Lucene search
K

35715 matches found

IBM Security Bulletins
IBM Security Bulletins
•added 2024/09/26 6:8 p.m.•13 views

Security Bulletin: Vulnerability in linux affects IBM Integrated Analytics System [CVE-2024-27060]

Summary Redhat provided linux is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable CVE CVE-2024-27060 Vulnerability Details CVEID:CVE-2024-27060 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a null pointer dereference...

5.5CVSS5.9AI score0.00225EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/09/26 6:2 p.m.•26 views

Security Bulletin: Vulnerability in OpenSSL affects IBM Integrated Analytics System [CVE-2024-6119]

Summary Redhat provided OpenSSL is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable CVE CVE-2024-6119 Vulnerability Details CVEID:CVE-2024-6119 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by an error when performing...

7.5CVSS7.3AI score0.66594EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/09/26 5:51 p.m.•15 views

Security Bulletin: Vulnerability in linux affects IBM Integrated Analytics System [CVE-2024-27050]

Summary Redhat provided linux is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable CVE CVE-2024-27050 Vulnerability Details CVEID:CVE-2024-27050 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by not using OPTSSET macro in...

5.5CVSS6.2AI score0.00272EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/09/26 5:39 p.m.•26 views

Security Bulletin: Vulnerability in OpenSSL affects IBM Integrated Analytics System [CVE-2023-6129]

Summary Redhat provided OpenSSL is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable CVE CVE-2023-6129 Vulnerability Details CVEID:CVE-2023-6129 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a flaw in the POLY1305 MAC...

6.5CVSS6.9AI score0.02323EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/09/26 4:34 p.m.•24 views

Security Bulletin: Vulnerability in Network Time Protocol (NTP) affects IBM Integrated Analytics System [CVE-2023-26553]

Summary Redhat provided Network Time Protocol NTP is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable CVE CVE-2023-26553 Vulnerability Details CVEID:CVE-2023-26553 DESCRIPTION: NTP is vulnerable to a denial of service, caused by an out-of-bound...

5.6CVSS9.3AI score0.00703EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/09/26 4:23 p.m.•17 views

Security Bulletin: Vulnerability in Network Time Protocol (NTP) affects IBM Integrated Analytics System [CVE-2023-26551]

Summary Redhat provided Network Time Protocol NTP is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable CVE CVE-2023-26551 Vulnerability Details CVEID:CVE-2023-26551 DESCRIPTION: NTP is vulnerable to a denial of service, caused by an out-of-bound...

5.6CVSS9.3AI score0.0067EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/09/26 4:17 p.m.•17 views

Security Bulletin: Vulnerability in Network Time Protocol (NTP) affects IBM Integrated Analytics System [CVE-2023-26554]

Summary Redhat provided Network Time Protocol NTP is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable CVE CVE-2023-26554 Vulnerability Details CVEID:CVE-2023-26554 DESCRIPTION: NTP is vulnerable to a denial of service, caused by an out-of-bound...

5.6CVSS9.3AI score0.00645EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/09/26 4:9 p.m.•19 views

Security Bulletin: Vulnerability in Network Time Protocol (NTP) affects IBM Integrated Analytics System [CVE-2023-26552]

Summary Redhat provided Network Time Protocol NTP is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable CVE CVE-2023-26552 Vulnerability Details CVEID:CVE-2023-26552 DESCRIPTION: NTP is vulnerable to a denial of service, caused by an out-of-bound...

5.6CVSS9.3AI score0.00645EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/09/26 3:57 p.m.•19 views

Security Bulletin: Vulnerability in glibc affects IBM Integrated Analytics System [CVE-2023-5156]

Summary Redhat provided glibc is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable CVE CVE-2023-5156 Vulnerability Details CVEID:CVE-2023-5156 DESCRIPTION: GNU C Library glibc is vulnerable to a denial of service, caused by a memory leak in...

7.5CVSS8.1AI score0.01338EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/09/26 3:50 p.m.•20 views

Security Bulletin: Vulnerability in glibc affects IBM Integrated Analytics System [ CVE-2023-4806]

Summary Redhat provided glibc is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable CVE CVE-2023-4806 Vulnerability Details CVEID:CVE-2023-4806 DESCRIPTION: GNU glibc is vulnerable to a denial of service, caused by a use-after-free flaw in the...

