versions of Apache CXF before 3.5.10, 3.6.5 and 4.0.6. In some edge cases, the...

7.5CVSS6.5AI score0.01941EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2025/05/15 8:23 p.m.•11 views

Security Bulletin: IBM Information Server is affected by an Information Disclosure vulnerability (CVE-2025-1138)

Summary An Information Disclosure vulnerability in IBM Information Server was addressed. Vulnerability Details CVEID:CVE-2025-1138 DESCRIPTION: IBM InfoSphere Information Server could disclose sensitive information to an authenticated user that could aid in further attacks against the system...

4.3CVSS5.8AI score0.00235EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2025/05/15 4:59 p.m.•23 views

Security Bulletin: Multiple vulnerabilities affect IBM® Semeru Runtime

Summary This bulletin for IBM Semeru Runtime covers all applicable Java SE CVEs published by OpenJDK as part of their April 2025 Vulnerability Advisory, plus CVE-2025-2900 and CVE-2025-4447. For more information please refer to OpenJDK's April 2025 Vulnerability Advisory and the CVE links below...

7.8CVSS6.8AI score0.0073EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2025/05/15 4:57 p.m.•27 views

Security Bulletin: Multiple vulnerabilities affect IBM® SDK, Java™ Technology Edition

Summary This bulletin for IBM SDK, Java Technology Edition covers all applicable Java SE CVEs published by Oracle as part of their April 2025 Critical Patch Update, plus CVE-2025-4447. For more information please refer to Oracle's April 2025 CPU Advisory and the CVE links referenced below...

7.8CVSS6.3AI score0.0073EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2025/05/15 2:37 p.m.•9 views

Security Bulletin: Vulnerability in Jsonpath-plus affects IBM watsonx Assistant for IBM Cloud Pak for Data

Summary A potential vulnerability in Jsonpath-plus has been identified that affects IBM watsonx Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-21534 DESCRIPTION: Jsonpath-plus could all...

9.8CVSS7.7AI score0.09076EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2025/05/15 2:29 p.m.•9 views

Security Bulletin: IBM MQ for HPE NonStop Server is affected by denial of service vulnerability (CVE-2025-23225)

Summary IBM MQ for HPE NonStop Server has addressed a denial of service vulnerability CVE-2025-23225, when a message without an MQXQH header is put to an XMITQ. Vulnerability Details CVEID:CVE-2025-23225 DESCRIPTION: IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD could allow an authenticated user to...

6.5CVSS6.3AI score0.00408EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2025/05/15 11:32 a.m.•13 views

Security Bulletin: Vulnerability in commons-compress affects IBM Integrated Analytics System (Sailfish) [CVE-2024-25710, CVE-2024-26308]

Summary The commons-compress package is used by IBM Integrated Analytics System . IBM Integrated Analytics System has addressed the applicable CVECVE-2024-25710, CVE-2024-26308. Vulnerability Details CVEID:CVE-2024-25710 DESCRIPTION: Loop with Unreachable Exit Condition 'Infinite Loop'...

8.1CVSS6.4AI score0.00898EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2025/05/15 11:20 a.m.•12 views

Security Bulletin: Vulnerability in [All] linux (Kernel) affects IBM Integrated Analytics System (Sailfish) [CVE-2021-47301, CVE-2024-27070].

Summary The All linux Kernel package is used by IBM Integrated Analytics System . IBM Integrated Analytics System has addressed the applicable CVECVE-2021-47301, CVE-2024-27070. Vulnerability Details CVEID:CVE-2021-47301 DESCRIPTION: In the Linux kernel, the following vulnerability has been...

7.8CVSS6.5AI score0.00239EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2025/05/14 8:57 p.m.•9 views

Security Bulletin: Vulnerability in VMware Tanzu Spring Framework affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in VMware Tanzu Spring Framework has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional...

4.3CVSS7.1AI score0.00536EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
•added 2025/05/14 8:57 p.m.•9 views

Security Bulletin: Vulnerability in Netty affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in Netty has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerability...

5.3CVSS6.9AI score0.0138EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
•added 2025/05/14 7:57 p.m.•15 views

Security Bulletin: Vulnerability in libssh affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in libsshp has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerabili...

