35726 matches found
Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Db2 (October 2023 CPU)
Summary If you use IBM® Db2® as your database in your IBM Datacap deployment, please follow the Db2 security bulletin referred here to remedy the vulnerabilities. Vulnerability Details CVEID:CVE-2023-22081 DESCRIPTION: An unspecified vulnerability in Java SE related to the JSSE component could...
Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable ISC BIND denial of service vulnerabilities.
Summary Potential ISC BIND denial of service vulnerabilities CVE-2023-50868, CVE-2023-5517 have been identified that could affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details...
Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to less atarbitrary command execution vulnerability [CVE-2024-32487]
Summary Potential less atarbitrary command execution vulnerability CVE-2024-32487 have been identified that could affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-32487...
Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to JSON-java denial of service vulnerability [CVE-2023-5072]
Summary Potential JSON-java denial of service vulnerability CVE-2023-5072 have been identified that could affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2023-5072...
Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to Pallets Jinja cross-site scripting [ CVE-2024-22195]
Summary Potential Pallets Jinja cross-site scripting CVE-2024-22195 have been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-22195 DESCRIPTION:...
Security Bulletin: IBM watsonx Orchestrate for IBM Cloud Pak for Data affected by vulnerability in OpenSSH CVE-2024-6387
Summary Security Bulletin: IBM watsonx Orchestrate for IBM Cloud Pak for Data affected by vulnerability in OpenSSH CVE-2024-6387. Vulnerability Details CVEID:CVE-2024-6387 DESCRIPTION: OpenSSH could allow a remote attacker to execute arbitrary code on the system, caused by a signal handler race...
Security Bulletin: IBM Storage Ceph is vulnerable to Insufficient Granularity of Access Control in Ceph (CVE-2023-43040)
Summary Ceph RGW is used by IBM Storage Ceph in RGW as part of storage. CVE-2023-43040 This bulletin identifies the steps to take to address the vulnerability in Ceph. Vulnerability Details CVEID:CVE-2023-43040 DESCRIPTION: IBM Spectrum Fusion HCI could allow an attacker to perform unauthorized...
Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to Elastic Elasticsearch denial of service [ CVE-2024-23450]
Summary Potential Elastic Elasticsearch denial of service CVE-2024-23450 have been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-23450 DESCRIPTION...
Security Bulletin: IBM OpenPages is affected by multiple security vulnerabilities of DB2 Database Server (June 2024)
Summary IBM® Db2® Database Server is shipped as a supporting program of IBM OpenPages. Information about security vulnerabilities affecting IBM Db2 Database Server has been published in multiple security bulletins. Vulnerability Details Refer to the security bulletins listed in the...
Security Bulletin: Security vulnerabilities may affect IBM Java shipped with IBM TXSeries for Multiplatforms.
Summary Security vulnerabilities may affect IBM shipped with IBM Java TXSeries for Multiplatforms. The version of IBM Java shipped with IBM TXSeries for Multiplatforms has been updated to address the applicable issues. Vulnerability Details CVEID:CVE-2024-21094 DESCRIPTION: An unspecified...
Security Bulletin: Security vulnerabilities may affect IBM Java shipped with IBM CICS TX Standard
Summary Security vulnerabilities may affect IBM Java shipped with IBM CICS TX Standard. IBM CICS TX Standard has addressed the applicable issues. Vulnerability Details CVEID:CVE-2024-21094 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow a remote attack...
Security Bulletin: Security vulnerabilities may affect IBM Java shipped with IBM CICS TX Advanced
Summary Security vulnerabilities may affect IBM Java shipped with IBM CICS TX Advanced. IBM CICS TX Advanced has addressed the applicable issues. Vulnerability Details CVEID:CVE-2024-21094 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow a remote attack...
