35598 matches found
Security Bulletin: Multiple security vulnerabilities related to Angular and JJWT have been fixed in IBM Informix HQ 3.2.2.
Summary IBM Informix HQ versions before 3.2.2 are affected by several security flaws in third-party components Angular and JJWT. These vulnerabilities have been fixed in IBM Informix HQ 3.2.2. Vulnerability Details CVEID:CVE-2026-27970 DESCRIPTION: Angular is a development platform for building...
Security Bulletin: Due to the use of Perl, IBM Tivoli Network Manager IP Edition (ITNM) is affected by vulnerable version of Zlib within Perl.
Summary Perl is used by IBM Tivoli Network Manager IP Edition ITNM for core agents processing, collectors and general tooling CVE-2026-4176. Vulnerability Details CVEID:CVE-2026-4176 DESCRIPTION: Perl versions from 5.9.4 before 5.40.4-RC1, from 5.41.0 before 5.42.2-RC1, from 5.43.0 before 5.43.9...
Security Bulletin: Multiple Vulnerabilities in Hyper-Converged Database
Summary Multiple vulnerabilities were addressed in Hyper-Converged Database version 1.2.5 Vulnerability Details CVEID:CVE-2024-56433 DESCRIPTION: shadow-utils aka shadow 4.4 through 4.17.0 establishes a default /etc/subuid behavior e.g., uid 100000 through 165535 for the first user account that c...
Security Bulletin: IBM Turbonomic Prometurbo agent used by IBM Turbonomic Application Resource Management is affected by a single vulnerability (CVE-2026-6389)
Summary IBM Turbonomic Prometurbo is an agent used by IBM Turbonomic Application Resource Management to integrate with Prometheus to collect application metrics and send them to Turbonomic for analysis and generation of optimization plans. A security vulnerability has been addressed in the IBM...
Security Bulletin: InfoSphere Data Architect (IDA) is affected by Multiple Vulnerabilities.
Summary Multiple Vulnerabilities found in InfoSphere Data Architect IDA 9.2.0 . The vulnerabilities have been addressed in 9.2.1 version. Hence, IBM strongly recommends upgrading to 9.2.1 Vulnerability Details CVEID:CVE-2026-1188 DESCRIPTION: In the Eclipse OMR port library component since releas...
Security Bulletin: Multiple security vulnerabilities in IBM Business Automation Manager Open Editions
Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed in IBM Business Automation Manager Open Editions 9.4.1 Vulnerability Details CVEID:CVE-2026-33916 DESCRIPTION: Handlebars provides the power necessary to let users build...
Security Bulletin: Multiple Vulnerabilities in IBM Data Product Hub
Summary Multiple vulnerabilities were addressed in IBM Data Product Hub version 5.3.1 Patch 3 Vulnerability Details CVEID:CVE-2025-14923 DESCRIPTION: IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.2 IBM WebSphere Application Server Liberty could provide weaker than expected...
Security Bulletin: Platform Navigator in IBM Cloud Pak for Integration is vulnerable to vulnerability in Elliptic
Summary Platform Navigator in IBM Cloud Pak for Integration is vulnerable to vulnerability in Elliptic. CVE-2025-14505 The vulnerability have been addressed Vulnerability Details CVEID:CVE-2025-14505 DESCRIPTION: The ECDSA implementation of the Elliptic package generates incorrect signatures if a...
Security Bulletin: Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to vulnerability in Lodash
Summary Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to vulnerability in Lodash. CVE-2025-13465 The vulnerability have been addressed. Vulnerability Details CVEID:CVE-2025-13465 DESCRIPTION: Lodash versions 4.0.0 through 4.17.22 are vulnerable to...
Security Bulletin: IBM App Connect Enterprise is vulnerable to multiple vulnerabilities due to multiple node modules.
Summary IBM App Connect Enterprise runtime, IBM App Connect Enterprise Connector Discovery and OpenAPI Editor and IBM App Connect Enterprise Discovery Connectors are vulnerable to multiple vulnerabilities due to multiple node modules. Vulnerability Details CVEID:CVE-2026-33916 DESCRIPTION:...
Security Bulletin: Multiple vulnerabilities affect IBM® SDK, Java™ Technology Edition (CVE-2026-22016, CVE-2026-22021, CVE-2026-22013, CVE-2026-22018, CVE-2026-34268, CVE-2026-22007)
Summary This bulletin for IBM SDK, Java Technology Edition covers all applicable Java SE CVEs published by Oracle as part of their April 2026 Critical Patch Update. For more information please refer to Oracle's April 2026 CPU Advisory and the CVE links referenced below. Vulnerability Details...