5.3CVSS6.5AI score0.01421EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
•added 2025/05/14 7:56 p.m.•15 views

Security Bulletin: Vulnerability in libssh affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in libssh has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerabilit...

4.8CVSS7.4AI score0.00449EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
•added 2025/05/14 7:56 p.m.•10 views

Security Bulletin: Vulnerability in scikit-learn affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in scikit-learn has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information...

4.7CVSS6.3AI score0.00187EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
•added 2025/05/14 7:56 p.m.•20 views

Security Bulletin: Vulnerability in Webpack and Rspack affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in Webpack and Rspack has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information...

6.4CVSS6.7AI score0.00897EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2025/05/14 7:55 p.m.•8 views

Security Bulletin: Vulnerability in expressjs express affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in expressjs express has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information...

5CVSS7.2AI score0.00458EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
•added 2025/05/14 7:50 p.m.•13 views

Security Bulletin: IBM WebSphere Application Server is affected by a cross-site scripting vulnerability (CVE-2025-33104)

Summary IBM WebSphere Application Server is affected by a cross-site scripting vulnerability. Vulnerability Details CVEID:CVE-2025-33104 DESCRIPTION: IBM WebSphere Application Server is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the W...

7.6CVSS4.7AI score0.00199EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2025/05/14 7:47 p.m.•14 views

Security Bulletin: Vulnerability in Jinja affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in Jinja has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerability...

8.8CVSS7.3AI score0.005EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
•added 2025/05/14 7:46 p.m.•7 views

Security Bulletin: Vulnerability in nanoid (aka Nano ID) affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in nanoid aka Nano ID has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information...

4.3CVSS6.8AI score0.00679EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
•added 2025/05/14 7:43 p.m.•17 views

Security Bulletin: Vulnerability in expressjs body-parser affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in expressjs body-parser has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional informatio...

7.5CVSS7AI score0.00824EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
•added 2025/05/14 7:43 p.m.•12 views

Security Bulletin: Vulnerability in pillarjs affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in pillarjs has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information...

5CVSS7.2AI score0.00511EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
•added 2025/05/14 7:43 p.m.•10 views

Security Bulletin: Vulnerability in expressjs serve-static affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in expressjs serve-static has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional...

5CVSS7.2AI score0.00595EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
•added 2025/05/14 7:43 p.m.•5 views

Security Bulletin: Vulnerability in Protobuf affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in Protobuf has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information...

8.7CVSS7AI score0.02772EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
•added 2025/05/14 7:42 p.m.•9 views

Security Bulletin: Vulnerability in jshttp cookie affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in jshttp cookie has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information...

6.9CVSS7AI score0.00749EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
•added 2025/05/14 7:42 p.m.•14 views

Security Bulletin: Vulnerability in Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been...

3.7CVSS6.6AI score0.00651EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
•added 2025/05/14 7:42 p.m.•9 views

Security Bulletin: Vulnerability in Java SE affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in Java SE has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerabili...

3.7CVSS6AI score0.01157EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
•added 2025/05/14 7:26 p.m.•11 views

Security Bulletin: Vulnerability in expressjs body-parser affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in expressjs body-parser has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional informatio...

7.5CVSS7AI score0.00824EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
•added 2025/05/14 7:24 p.m.•13 views

Security Bulletin: Vulnerability in Java SE affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in Java SE has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerabili...

3.7CVSS5.8AI score0.00827EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
•added 2025/05/14 7:23 p.m.•11 views

Security Bulletin: Vulnerability in Netty netty-incubator-codec-ohttp affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in Netty netty-incubator-codec-ohttp has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additiona...

9.1CVSS7AI score0.00269EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
•added 2025/05/14 7:23 p.m.•14 views

Security Bulletin: Vulnerability in Bootstrap affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in Bootstrap has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information...

6.3AI score
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
•added 2025/05/14 7:22 p.m.•11 views

Security Bulletin: Vulnerability in SaxEventRecorder by QOS.CH logback version 0.1 to 1.3.14 and 1.4.0 to 1.5.12 on the Java platform, affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in SaxEventRecorder by QOS.CH logback version 0.1 to 1.3.14 and 1.4.0 to 1.5.12 on the Java platform, has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The...

