35598 matches found
Security Bulletin: Vulnerabilities in kernel affects IBM Netezza Appliance
Summary The kernel package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEs CVE-2025-38087, CVE-2022-49788, CVE-2025-21727, CVE-2025-21928, CVE-2025-21929, CVE-2025-21962, CVE-2025-22020, CVE-2025-37890, CVE-2025-38052 Vulnerability Details...
Security Bulletin: Carbon chart DOMPurify XSS Vulnerabilities (CVE-2025-15599, CVE-2026-0540)
Summary Two cross-site scripting XSS vulnerabilities CVE-2025-15599 and CVE-2026-0540 were identified in the DOMPurify library versions 3.1.3 through 3.2.6 and 2.5.3 through 2.5.8. These vulnerabilities allow attackers to bypass attribute sanitization by exploiting missing rawtext element...
Security Bulletin: Vulnerabilities in kernel affects IBM Netezza Appliance
Summary The kernel package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEs CVE-2025-38684, CVE-2025-38500, CVE-2025-38464, CVE-2025-38461, CVE-2025-38350, CVE-2025-38211, CVE-2025-38200, CVE-2025-37823 Vulnerability Details CVEID:CVE-2025-38684...
Security Bulletin: Vulnerabilities in kernel affects IBM Netezza Appliance
Summary The kernel package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEs CVE-2026-0719, CVE-2026-1761 Vulnerability Details CVEID:CVE-2026-0719 DESCRIPTION: A flaw was identified in the NTLM authentication handling of the libsoup HTTP library, used by...
Security Bulletin: Vulnerability in SSSD affects IBM Netezza Appliance
Summary The SSSD package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVECVE-2025-11561 Vulnerability Details CVEID:CVE-2025-11561 DESCRIPTION: A flaw was found in the integration of Active Directory and the System Security Services Daemon SSSD on Linux...
Security Bulletin: Vulnerabilities in kernel affects IBM Netezza Appliance
Summary The kernel package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2025-21863, CVE-2025-40248, CVE-2025-68301 Vulnerability Details CVEID:CVE-2025-21863 DESCRIPTION: In the Linux kernel, the following vulnerability has been resolved: iouring:...
Security Bulletin: Vulnerability in OpenSSL affects IBM Netezza Appliance
Summary The OpenSSL package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2025-69421 Vulnerability Details CVEID:CVE-2025-69421 DESCRIPTION: Issue summary: Processing a malformed PKCS12 file can trigger a NULL pointer dereference in the...
Security Bulletin: Vulnerabilities in kernel affects IBM Netezza Appliance
Summary The kernel package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEs CVE-2025-22058, CVE-2025-37914, CVE-2025-38417 Vulnerability Details CVEID:CVE-2025-22058 DESCRIPTION: In the Linux kernel, the following vulnerability has been resolved: udp: Fix...
Security Bulletin: Vulnerabilities in kernel affects IBM Netezza Appliance
Summary The kernel package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEs CVE-2025-40300, CVE-2025-39849, CVE-2025-39841, CVE-2025-39817, CVE-2025-39718, CVE-2025-38571, CVE-2025-39702, CVE-2025-38566, CVE-2023-53494, CVE-2023-53373, CVE-2022-50367,...
Security Bulletin: Vulnerabilities in kernel affects IBM Netezza Appliance
Summary The kernel package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEs CVE-2025-40251, CVE-2025-40154, CVE-2025-38568 Vulnerability Details CVEID:CVE-2025-40251 DESCRIPTION: In the Linux kernel, the following vulnerability has been resolved: devlink:...
Security Bulletin: Vulnerability in kernel affects IBM Netezza Appliance
Summary The kernel package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2025-21991 Vulnerability Details CVEID:CVE-2025-21991 DESCRIPTION: In the Linux kernel, the following vulnerability has been resolved: x86/microcode/AMD: Fix out-of-bounds on...
Security Bulletin: Vulnerability in podman affects IBM Netezza Appliance
Summary The podman package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVECVE-2025-47913 Vulnerability Details CVEID:CVE-2025-47913 DESCRIPTION: SSH clients receiving SSHAGENTSUCCESS when expecting a typed response will panic and cause early termination o...
Security Bulletin: Due to use of plexus-utils-3.5.1.jar, IBM Sterling Connect:Direct Web Services is affected by Directory Traversal issue.
Summary plexus-utils-3.5.1.jar is used by IBM Sterling Connect:Direct Web Services CVE-2025-67030. Vulnerability Details CVEID:CVE-2025-67030 DESCRIPTION: Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus-utils before...
Security Bulletin: Due to use of jackson-core-2.19.4.jar, IBM Sterling Connect:Direct Web Services is affected by Denial of Service (DoS) issue.