5.9CVSS8.4AI score0.01439EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/09/26 3:40 p.m.•24 views

Security Bulletin: Vulnerability in glibc affects IBM Integrated Analytics System [ CVE-2023-4813]

Summary Redhat provided glibc is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable CVE CVE-2023-4813 Vulnerability Details CVEID:CVE-2023-4813 DESCRIPTION: glibc is vulnerable to a denial of service, caused by a use-after-free flaw in the gaihin...

5.9CVSS8.6AI score0.01655EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/09/26 2:57 p.m.•19 views

Security Bulletin: Vulnerability in libxml2 affects IBM Integrated Analytics System [ CVE-2023-39615]

Summary Redhat provided libxml2 is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable CVE CVE-2023-39615 Vulnerability Details CVEID:CVE-2023-39615 DESCRIPTION: Xmlsoft Libxml2 is vulnerable to a denial of service, caused by a global buffer...

6.5CVSS7AI score0.00667EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/09/26 2:44 p.m.•18 views

Security Bulletin: Vulnerability in OpenSSL affects IBM Integrated Analytics System [CVE-2022-3358]

Summary Redhat provided OpenSSL is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable CVE CVE-2022-3358 Vulnerability Details CVEID:CVE-2022-3358 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by the...

7.5CVSS7.7AI score0.02846EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/09/26 2:16 p.m.•17 views

Security Bulletin: Vulnerability in libxml2 affects IBM Integrated Analytics System [CVE-2022-23308]

Summary Redhat provided libxml2 is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable CVE CVE-2022-23308 Vulnerability Details CVEID:CVE-2022-23308 DESCRIPTION: libxml2 is vulnerable to a denial of service, caused by a use-after-free in the ID an...

7.5CVSS9.3AI score0.0601EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/09/26 2:5 p.m.•24 views

Security Bulletin: Vulnerability in BIND affects IBM Integrated Analytics System [CVE-2021-25219]

Summary Redhat provided BIND is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable CVE CVE-2021-25219 Vulnerability Details CVEID:CVE-2021-25219 DESCRIPTION: ISC BIND is vulnerable to a denial of service, caused by a flaw in response processing. ...

5.3CVSS5.6AI score0.08001EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/09/26 1:35 p.m.•26 views

Security Bulletin: IBM Observability with Instana using third-party Kubernetes Operators is affected by Multiple Security Vulnerabilities

Summary Multiple vulnerabilities were remediated in IBM Observability with Instana using third-party Kubernetes Operators build 281 Vulnerability Details CVEID:CVE-2023-38545 DESCRIPTION: libcurl and cURL are vulnerable to a heap-based buffer overflow, caused by the improper handling of hostnames...

9.8CVSS9.8AI score0.91969EPSS
Exploits9Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/09/26 1:32 p.m.•22 views

Security Bulletin: Vulnerability in glibc affects IBM Integrated Analytics System [ CVE-2021-33574]

Summary Redhat provided glibc is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable CVE CVE-2021-33574 Vulnerability Details CVEID:CVE-2021-33574 DESCRIPTION: GNU C Library aka glibc is vulnerable to a denial of service, caused by a use-after-fre...

9.8CVSS9.3AI score0.02898EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/09/26 1:10 p.m.•20 views

Security Bulletin: Vulnerability in glibc affects IBM Integrated Analytics System [CVE-2020-27618]

Summary Redhat provided glibc is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable CVE CVE-2020-27618 Vulnerability Details CVEID:CVE-2020-27618 DESCRIPTION: GNU C Library aka glibc or libc6 is vulnerable to a denial of service, caused by an err...

5.5CVSS7AI score0.00887EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/09/26 12:16 p.m.•31 views

Security Bulletin: IBM App Connect Enterprise are vulnerable to a denial of service due to node.js expressjs body-parser module. (CVE-2024-45590)

Summary IBM App Connect Enterprise are vulnerable to a denial of service due to node.js expressjs body-parser module. CVE-2024-45590. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2024-45590 DESCRIPTION: expressjs body-parser is vulnerabl...

7.5CVSS7.9AI score0.00824EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/09/26 11:43 a.m.•34 views

Security Bulletin: The Discovery Connector nodes in IBM App Connect Enterprise are vulnerable to a denial of service due to node.js micromatch module (CVE-2024-4067).

Summary The Discovery Connector nodes in IBM App Connect Enterprise are vulnerable to a denial of service due to node.js micromatch module CVE-2024-4067. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2024-4067 DESCRIPTION: Node.js...