Security Bulletin: IBM Storage Ceph is vulnerable to a NULL Pointer Dereference in the RHEL UBI (CVE-2023-49083)
Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. CVE-2023-49083. Vulnerability Details CVEID:CVE-2023-49083 DESCRIPTION: Cryptography package for Python is vulnerable to a denial of...
Security Bulletin: IBM Storage Ceph is vulnerable to Command Injection in the RHEL UBI (CVE-2023-50447)
Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. CVE-2023-50447. Vulnerability Details CVEID:CVE-2023-50447 DESCRIPTION: Pillow could allow a remote attacker to execute arbitrary cod...
Security Bulletin: IBM Storage Ceph is vulnerable to Improper Input Validation in the RHEL UBI (CVE-2023-27043)
Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. CVE-2023-27043. Vulnerability Details CVEID:CVE-2023-27043 DESCRIPTION: Python could allow a remote attacker to bypass security...
Security Bulletin: IBM Storage Ceph is vulnerable to Improper Restriction of Operations within the Bounds of a Memory Buffer in the RHEL UBI (CVE-2023-39615)
Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. CVE-2023-39615. Vulnerability Details CVEID:CVE-2023-39615 DESCRIPTION: Xmlsoft Libxml2 is vulnerable to a denial of service, caused ...
Security Bulletin: IBM Storage Ceph is vulnerable to Uncontrolled Resource Consumption in the RHEL UBI (CVE-2023-2650, CVE-2023-3446, CVE-2023-4807)
Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. CVE-2023-2650, CVE-2023-3446, CVE-2023-4807. Vulnerability Details CVEID:CVE-2023-2650 DESCRIPTION: OpenSSL is vulnerable to a denial...
Security Bulletin: IBM Storage Ceph is vulnerable to an Out-of-bounds Write in the RHEL UBI (CVE-2024-2961)
Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. CVE-2024-2961. Vulnerability Details CVEID:CVE-2024-2961 DESCRIPTION: GNU C Library is vulnerable to a denial of service, caused by a...
Security Bulletin: IBM Storage Ceph is vulnerable to Improper Output Neutralization for Logs in the RHEL UBI (CVE-2023-28486)
Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. CVE-2023-28486. Vulnerability Details CVEID:CVE-2023-28486 DESCRIPTION: Sudo Project Sudo could allow a remote attacker to obtain...
Security Bulletin: IBM Storage Ceph is vulnerable to a NULL Pointer Dereference in the RHEL UBI (CVE-2024-33600)
Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. CVE-2024-33600. Vulnerability Details CVEID:CVE-2024-33600 DESCRIPTION: glibc is vulnerable to a denial of service, caused by a NULL...
Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to Okio GzipSource denial of service vulnerability [ CVE-2023-3635]
Summary Potential Okio GzipSource denial of service vulnerability CVE-2023-3635 have been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2023-3635...
Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to Dnspython denial of service vulnerability[ CVE-2023-29483]
Summary Potential Dnspython denial of service vulnerability CVE-2023-29483 have been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2023-29483...
Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to joblib arbitrary code execution vulnerability [ CVE-2024-34997]
Summary Potential joblib arbitrary code execution vulnerability CVE-2024-34997 have been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-34997...
Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to Node.js micromatch module denial of service vulnerability[ CVE-2024-4067]
Summary Potential Node.js micromatch module denial of service vulnerability CVE-2024-4067 have been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details...
Security Bulletin: IBM Storage Ceph is vulnerable to an Observable Discrepancy in the RHEL UBI (CVE-2023-5981)
Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. CVE-2023-5981. Vulnerability Details CVEID:CVE-2023-5981 DESCRIPTION: GNU GnuTLS could allow a remote attacker to obtain sensitive...
Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to ejs lack of pollution protection vulnerability [ CVE-2024-33883]
Summary Potential ejs aka Embedded JavaScript templates package lack of pollution protection vulnerability CVE-2024-33883 have been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information...