Summary jackson-core-2.19.4.jar is used by IBM Sterling Connect:Direct Web Services WS-2026-0003. Vulnerability Details ID:WS-2026-0003 DESCRIPTION: The non-blocking async JSON parser in jackson-core bypasses the maxNumberLength constraint default: 1000 characters defined in StreamReadConstraints...
Security Bulletin: Due to use of jetty-server-12.0.16.jar, IBM Sterling Connect:Direct Web Services is affected by response not compressed issue for corresponding HTTP request, causing the leak.
Summary jetty-server-12.0.16.jar is used by IBM Sterling Connect:Direct Web Services CVE-2026-1605. Vulnerability Details CVEID:CVE-2026-1605 DESCRIPTION: In Eclipse Jetty, versions 12.0.0-12.0.31 and 12.1.0-12.0.5, class GzipHandler exposes a vulnerability when a compressed HTTP request, with...
Security Bulletin: Due to use of IBM SDK, IBM Sterling Connect:Direct Web Services is affected by denial of service.
Summary IBM SDK is used by IBM Sterling Connect:Direct Web Services CVE-2026-21945, CVE-2026-21932, CVE-2026-21933,CVE-2026-21925. Vulnerability Details CVEID:CVE-2026-21945 DESCRIPTION: Java SE is vulnerable to a denial of service, caused by an easily exploitable vulnerability issue that allows ...
Security Bulletin: Due to use of spring-security-web-6.5.8.jar, IBM Sterling Connect:Direct Web Services is affected by missing HTTP header in response issue.
Summary spring-security-web-6.5.8.jar is used by IBM Sterling Connect:Direct Web Services CVE-2026-22732. Vulnerability Details CVEID:CVE-2026-22732 DESCRIPTION: When applications specify HTTP response headers for servlet applications using Spring Security, there is the possibility that the HTTP...
Security Bulletin: IBM WebSphere Application Server Liberty is affected by identity spoofing (CVE-2026-3621)
Summary IBM WebSphere Application Server Liberty is affected by identity spoofing when the appSecurity feature appSecurity-1.0, appSecurity-2.0, appSecurity-3.0, appSecurity-4.0, or appSecurity-5.0 is not enabled on the server. Vulnerability Details CVEID:CVE-2026-3621 DESCRIPTION: IBM WebSphere...
Security Bulletin: Multiple security vulnerabilities are addressed with IBM Process Mining Interim Fix for January 2026
Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed with IBM Process Mining 2.1.0 IF001 Vulnerability Details CVEID:CVE-2026-21860 DESCRIPTION: Werkzeug is a comprehensive WSGI web application library. Prior to version 3.1.5...
Security Bulletin: IBM SPSS Analytic Server is affected by multiple vulnerabilities in IBM WebSphere Application Server Liberty (CVE-2024-29371, CVE-2025-14923)
Summary IBM SPSS Analytic Server is affected by multiple vulnerabilities in IBM WebSphere Application Server Liberty CVE-2024-29371, CVE-2025-14923. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2024-29371 DESCRIPTION: In jose4j before 0.9.6, an attacker can...
Security Bulletin: IBM Guardium Data Protection is affected by multiple vulnerabilities (CVE-2026-1272, CVE-2020-16971, CVE-2026-1274)
Summary IBM Guardium Data Protection has addressed these vulnerabilities in an update. Vulnerability Details CVEID:CVE-2026-1272 DESCRIPTION: IBM Guardium Data Protection is vulnerable to Security Misconfiguration vulnerability in the user access control panel. CWE:CWE-613: Insufficient Session...
Security Bulletin: IBM Guardium Data Protection is affected by multiple vulnerabilities (CVE-2026-4917, CVE-2026-4918, CVE-2026-4919)
Summary IBM Guardium Data Protection has addressed these vulnerabilities in an update. Vulnerability Details CVEID:CVE-2026-4917 DESCRIPTION: IBM Guardium Data Protection could allow an administrative user to traverse directories on the system. An attacker could send a specially crafted URL reque...
Security Bulletin: IBM Guardium Data Protection is affected by a spring-security-config-5.8.14.jar vulnerability (CVE-2024-38827)
Summary IBM Guardium Data Protection has addressed this vulnerability in an update. Vulnerability Details CVEID:CVE-2024-38827 DESCRIPTION: The usage of String.toLowerCase and String.toUpperCase has some Locale dependent exceptions that could potentially result in authorization rules not working...
Security Bulletin: IBM Guardium Data Protection is affected by an IBM SDK, Java Technology Edition Quarterly CPU - Oct 2025 - Includes Oracle October 2025 CPU vulnerability (CVE-2025-53066, CVE-2025-53057)
Summary IBM Guardium Data Protection has addressed this vulnerability in an update. Vulnerability Details CVEID:CVE-2025-53066 DESCRIPTION: An unspecified vulnerability in Java SE related to the JAXP component could allow a remote attacker to cause high confidentiality impact, no integrity impact...
