Lucene search
K

35596 matches found

IBM Security Bulletins
IBM Security Bulletins
•added 2026/04/17 5:13 a.m.•10 views

Security Bulletin: SPSS Collaboration and Deployment Services is affected by multiple vulnerabilities in axios (CVE-2026-39865, CVE-2025-62718, CVE-2026-25639, CVE-2026-40175)

Summary SPSS Collaboration and Deployment Services is affected by multiple vulnerabilities in axios CVE-2026-39865, CVE-2025-62718, CVE-2026-25639, CVE-2026-40175. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2026-39865 DESCRIPTION: Axios is a promise based...

9.9CVSS5.7AI score0.02591EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2026/04/16 10:34 p.m.•7 views

Security Bulletin: Multiple Vulnerabilities in IBM Aspera Faspex

Summary Multiple Vulnerabilities were addressed in IBM Aspera Faspex 5.0.15.1 Vulnerability Details CVEID:CVE-2025-62718 DESCRIPTION: Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.0 and 0.31.0, Axios does not correctly handle hostname normalization when checking...

9.9CVSS7.3AI score0.01815EPSS
Exploits6Affected Software6
IBM Security Bulletins
IBM Security Bulletins
•added 2026/04/16 10:21 p.m.•7 views

Security Bulletin: Multiple vulnerabilities in IBM Aspera Console

Summary Multiple vulnerabilities were addressed in IBM Aspera Console version 3.4.10 Vulnerability Details CVEID:CVE-2026-26961 DESCRIPTION: Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Multipart::Parser extracts the boundary parameter from...

7.5CVSS5.8AI score0.0043EPSS
Exploits0Affected Software5
IBM Security Bulletins
IBM Security Bulletins
•added 2026/04/16 9:24 p.m.•12 views

Security Bulletin: Multiple vulnerabilities in IBM Aspera Orchestrator

Summary Multiple vulnerabilities were addressed in IBM Aspera Orchestrator 4.1.4 Vulnerability Details CVEID:CVE-2026-33173 DESCRIPTION: Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, DirectUploadsController...

9.8CVSS5.8AI score0.00838EPSS
Exploits0Affected Software5
IBM Security Bulletins
IBM Security Bulletins
•added 2026/04/16 6:58 p.m.•6 views

Security Bulletin: Go-getter may allow to arbitrary filesystem reads through git operations

Summary HashiCorp’s go-getter library up to v1.8.5 may allow arbitrary file reads on the file system during certain git operations through a maliciously crafted URL. This vulnerability, CVE-2026-4660, is fixed in go-getter v1.8.6. This vulnerability does not affect the go-getter/v2 branch and...

7.5CVSS5.8AI score0.00583EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2026/04/16 5:54 p.m.•7 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in filelock-3.12.2-py3-none-any.whl

Summary IBM Watson Discovery Cartridge affected by vulnerability in filelock-3.12.2-py3-none-any.whl Vulnerability Details CVEID:CVE-2025-68146 DESCRIPTION: filelock is a platform-independent file lock for Python. In versions prior to 3.20.1, a Time-of-Check-Time-of-Use TOCTOU race condition allo...

6.5CVSS5.9AI score0.00184EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2026/04/16 5:53 p.m.•5 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in netty-codec-http-4.1.125.Final.jar

Summary IBM Watson Discovery Cartridge affected by vulnerability in netty-codec-http-4.1.125.Final.jar Vulnerability Details CVEID:CVE-2025-67735 DESCRIPTION: Netty is an asynchronous, event-driven network application framework. In versions prior to 4.1.129.Final and 4.2.8.Final, the...

6.5CVSS5.8AI score0.00292EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2026/04/16 5:52 p.m.•8 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in lz4-java-1.8.0.jar

Summary IBM Watson Discovery Cartridge affected by vulnerability in lz4-java-1.8.0.jar Vulnerability Details CVEID:CVE-2025-12183 DESCRIPTION: Out-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and earlier allow remote attackers to cause denial of service and read adjacent memory via...

8.8CVSS6AI score0.00647EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2026/04/16 5:52 p.m.•5 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in elasticsearch-geo-7.17.13.jar

Summary IBM Watson Discovery Cartridge affected by vulnerability in elasticsearch-geo-7.17.13.jar Vulnerability Details CVEID:CVE-2024-52981 DESCRIPTION: An issue was discovered in Elasticsearch, where a large recursion using the Well-KnownText formatted string with nested GeometryCollection...

7.5CVSS5.8AI score0.00511EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2026/04/16 5:51 p.m.•7 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in elasticsearch-7.17.13.jar

Summary IBM Watson Discovery Cartridge affected by vulnerability in elasticsearch-7.17.13.jar Vulnerability Details CVEID:CVE-2023-46673 DESCRIPTION: It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling...