Security Bulletin: IBM Storage Ceph is vulnerable to an Observable Discrepancy in the RHEL UBI (CVE-2024-0553)
Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. CVE-2024-0553 Vulnerability Details CVEID:CVE-2024-0553 DESCRIPTION: GnuTLS could allow a remote attacker to obtain sensitive...
Security Bulletin: IBM Storage Ceph is vulnerable to Improper Link Resolution Before File Access or Time-of-check Time-of-use Race Condition in the RHEL UBI (CVE-2021-35937)
Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. CVE-2021-35937 Vulnerability Details CVEID:CVE-2021-35937 DESCRIPTION: RPM Project RPM could allow a local authenticated attacker to...
Security Bulletin: IBM Storage Ceph is vulnerable to CWE in the RHEL UBI (CVE-2023-42465)
Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. CVE-2023-42465 Vulnerability Details CVEID:CVE-2023-42465 DESCRIPTION: Sudo Project Sudo could allow a remote attacker to bypass...
Security Bulletin: IBM MaaS360 Cloud Extender VPN Module affected by vulnerabilities (CVE-2024-4603, CVE-2024--2511)
Summary Vulnerability contained within OpenSSL a 3rd party component was addressed in the IBM MaaS360 VPN Module. Vulnerability Details CVEID:CVE-2024-4603 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by improper input validation by the EVPPKEYparamcheck or EVPPKEYpubliccheck...
Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to webpack webpack-dev-middleware directory transversal vulnerability [CVE-2024-29180]
Summary Potential webpack webpack-dev-middleware directory transversal vulnerability CVE-2024-29180have been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details...
Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to Node.js follow-redirects module information disclosure vulnerability [ CVE-2024-28849]
Summary Potential Node.js follow-redirects module information disclosure vulnerability CVE-2024-28849 have been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details...
Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to Apache Thrift denial of service vulnerability [CVE-2020-13949]
Summary Potential Apache Thrift denial of service vulnerability CVE-2020-13949 have been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2020-13949...
Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to Apache Thrift security bypass vulnerability[ CVE-2018-1320]
Summary Potential Apache Thrift security bypass vulnerability CVE-2018-1320 have been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2018-1320...
Security Bulletin: IBM Storage Ceph is vulnerable to the Exposure of Sensitive Information to an Unauthorized Actor in the RHEL UBI (CVE-2023-45143)
Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. CVE-2023-45143. Vulnerability Details CVEID:CVE-2023-45143 DESCRIPTION: Node.js undici module could allow a remote authenticated...
Security Bulletin: IBM Storage Ceph is vulnerable to CWE in the RHEL UBI (CVE-2023-28487)
Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. CVE-2023-28487. Vulnerability Details CVEID:CVE-2023-28487 DESCRIPTION: Sudo Project Sudo could allow a remote attacker to obtain...
Security Bulletin: IBM Storage Ceph is vulnerable to the Insertion of Sensitive Information Into Sent Data in the RHEL UBI (CVE-2023-46218)
Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. CVE-2023-46218. Vulnerability Details CVEID:CVE-2023-46218 DESCRIPTION: cURL libcurl could allow a remote attacker to bypass security...
Security Bulletin: IBM Storage Ceph is vulnerable to OS Command Injection in Grafana (CVE-2022-25912, CVE-2022-25860, CVE-2022-25908)
Summary Simple Git is used by IBM Storage Ceph in Grafana for Metrics. This bulletin identifies the steps to take to address the vulnerability in IBM Storage Ceph. CVE-2022-25912, CVE-2022-25860, CVE-2022-25908. Vulnerability Details CVEID:CVE-2022-25912 DESCRIPTION: Node.js simple-git module cou...
Security Bulletin: IBM Storage Ceph is vulnerable to the Improper Restriction of Operations within the Bounds of a Memory Buffer in the RHEL UBI (CVE-2023-7104)
Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. CVE-2023-7104. Vulnerability Details CVEID:CVE-2023-7104 DESCRIPTION: SQLite SQLite3 is vulnerable to a heap-based buffer overflow,...