Security Bulletin: Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to multiple vulnerabilities in Node.js
Summary Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to multiple vulnerabilities in Node.js. CVE-2026-32141, CVE-2026-0540, CVE-2026-2327, CVE-2026-27903, CVE-2026-27904. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2026-3214...
Security Bulletin: DevOps Test Performance contains a vulnerability related to use of AsyncHttpClient
Summary Due to use of AsyncHttpClient, DevOps Test Performance and Rational Performance Tester contain a potential vulnerability where Authorization/Proxy-Authorization headers are improperly leaked. Vulnerability Details CVEID:CVE-2026-40490 DESCRIPTION: The AsyncHttpClient AHC library allows Ja...
Security Bulletin: IBM Security SOAR is using a component with a known vulnerability (CVE-2026-27601)
Summary IBM Security SOAR uses an older version of the Underscore.js component that may be identified and exploited. Updates for supported versions have been released which address the issue. It is recommended to upgrade to version 51.0.9.2 Vulnerability Details CVEID:CVE-2026-27601 DESCRIPTION:...
Security Bulletin: IBM Security SOAR is using a component with a known vulnerability (CVE-2025-15599)
Summary IBM Security SOAR uses an older version of the DOMPurify component that may be identified and exploited. Updates for supported versions have been released which address the issue. It is recommended to upgrade to version 51.0.9.2 Vulnerability Details CVEID:CVE-2025-15599 DESCRIPTION:...
Security Bulletin: Muliple security vulnerabilities found in IBM CICS TX Standard.
Summary Multiple security vulnerabilities found in IBM CICS TX Standard. An update to IBM CICS TX Standard has been released to address multiple vulnerabilities in brotli, gnutls, libssh, openssl, curl, binutils, gnupg2, glib2 packages. Vulnerability Details CVEID:CVE-2025-9230 DESCRIPTION: Issue...
Security Bulletin: Muliple security vulnerabilities found in TXSeries for Multiplatforms.
Summary Multiple security vulnerabilities found in TXSeries for Multiplatforms. An update to TXSeries for Multiplatforms has been released to address multiple vulnerabilities in perl, gnupg2, binutils, curl, openssl, glib2 packages. Vulnerability Details CVEID:CVE-2025-68973 DESCRIPTION: In GnuPG...
Security Bulletin: Rational Test Automation Server is vulnerable to request smuggling using CRLF injection due to netty-codec-http (CVE-2025-67735)
Summary Due to use of netty-codec-http, Rational Test Automation Server and IBM DevOps Test Hub contain a CRLF injection based request smuggling vulnerability CVE-2025-67735. The netty-codec-http java library is used for asynchronous HTTP handling capabilities. Vulnerability Details...
Security Bulletin: Vulnerabilities in kernel affects IBM Netezza Appliance
Summary The kernel package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEs CVE-2025-21883, CVE-2025-21919, CVE-2025-22104, CVE-2025-23150, CVE-2025-37738 Vulnerability Details CVEID:CVE-2025-21883 DESCRIPTION: In the Linux kernel, the following...
Security Bulletin: Vulnerabilities in kernel affects IBM Netezza Appliance
Summary The kernel package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEs CVE-2025-21961, CVE-2025-21963, CVE-2025-21969, CVE-2025-21979, CVE-2025-21999, CVE-2025-22126, CVE-2025-37750 Vulnerability Details CVEID:CVE-2025-21961 DESCRIPTION: In the Linux...
Security Bulletin: Vulnerabilities in libsoup affects IBM Netezza Appliance
Summary The libsoup package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEsCVE-2025-4945, CVE-2025-11021 Vulnerability Details CVEID:CVE-2025-4945 DESCRIPTION: A flaw was found in the cookie parsing logic of the libsoup HTTP library, used in GNOME...
Security Bulletin: Vulnerability in kernel affects IBM Netezza Appliance
Summary The kernel package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2025-38550 Vulnerability Details CVEID:CVE-2025-38550 DESCRIPTION: In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: Delay put pmc-idev in...
Security Bulletin: Vulnerability in FreeIPA affects IBM Netezza Appliance
Summary The FreeIPA package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2025-7493 Vulnerability Details CVEID:CVE-2025-7493 DESCRIPTION: A privilege escalation flaw from host to domain administrator was found in FreeIPA. This vulnerability is...