Security Bulletin: IBM Tivoli Application Dependency Discovery Manager affected by multiple vulnerabilities due to IBM Java and its runtime
Summary IBM Tivoli Application Dependency Discovery Manager is vulnerable to denial of service due to use of IBM Java and runtimes CVE-2026-21945, CVE-2026-21932, CVE-2026-21933, CVE-2026-21925 Vulnerability Details CVEID:CVE-2026-21945 DESCRIPTION: Java SE is vulnerable to a denial of service,...
Security Bulletin: IBM Sterling Connect:Direct for Microsoft Windows is vulnerable to an issue in plexus-utils
Summary There is a vulnerability in plexus-utils used by IBM Sterling Connect:Direct for Microsoft Windows. IBM Sterling Connect:Direct for Microsoft Windows has addressed the applicable CVE CVE-2025-67030. Vulnerability Details CVEID:CVE-2025-67030 DESCRIPTION: Directory Traversal vulnerability ...
Security Bulletin: Vulnerabilities in kernel affects IBM Netezza Appliance
Summary The kernel package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEs CVE-2022-49846, CVE-2025-21759, CVE-2025-21887, CVE-2025-22004, CVE-2025-37799 Vulnerability Details CVEID:CVE-2022-49846 DESCRIPTION: In the Linux kernel, the following...
Security Bulletin: Vulnerabilities in kernel affects IBM Netezza Appliance
Summary The kernel package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEs CVE-2023-53373, CVE-2025-38556, CVE-2025-38614, CVE-2025-39757 Vulnerability Details CVEID:CVE-2023-53373 DESCRIPTION: In the Linux kernel, the following vulnerability has been...
Security Bulletin: Vulnerabilities in kernel affects IBM Netezza Appliance
Summary The kernel package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEs CVE-2025-21966, CVE-2025-37749, CVE-2025-21756 Vulnerability Details CVEID:CVE-2025-21966 DESCRIPTION: In the Linux kernel, the following vulnerability has been resolved: dm-flake...
Security Bulletin: Vulnerabilities in kernel affects IBM Netezza Appliance
Summary The kernel package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEs CVE-2025-37803, CVE-2025-38392, CVE-2025-39825 Vulnerability Details CVEID:CVE-2025-37803 DESCRIPTION: In the Linux kernel, the following vulnerability has been resolved: udmabuf:...
Security Bulletin: Vulnerabilities in httpd affects IBM Netezza Appliance
Summary The httpd package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEsCVE-2025-58098, CVE-2025-65082, CVE-2025-66200 Vulnerability Details CVEID:CVE-2025-58098 DESCRIPTION: Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled an...
Security Bulletin: Vulnerability in iperf affects IBM Netezza Appliance
Summary The iperf package is used by IBM Netezza Appliance. IBM Netezza Appliance has addressed the applicable CVE CVE-2025-54349. Vulnerability Details CVEID:CVE-2025-54349 DESCRIPTION: In iperf before 3.19.1, iperfauth.c has an off-by-one error and resultant heap-based buffer overflow...
Security Bulletin: Vulnerabilities in kernel affects IBM Netezza Appliance
Summary The kernel package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEs CVE-2025-21920, CVE-2025-21926, CVE-2025-21997, CVE-2025-22055, CVE-2025-37785, CVE-2025-37943 Vulnerability Details CVEID:CVE-2025-21920 DESCRIPTION: In the Linux kernel, the...
Security Bulletin: Vulnerabilities in kernel affects IBM Netezza Appliance
Summary The kernel package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEsCVE-2025-68285, CVE-2025-40154, CVE-2025-39697, CVE-2025-37891, CVE-2025-37849, CVE-2025-21795 Vulnerability Details CVEID:CVE-2025-68285 DESCRIPTION: In the Linux kernel, the...
Security Bulletin: Vulnerabilities in kernel affects IBM Netezza Appliance
Summary The kernel package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEs CVE-2025-38471, CVE-2025-38250, CVE-2025-38159, CVE-2025-38124, CVE-2024-28956, CVE-2025-21867, CVE-2025-38084, CVE-2025-38085 Vulnerability Details CVEID:CVE-2025-38471...
Security Bulletin: Vulnerabilities in kernel affects IBM Netezza Appliance
Summary The kernel package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEs CVE-2023-53034, CVE-2025-37761, CVE-2025-40318, CVE-2025-40277, CVE-2025-40258, CVE-2025-40251, CVE-2025-38289, CVE-2025-40141, CVE-2025-37869, CVE-2025-37789, CVE-2025-37819...
Security Bulletin: Vulnerabilities in kernel affects IBM Netezza Appliance
Summary The kernel package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEs CVE-2025-38472, CVE-2025-38527, CVE-2025-38718, CVE-2025-39682, CVE-2025-39698 Vulnerability Details CVEID:CVE-2025-38472 DESCRIPTION: In the Linux kernel, the following...