5.3CVSS6.2AI score0.01429EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/09/26 8:39 a.m.•25 views

Security Bulletin: IBM Maximo Application Suite - Predict Component component uses certifi-2024.2.2-py3-none-any.whl which is vulnerable to this CVE-2024-39689

Summary IBM Maximo Application Suite - Predict Component component uses certifi-2024.2.2-py3-none-any.whl which is vulnerable to this CVE-2024-39689 Vulnerability Details CVEID:CVE-2024-39689 DESCRIPTION: Certifi python-certifi could provide weaker than expected security, caused by the use of...

7.5CVSS7.3AI score0.01049EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/09/25 8:37 p.m.•13 views

Security Bulletin: IBM Cognos Command Center has addressed vulnerabilites

Summary There are vulnerabilities in IBM® Semeru Java™ Version 11 used by IBM Cognos Command Center. IBM Cognos Command Center 10.2.5 IF3 has addressed the applicable CVEs by upgrading to IBM® Semeru Java™ Version 11.0.24.0. Additionally, IBM Cognos Command Center has addressed a vulnerability th...

7.3CVSS6.7AI score0.01276EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/09/25 7:9 p.m.•45 views

Security Bulletin: Vulnerability in Python affects IBM watsonx.data

Summary Requests have been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This is a product of how we use rebuildproxies to reattach the Proxy-Authorization header to requests. For HTTP connections sent through the tunnel, the proxy will identify...

6.1CVSS7.2AI score0.02782EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/09/25 7:7 p.m.•28 views

Security Bulletin: Vulnerabilities in gRPC affect watsonx.data

Summary gRPC is vulnerable to a denial of service attack as well as possibly allowing a remote attack to obtain sensitive information. This can affect watsonx.data. Vulnerability Details CVEID:CVE-2023-1428 DESCRIPTION: gRPC is vulnerable to a denial of service. By sending a specially crafted...

7.5CVSS7.7AI score0.00502EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/09/25 7:7 p.m.•48 views

Security Bulletin: Vulnerabilities in Google Protocol Buffers affect IBM watsonx.data

Summary Google Protocol Buffers and protobuf-java core and lite have multiple vulnerabilities that can affect watsonx.data. These vulnerablities include denail of service attacks and remote code executions, Vulnerability Details CVEID:CVE-2015-5237 DESCRIPTION: Google Protocol Buffers could allow...

8.8CVSS8.5AI score0.05106EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/09/25 7:6 p.m.•40 views

Security Bulletin: Vulnerabilities in Netty affect IBM watsonx.data

Summary Netty is vulnerable to HTTP request smuggling and weaker than expected security. These can affect watsonx.data. Vulnerability Details CVEID:CVE-2019-20444 DESCRIPTION: Netty is vulnerable to HTTP request smuggling, caused by a flaw in the HttpObjectDecoder.java. By sending a...

9.1CVSS9.1AI score0.13474EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/09/25 7:6 p.m.•45 views

Security Bulletin: Vulnerabilities in FasterXML jackson-databind and other packages affect IBM watsonx.data

Summary FasterXML jackson-databind, multiple Huawei products, multiple Oracle products, Guava, Google Protocol Buffers, protobuf-core, Netty, JetBrains Kotlin, netplex JSON Smart, Jettison, Eclipse Jetty, SnakeYaml and Perl have vulnerabilities that can affect watsonx.data. Vulnerability Details...

10CVSS10AI score0.49727EPSS
Exploits10Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/09/25 7:5 p.m.•20 views

Security Bulletin: Vulnerability in Okio GzipSource affects watsonx.data

Summary Okio GzipSource is vulnerable to a denial of service, caused by unhandled exception. This can affect watsonx.data. Vulnerability Details CVEID:CVE-2023-3635 DESCRIPTION: Okio GzipSource is vulnerable to a denial of service, caused by unhandled exception. By sending a specially crafted gzi...

7.5CVSS7.4AI score0.01077EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/09/25 7:5 p.m.•24 views

Security Bulletin: Vulnerability in Jettison affects IBM watsonx.data

Summary Jettison is vulnerable to a denial of service, caused by an infinite recursion when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. A remote attacker could exploit this vulnerability to cause a denial of service. This can affect...

7.5CVSS8.3AI score0.01009EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/09/25 7:4 p.m.•29 views

Security Bulletin: Vulnerabilities in Logback, Guava and Apache HTTPClient affect IBM watsonx.data

Summary Logback, Guava and Apache HTTPClient have vulnerabilties that can affect watsonx.data. These vulnerabilities include remote attacks to bypass security restrictions and remote authenticated attacker to execute arbitrary code on the system. Vulnerability Details CVEID:CVE-2021-42550...