Security Bulletin: IBM Storage Ceph is vulnerable to an Infinite Loop in Grafana (CVE-2024-24786)
Summary Protobuf is used by IBM Storage Ceph in Grafana as part of metrics. This bulletin identifies the steps to take to address the vulnerability in Grafana. CVE-2024-24786. Vulnerability Details CVEID:CVE-2024-24786 DESCRIPTION: Protocol Buffers protobuf-go is vulnerable to a denial of service...
Security Bulletin: IBM Storage Ceph is vulnerable to a Path Traversal in Grafana (CVE-2023-49568, CVE-2023-49569)
Summary Go Git is used by IBM Storage Ceph in Grafana for Metrics. This bulletin identifies the steps to take to address the vulnerability in Grafana. CVE-2023-49568, CVE-2023-49569 Vulnerability Details CVEID:CVE-2023-49568 DESCRIPTION: go-git is vulnerable to a denial of service, caused by...
Security Bulletin: IBM Storage Ceph is vulnerable to CWE in the RHEL UBI (CVE-2023-43804)
Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. CVE-2023-43804. Vulnerability Details CVEID:CVE-2023-43804 DESCRIPTION: urllib3 could allow a remote authenticated attacker to obtain...
Security Bulletin: IBM Storage Ceph is vulnerable to an Inefficient Regular Expression Complexity in the RHEL UBI (CVE-2022-40897)
Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. CVE-2022-40897. Vulnerability Details CVEID:CVE-2022-40897 DESCRIPTION: Pypa Setuptools is vulnerable to a denial of service, caused ...
Security Bulletin: IBM Storage Ceph is vulnerable to a Reachable Assertion in the RHEL UBI (CVE-2024-33601)
Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. CVE-2024-33601. Vulnerability Details CVEID:CVE-2024-33601 DESCRIPTION: glibc is vulnerable to a denial of service, caused by a memor...
Security Bulletin: IBM Storage Ceph is vulnerable to Buffer Under-read in the RHEL UBI (CVE-2024-25629)
Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. CVE-2024-25629. Vulnerability Details CVEID:CVE-2024-25629 DESCRIPTION: C-ares is vulnerable to a denial of service, caused by an...
Security Bulletin: IBM Storage Ceph is vulnerable to Uncontrolled Resource Consumption in the RHEL UBI (CVE-2022-40898)
Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. CVE-2022-40898. Vulnerability Details CVEID:CVE-2022-40898 DESCRIPTION: Python Packaging Authority PyPA Wheel is vulnerable to a deni...
Security Bulletin: IBM Storage Ceph is vulnerable to External Control of File Name or Path in the RHEL UBI (CVE-2023-38546)
Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. CVE-2023-38546. Vulnerability Details CVEID:CVE-2023-38546 DESCRIPTION: cURL libcurl could allow a remote attacker to bypass security...
Security Bulletin: IBM Storage Ceph is vulnerable to an Improper Check or Handling of Exceptional Conditions in the RHEL UBI (CVE-2024-33602)
Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. CVE-2024-33602. Vulnerability Details CVEID:CVE-2024-33602 DESCRIPTION: glibc is vulnerable to a denial of service, caused by a memor...
Security Bulletin: IBM Storage Ceph is vulnerable to Inefficient Regular Expression Complexity in the RHEL UBI (CVE-2022-25881)
Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. CVE-2022-25881. Vulnerability Details CVEID:CVE-2022-25881 DESCRIPTION: Node.js http-cache-semantics module is vulnerable to a denial...
Security Bulletin: IBM Storage Ceph is vulnerable to an Improper Link Resolution Before File Access ('Link Following') in the RHEL UBI (CVE-2021-35939)
Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. CVE-2021-35939. Vulnerability Details CVEID:CVE-2021-35939 DESCRIPTION: RPM Project RPM could allow a local authenticated attacker to...