Security Bulletin: Multiple Vulnerabilities in IBM Edge Application Manager
Summary Multiple vulnerabilities were addressed in IBM Edge Application Manager 5.0.3 Vulnerability Details CVEID:CVE-2026-33228 DESCRIPTION: flatted is a circular JSON parser. Prior to version 3.4.2, the parse function in flatted can use attacker-controlled string values from the parsed JSON as...
Security Bulletin: IBM QRadar SIEM is vulnerable to using components with known vulnerabilities
Summary Multiple components with known vulnerabilities were addressed in IBM QRadar SIEM 7.5.0 UP15 IF02 Vulnerability Details CVEID:CVE-2025-14831 DESCRIPTION: A flaw was found in GnuTLS. This vulnerability allows a denial of service DoS by excessive CPU Central Processing Unit and memory...
Security Bulletin: Inadequate Pod Communication Restrictions, affects watsonx.data
Summary A security vulnerability has been identified in IBM watsonx.data due to insufficient restrictions on inter-pod communication. This misconfiguration may allow unauthorized data transfer between pods within the environment. Vulnerability Details CVEID:CVE-2025-36180 DESCRIPTION: IBM Lakehou...
Security Bulletin: IBM Guardium Data Protection is affected by a single vulnerability (CVE-2025-5115)
Summary IBM Guardium Data Protection has addressed this vulnerability in an update. Vulnerability Details CVEID:CVE-2025-5115 DESCRIPTION: In Eclipse Jetty, versions =9.4.57, =10.0.25, =11.0.25, =12.0.21, =12.1.0.alpha2, an HTTP/2 client may trigger the server to send RSTSTREAM frames, for exampl...
Security Bulletin: IBM Guardium Data Protection is affected by a single vulnerability (CVE-2025-8916)
Summary IBM Guardium Data Protection has addressed this vulnerability in an update. Vulnerability Details CVEID:CVE-2025-8916 DESCRIPTION: Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. BC Java bcpkix on All API modules, Legion of the Bouncy...
Security Bulletin: IBM Guardium Data Protection is affected by multiple vulnerabilities
Summary IBM Guardium Data Protection has addressed these vulnerabilities in an update. Vulnerability Details CVEID:CVE-2026-21945 DESCRIPTION: Java SE is vulnerable to a denial of service, caused by an easily exploitable vulnerability issue that allows an remote attacker to cause a hang or...
Security Bulletin: Enterprise Content Managemant System Monitor for March 2026 - multiple CVEs
Summary Enterprise Content Management System Monitor is vulnerable to multiple remote code execution and denial of service attacks in third party and open source used in the product for various functions. See full list below. The vulnerabilities have been addressed. Vulnerability Details...
Security Bulletin: vulnerability addressed in IBM Big Replicate LiveData Migrator 3.4
Summary The libraries affected include Aircompressor. Dependency packages are being used by IBM Big Replicate LiveData Migrator. This bulletin describes the upgrades necessary to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-36114 DESCRIPTION: Aircompressor is a library with...
Security Bulletin: IBM Security SOAR is using a component with a known vulnerability (CVE-2026-33750)
Summary IBM Security SOAR uses an older version of the brace-expansion component that may be identified and exploited. Updates for supported versions have been released which address the issue. It is recommended to upgrade to version 51.0.9.2 Vulnerability Details CVEID:CVE-2026-33750 DESCRIPTION...
Security Bulletin: IBM Security SOAR is using a component with a known vulnerability (CVE-2026-33532)
Summary IBM Security SOAR uses an older version of the YAML component that may be identified and exploited. Updates for supported versions have been released which address the issue. It is recommended to upgrade to version 51.0.9.2 Vulnerability Details CVEID:CVE-2026-33532 DESCRIPTION: yaml is a...
Security Bulletin: IBM Security SOAR is using a component with a known vulnerability (CVE-2026-26007)
Summary IBM Security SOAR uses an older version of the cryptography component that may be identified and exploited. Updates for supported versions have been released which address the issue. It is recommended to upgrade to version 51.0.9.2 Vulnerability Details CVEID:CVE-2026-26007 DESCRIPTION:...
Security Bulletin: Due to use of spring-web-6.2.16.jar, IBM Sterling Connect:Direct Web Services is affected by stream corruption issue when using Server-Sent Events (SSE).
Summary spring-web-6.2.16.jar is used by IBM Sterling Connect:Direct Web Services CVE-2026-22735. Vulnerability Details CVEID:CVE-2026-22735 DESCRIPTION: Spring MVC and WebFlux applications are vulnerable to stream corruption when using Server-Sent Events SSE. This issue affects Spring Foundation...