8.5CVSS8.2AI score0.08665EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/09/25 7:3 p.m.•31 views

Security Bulletin: Vulnerability in Eclipse Jetty affects IBM watsonx.data

Summary Eclipse Jetty is vulnerable to a denial of service, caused by an integer overflow and buffer allocation in MetaDataBuilder.checkSize. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. This can affect...

7.5CVSS8.3AI score0.03754EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/09/25 7:3 p.m.•21 views

Security Bulletin: Vulnerability in Google Guava affects IBM watsonx.data

Summary Google Guava could allow a local authenticated attacker to obtain sensitive information, caused by a flaw with using Java's default temporary directory for file creation in FileBackedOutputStream. By sending a specially crafted request, an attacker could exploit this vulnerability to acce...

7.1CVSS6.7AI score0.00248EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/09/25 7:3 p.m.•40 views

Security Bulletin: Vulnerabilities in Protobuf-java affect IBM watsonx.data

Summary Protobuf-java core and lite are vulnerable to a denial of service attacks which can affect watsonx.data. Vulnerability Details CVEID:CVE-2022-3171 DESCRIPTION: protobuf-java core and lite are vulnerable to a denial of service, caused by a flaw in the parsing procedure for binary and text...

7.5CVSS7.7AI score0.01048EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/09/25 7:2 p.m.•43 views

Security Bulletin: Vulnerability in RabbitMQ Java Client affects IBM watsonx.data

Summary RabbitMQ Java Client is vulnerable to a denial of service, caused by no message size limit in maxBodyLebgth. By sending a specially crafted message, a remote attacker could exploit this vulnerability to cause a memory overflow, and results in a denial of service condition. This can affect...

7.5CVSS7.8AI score0.01061EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/09/25 7:2 p.m.•22 views

Security Bulletin: Vulnerability in Async Http Client affects IBM watsonx.data

Summary Async Http Client aka async-http-client could allow a remote attacker to bypass security restrictions, caused by the failure to parse the fragment identifier of the URL when handling '?' character. By using a specially-crafted URL with '?' character, an attacker could exploit this...

7.5CVSS7.5AI score0.03046EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/09/25 7:1 p.m.•41 views

Security Bulletin: Vulnerabilities in netplex JSON Smart affect watsonx.data

Summary Netplex JSON Smart is vulnerable to a denial of service, caused by either a flaw in the indexOf function of JSONParserByteArray or by not limiting the nesting of arrays or objects. This can affect watsonx.data. Vulnerability Details CVEID:CVE-2021-31684 DESCRIPTION: netplex JSON Smart is...

7.5CVSS8.3AI score0.023EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/09/25 7:0 p.m.•29 views

Security Bulletin: Vulnerability in Guava affects IBM watsonx.data

Summary Guava could allow a remote authenticated attacker to bypass security restrictions, caused by a temp directory creation vulnerability in com.google.common.io.Files.createTempDir. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass access...

3.3CVSS6.3AI score0.00964EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/09/25 7:0 p.m.•21 views

Security Bulletin: Vulnerablity in Okio GzipSource affects watsonx.data

Summary Okio GzipSource is vulnerable to a denial of service, caused by unhandled exception. This can affect watsonx.data. Vulnerability Details CVEID:CVE-2023-3635 DESCRIPTION: Okio GzipSource is vulnerable to a denial of service, caused by unhandled exception. By sending a specially crafted gzi...

7.5CVSS7.4AI score0.01077EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/09/25 6:59 p.m.•23 views

Security Bulletin: Vulnerability in pytest-dev py affects IBM watsonx.data

Summary pytest-dev py is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS flaw by the InfoSvnCommand argument. By sending a specially-crafted regex info data, a remote attacker could exploit this vulnerability to cause a denial of service condition. This c...

7.5CVSS7.8AI score0.01546EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/09/25 6:58 p.m.•27 views

Security Bulletin: Vulnerability in Apache Solr affects IBM watsonx.data

Summary Apache Solr could allow a remote attacker to bypass security restrictions, caused by improper access control by the Configsets API. The checks in place to prevent such features can be circumvented by using a combination of UPLOAD/CREATE actions. This vulnerability can be exploited when...