5.9CVSS8AI score0.00404EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
•added 2025/05/14 7:22 p.m.•7 views

Security Bulletin: Vulnerability in Java SE affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in Java SE has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerabili...

3.7CVSS6AI score0.01018EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
•added 2025/05/14 7:22 p.m.•16 views

Security Bulletin: Vulnerability in pypa/setuptools affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in pypa/setuptools has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information...

8.8CVSS7.9AI score0.01939EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
•added 2025/05/14 7:21 p.m.•9 views

Security Bulletin: Vulnerability in aiohttp affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in aiohttp has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerabili...

7.5CVSS7AI score0.00576EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
•added 2025/05/14 7:21 p.m.•13 views

Security Bulletin: Vulnerability in Java SE affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in Java SE has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerabili...

5.3CVSS5.9AI score0.01157EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
•added 2025/05/14 7:20 p.m.•8 views

Security Bulletin: Vulnerability in axios affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in axios has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerability...

7.1AI score
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
•added 2025/05/14 7:19 p.m.•9 views

Security Bulletin: Vulnerability in Java SE affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in Java SE has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerabili...

4.8CVSS5.8AI score0.0095EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
•added 2025/05/14 6:7 p.m.•15 views

Security Bulletin: Astronomer with IBM is vulnerable to remote attacks due to the crewjam saml package (CVE-2020-27846).

Summary crewjam saml is used by Astronomer with IBM as part of identity verification. Vulnerability Details CVEID:CVE-2020-27846 DESCRIPTION: crewjam saml could allow a remote attacker to bypass security restrictions, caused by a signature verification vulnerability. By sending a specially-crafte...

10CVSS7AI score0.04872EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2025/05/14 4:46 p.m.•16 views

Security Bulletin: Multiple Vulnerabilities in IBM Event Streams

Summary Multiple vulnerabilities were addressed in IBM Event Streams version 11.7.0. Vulnerability Details CVEID:CVE-2024-52798 DESCRIPTION: path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cau...

8.7CVSS7.3AI score0.00792EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2025/05/14 4:42 p.m.•18 views

Security Bulletin: Improper Privilege Management vulnerability in IBM Event Streams

Summary IBM Event Streams is vulnerable to Improper Privilege Management vulnerability in Apache Kafka Clients to escalate from REST API access to filesystem/environment access, which may be undesirable in certain environments like in a SaaS. Vulnerability Details CVEID:CVE-2024-31141 DESCRIPTION...

6.5CVSS6.9AI score0.01129EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2025/05/14 2:58 p.m.•30 views

Security Bulletin: IBM i is vulnerable to a machine-in-the-middle attack due to mishandling error codes when verifying the host key by OpenSSH. [CVE-2025-26465]

Summary OpenSSH used by IBM i is vulnerable to a machine-in-the-middle attack due to mishandling error codes when verifying the host key as described in the vulnerability details section. This bulletin identifies the steps to take to address the vulnerability as described in the remediation/fixes...

6.8CVSS6.7AI score0.06997EPSS
Exploits4Affected Software6
IBM Security Bulletins
IBM Security Bulletins
•added 2025/05/14 1:53 p.m.•20 views

Security Bulletin: IBM SDK Java Technology Edition is vulnerable to CVE-2024-27267, affecting WebSphere Service Registry and Repository due to July 2024 CPU

Summary IBM SDK Java Technology Edition is vulnerable to CVE-2024-27267, used by WebSphere Service Registry and Repository. These issues were disclosed as part of the IBM Java SDK updates in January 2024. These issues are also addressed by WebSphere Application Server shipped with WebSphere Servi...

5.9CVSS6.5AI score0.00445EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2025/05/14 12:8 p.m.•9 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to gunicorn-22.0.0-py3-none-any.whl CVE-2024-6827

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to gunicorn-22.0.0-py3-none-any.whl CVE-2024-6827. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-6827 DESCRIPTION: Gunicorn version 21.2.0 does not properly...

7.5CVSS6.4AI score0.00738EPSS
Exploits0Affected Software1
Total number of security vulnerabilities35634