Security Bulletin: Multiple vulnerabilities addressed in IBM Big Replicate LiveData Migrator 3.4
Summary Multiple vulnerabilities addressed in IBM Big Replicate LiveData Migrator 3.4. The libraries affected include tomcat-embed-core-9.0.108.jar Dependency packages are being used by IBM Big Replicate LiveData Migrator. This bulletin describes the upgrades necessary to address the...
Security Bulletin: Vulnerabilities in kernel affects IBM Netezza Appliance
Summary The kernel package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEs CVE-2025-38110, CVE-2025-38086, CVE-2025-37958, CVE-2025-37797, CVE-2025-22121, CVE-2025-22113, CVE-2025-22091, CVE-2025-22085, CVE-2025-21905, CVE-2024-57980 Vulnerability Detail...
Security Bulletin: Vulnerability in net-snmp affects IBM Netezza Appliance
Summary The net-snmp package is used by IBM Netezza Appliance. IBM Netezza Appliance has addressed the applicable CVE CVE-2025-68615. Vulnerability Details CVEID:CVE-2025-68615 DESCRIPTION: net-snmp is a SNMP application library, tools and daemon. Prior to versions 5.9.5 and 5.10.pre2, a speciall...
Security Bulletin: Vulnerabilities in kernel affects IBM Netezza Appliance
Summary The kernel package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEs CVE-2022-50087, CVE-2025-22026, CVE-2025-38566, CVE-2025-38571, CVE-2025-39817, CVE-2025-39841, CVE-2025-39849 Vulnerability Details CVEID:CVE-2022-50087 DESCRIPTION: In the Linux...
Security Bulletin: Vulnerabilities in kernel affects IBM Netezza Appliance
Summary The kernel package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEs CVE-2025-38449, CVE-2025-22097, CVE-2025-38332, CVE-2025-38352 Vulnerability Details CVEID:CVE-2025-38449 DESCRIPTION: In the Linux kernel, the following vulnerability has been...
Security Bulletin: Vulnerability in libsoup affects IBM Netezza Appliance
Summary The libsoup package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVECVE-2025-14523 Vulnerability Details CVEID:CVE-2025-14523 DESCRIPTION: A flaw in libsoup’s HTTP header handling allows multiple Host: headers in a request and returns the last...
Security Bulletin: Vulnerabilities in GNU C affects IBM Netezza Appliance
Summary The GNU C package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEs CVE-2026-0915, CVE-2026-0861, CVE-2025-15281 Vulnerability Details CVEID:CVE-2026-0915 DESCRIPTION: Calling getnetbyaddr or getnetbyaddrr with a configured nsswitch.conf that...
Security Bulletin: Vulnerabilities in kernel affects IBM Netezza Appliance
Summary The kernel package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEs CVE-2024-58002, CVE-2025-38089 Vulnerability Details CVEID:CVE-2024-58002 DESCRIPTION: In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Remove...
Security Bulletin: Vulnerability in glib2 affects IBM Netezza Appliance
Summary The glib2 package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVECVE-2025-13601 Vulnerability Details CVEID:CVE-2025-13601 DESCRIPTION: A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the...
Security Bulletin: Vulnerabilities in python affects IBM Netezza Appliance
Summary The python package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2025-12084, CVE-2025-13836 Vulnerability Details CVEID:CVE-2025-12084 DESCRIPTION: When building nested elements using xml.dom.minidom methods such as appendChild that have a...
Security Bulletin: Vulnerabilities in kernel affects IBM Netezza Appliance
Summary The kernel package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEs CVE-2025-40300, CVE-2025-39849, CVE-2025-39841, CVE-2025-39817, CVE-2025-39718, CVE-2025-38571, CVE-2025-39702, CVE-2025-38566, CVE-2023-53494, CVE-2023-53373, CVE-2022-50367,...
Security Bulletin: Vulnerabilities in kernel affects IBM Netezza Appliance
Summary The kernel package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEs CVE-2023-53125, CVE-2025-37810, CVE-2025-38498, CVE-2025-39694 Vulnerability Details CVEID:CVE-2023-53125 DESCRIPTION: In the Linux kernel, the following vulnerability has been...
Security Bulletin: Vulnerability in gnupg affects IBM Netezza Appliance
Summary The gnupg package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVECVE-2025-68973 Vulnerability Details CVEID:CVE-2025-68973 DESCRIPTION: In GnuPG before 2.4.9, armorfilter in g10/armor.c has two increments of an index variable where one is intended...
Security Bulletin: Vulnerabilities in kernel affects IBM Netezza Appliance
Summary The kernel package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEs CVE-2025-8176, CVE-2025-9900 Vulnerability Details CVEID:CVE-2025-8176 DESCRIPTION: A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as critical. This...