9.8CVSS6.4AI score0.78874EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/09/25 6:57 p.m.•26 views

Security Bulletin: Vulnerability in Google Guava affects IBM watsonx.data

Summary Google Guava could allow a local authenticated attacker to obtain sensitive information, caused by a flaw with using Java's default temporary directory for file creation in FileBackedOutputStream. By sending a specially crafted request, an attacker could exploit this vulnerability to acce...

7.1CVSS6.7AI score0.00248EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/09/25 6:56 p.m.•22 views

Security Bulletin: Vulnerabilities in Protobuf-java affect IBM watsonx.data

Summary Protobuf-java core and lite are vulnerable to denial of service attacks which can affect watsonx.data. Vulnerability Details CVEID:CVE-2022-3171 DESCRIPTION: protobuf-java core and lite are vulnerable to a denial of service, caused by a flaw in the parsing procedure for binary and text...

7.5CVSS7.7AI score0.01048EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/09/25 6:55 p.m.•27 views

Security Bulletin: Vulnerability in Protobuf-core affects IBM watsonx.data

Summary Protobuf-java core and lite are vulnerable to a denial of service, caused by a flaw in the parsing procedure for Message-Type Extensions. By sending non-repeated embedded messages with repeated or unknown fields, a remote authenticated attacker could exploit this vulnerability to cause lo...

7.5CVSS8.2AI score0.00483EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/09/25 6:55 p.m.•45 views

Security Bulletin: Vulnerabilities in Netty affect watsonx.data

Summary Netty has multiple vulnerabilities such as HTTP request smuggling, weaker than expected security, and denial of service attacks. These can affect watsonx.data. Vulnerability Details CVEID:CVE-2019-20444 DESCRIPTION: Netty is vulnerable to HTTP request smuggling, caused by a flaw in the...

9.1CVSS9AI score0.13474EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/09/25 6:54 p.m.•26 views

Security Bulletin: Vulnerability in Async Http Client affects IBM watsonx.data

Summary Async Http Client aka async-http-client could allow a remote attacker to bypass security restrictions, caused by the failure to parse the fragment identifier of the URL when handling '?' character. By using a specially-crafted URL with '?' character, an attacker could exploit this...

7.5CVSS7.5AI score0.03046EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/09/25 6:54 p.m.•17 views

Security Bulletin: Vulnerability in Node.js affects IBM watsonx.data

Summary Node.js follow-redirects module could allow a remote authenticated attacker to obtain sensitive information, caused by the leakage of credentials when clearing authorization header during cross-domain redirect, but keeping the proxy-authentication header. An attacker could exploit this...

6.5CVSS6.7AI score0.01044EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/09/25 6:53 p.m.•39 views

Security Bulletin: Vulnerabilities in Jettison affect IBM watsonx.data

Summary Jettison is vulerable to denial of service attacks. This can affect watsonx.data. Vulnerability Details CVEID:CVE-2022-40150 DESCRIPTION: jettison-json Jettison is vulnerable to a denial of service, caused by an out of memory flaw. By sending a specially-crafted XML or JSON data, a remote...

7.5CVSS8.6AI score0.01395EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/09/25 6:52 p.m.•22 views

Security Bulletin: Vulnerability in PyArrow Affects IBM watsonx.data

Summary PyArrow could allow a remote authenticated attacker to execute arbitrary code on the system. This can affect IBM watsonx.data Vulnerability Details CVEID:CVE-2023-47248 DESCRIPTION: PyArrow could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an...

9.8CVSS9.6AI score0.14414EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/09/25 6:52 p.m.•35 views

Security Bulletin: Vulnerability in Oracle MySQL Connectors Affects IBM watsonx.data

Summary An unspecified vulnerability in Oracle MySQL Connectors related to the Connector/J component could allow a remote attacker to cause high confidentiality, integrity and availability impacts. This can affect IBM watsonx.data. Vulnerability Details CVEID:CVE-2023-22102 DESCRIPTION: An...

8.3CVSS8.2AI score0.00872EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/09/25 6:50 p.m.•34 views

Security Bulletin: Vulnerabilityies in Google Guava affect IBM watsonx.data

Summary Google Guava has vulnerabilities that could allow a local authenticated attacker to obtain sensitive information, allow a remote authenticated attacker to bypass security restrictions and be vulnerable to demial of service attacks. This can affect watsonx.data. Vulnerability Details...

7.1CVSS7.9AI score0.05119EPSS
Exploits1Affected Software1
Total number of security vulnerabilities35715