Security Bulletin: Vulnerabilities in kernel affects IBM Netezza Appliance
Summary The kernel package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEs CVE-2025-38079, CVE-2025-38292 Vulnerability Details CVEID:CVE-2025-38079 DESCRIPTION: In the Linux kernel, the following vulnerability has been resolved: crypto: algifhash - fix...
Security Bulletin: Vulnerability in SQLite affects IBM Netezza Appliance
Summary The SQLite package is used by IBM Netezza Appliance. IBM Netezza Appliance has addressed the applicable CVE CVE-2025-6965 Vulnerability Details CVEID:CVE-2025-6965 DESCRIPTION: There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed t...
Security Bulletin: Vulnerability in poppler affects IBM Netezza Appliance
Summary The poppler package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVECVE-2025-32365 Vulnerability Details CVEID:CVE-2025-32365 DESCRIPTION: Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the JBIG2Bitmap::combine...
Security Bulletin: Vulnerabilities in kernel affects IBM Netezza Appliance
Summary The kernel package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEs CVE-2022-48830, CVE-2022-49024, CVE-2024-36350, CVE-2024-36357, CVE-2024-46689, CVE-2024-46744, CVE-2024-47679, CVE-2024-47727, CVE-2024-49864, CVE-2024-50060, CVE-2024-50195,...
Security Bulletin: Vulnerability in kernel affects IBM Netezza Appliance
Summary The kernel package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2025-12084 Vulnerability Details CVEID:CVE-2025-12084 DESCRIPTION: When building nested elements using xml.dom.minidom methods such as appendChild that have a dependency on...
Security Bulletin: Vulnerabilities in kernel affects IBM Netezza Appliance
Summary The kernel package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEs CVE-2023-53331, CVE-2025-39718, CVE-2025-39730, CVE-2025-39819 Vulnerability Details CVEID:CVE-2023-53331 DESCRIPTION: In the Linux kernel, the following vulnerability has been...
Security Bulletin: Vulnerabilities in kernel affects IBM Netezza Appliance
Summary The kernel package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEs CVE-2022-3424, CVE-2025-21764 Vulnerability Details CVEID:CVE-2022-3424 DESCRIPTION: A use-after-free flaw was found in the Linux kernel’s SGI GRU driver in the way the first...
Security Bulletin: Vulnerabilities in kernel affects IBM Netezza Appliance
Summary The kernel package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEs CVE-2023-52355, CVE-2023-52356 Vulnerability Details CVEID:CVE-2023-52355 DESCRIPTION: An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff...
Security Bulletin: Vulnerabilities in libpng affects IBM Netezza Appliance
Summary The libpng package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEsCVE-2025-64720, CVE-2025-65018, CVE-2025-66293 Vulnerability Details CVEID:CVE-2025-64720 DESCRIPTION: LIBPNG is a reference library for use in applications that read, create, and...
Security Bulletin: DevOps Test Performance contains a vulnerability related to use of the path-to-regexp library
Summary Due to use of the path-to-regexp library, DevOps Test Performance and Rational Performance Tester contain a potential Regular Expression Denial of Service ReDoS vulnerability. Vulnerability Details CVEID:CVE-2026-4923 DESCRIPTION: Impact: When using multiple wildcards, combined with at...
Security Bulletin: Vulnerability in setuptools affects IBM Netezza Appliance
Summary The setuptools package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2025-47273 Vulnerability Details CVEID:CVE-2025-47273 DESCRIPTION: setuptools is a package that allows users to download, build, install, upgrade, and uninstall Python...
Security Bulletin: Due to use angular-1.8.2.min.js , IBM webMethods Integration Server is affected by multiple vulnerabilities.
Summary Multiple vulnerabilities were addressed in IBM webMethods Integration Server by upgrading the version of the Angular framework. Vulnerability Details CVEID:CVE-2025-0716 DESCRIPTION: Improper sanitization of the value of the 'href' and 'xlink:href' attributes in 'image' SVG elements in...
Security Bulletin: IBM App Connect Enterprise is vulnerable to multiple vulnerabilities due to multiple node modules.
Summary IBM App Connect Enterprise runtime, IBM App Connect Enterprise Connector Discovery and OpenAPI Editor and IBM App Connect Enterprise Discovery Connectors are vulnerable to multiple vulnerabilities due to multiple node modules. Vulnerability Details CVEID:CVE-2026-33036 DESCRIPTION:...
Security Bulletin: A Security Vulnerability Has Been Identified In WebSphere Liberty shipped with IBM Copy Services manager (CVE-2025-7962)
Summary WebSphere Application Server Liberty is shipped with IBM Copy Services Manager. Information about a security vulnerability affecting WebSphere Application Server Liberty has been published in a security bulletin. Vulnerability Details CVEID:CVE-2025-7962 DESCRIPTION: In Jakarta Mail 2.0.2...