7.5CVSS5.8AI score0.00943EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2026/04/16 5:49 p.m.•3 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in urllib3-1.26.20-py2.py3-none-any.whl

Summary IBM Watson Discovery Cartridge affected by vulnerability in urllib3-1.26.20-py2.py3-none-any.whl Vulnerability Details CVEID:CVE-2026-21441 DESCRIPTION: urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by...

8.9CVSS5.8AI score0.02667EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2026/04/16 5:48 p.m.•5 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in WebSphere Application Server Liberty

Summary IBM Watson Discovery Cartridge affected by vulnerability in WebSphere Application Server Liberty Vulnerability Details CVEID:CVE-2025-12635 DESCRIPTION: IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.12 are affected by...

5.4CVSS5.7AI score0.00139EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2026/04/16 5:47 p.m.•5 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in elasticsearch-6.8.23.jar

Summary IBM Watson Discovery Cartridge affected by vulnerability in elasticsearch-6.8.23.jar Vulnerability Details CVEID:CVE-2024-52979 DESCRIPTION: Uncontrolled Resource Consumption in Elasticsearch while evaluating specifically crafted search templates with Mustache functions can lead to Denial...

7.5CVSS5.8AI score0.00522EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2026/04/16 5:46 p.m.•5 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in elasticsearch-6.8.23.jar

Summary IBM Watson Discovery Cartridge affected by vulnerability in elasticsearch-6.8.23.jar Vulnerability Details CVEID:CVE-2024-52979 DESCRIPTION: Uncontrolled Resource Consumption in Elasticsearch while evaluating specifically crafted search templates with Mustache functions can lead to Denial...

7.5CVSS5.8AI score0.00522EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2026/04/16 5:4 p.m.•7 views

Security Bulletin: IBM Sterling B2B Integrator and IBM Sterling File Gateway are vulnerable due to improper permission check vulnerability in Zookeeper (CVE-2025-58457)

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway are vulnerable due to improper permission check vulnerability in Zookeeper Vulnerability Details CVEID:CVE-2025-58457 DESCRIPTION: Improper permission check in ZooKeeper AdminServer lets authorized clients to run snapshot and resto...

4.3CVSS5.8AI score0.00294EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2026/04/16 4:50 p.m.•4 views

Security Bulletin: IBM® Db2® is vulnerable to a denial of service with a specially crafted query when stmtheap is set to automatic (CVE-2025-36122)

Summary IBM® Db2® is vulnerable to a denial of service with a specially crafted query when stmtheap is set to AUTOMATIClimit. Vulnerability Details CVEID:CVE-2025-36122 DESCRIPTION: IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server could allow an authenticated user to cause a denial...

6.5CVSS5.8AI score0.00245EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2026/04/16 3:15 p.m.•4 views

Security Bulletin: IBM Transformation Advisor is affected by multiple vulnerabilities found in Node.js

Summary There are multiple vulnerabilities in Node.js used by IBM Transformation Advisor. Vulnerability Details CVEID:CVE-2026-2359 DESCRIPTION: Multer is a node.js middleware for handling multipart/form-data. A vulnerability in Multer prior to version 2.1.0 allows an attacker to trigger a Denial...

8.7CVSS5.8AI score0.00663EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2026/04/16 3:15 p.m.•5 views

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of React Router

Summary Due to use of React Router, DevOps Test Performance and Rational Performance Tester contain a Open Redirect vulnerability, potentially enabling phishing or credential theft. Vulnerability Details CVEID:CVE-2025-68470 DESCRIPTION: React Router is a router for React. In versions 6.0.0 throu...

6.5CVSS5.7AI score0.00198EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2026/04/16 3:15 p.m.•5 views

Security Bulletin: IBM Application Modernization Accelerator is vulnerable to multiple vulnerabilities found in Node.js

Summary There are multiple vulnerabilities in Node.js used by IBM Application Modernization Accelerator. Vulnerability Details CVEID:CVE-2026-2359 DESCRIPTION: Multer is a node.js middleware for handling multipart/form-data. A vulnerability in Multer prior to version 2.1.0 allows an attacker to...

8.7CVSS5.8AI score0.00663EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2026/04/16 3:12 p.m.•6 views

Security Bulletin: DevOps Test Performance contains a vulnerability related to the use of Netty

Summary Due to the use of Netty, DevOps Test Performance and Rational Performance Tester contain a potential CRLF injection vulnerability. Vulnerability Details CVEID:CVE-2025-67735 DESCRIPTION: Netty is an asynchronous, event-driven network application framework. In versions prior to 4.1.129.Fin...

6.5CVSS5.8AI score0.00292EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2026/04/16 3:5 p.m.•5 views

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of the glob npm package

Summary Due to use of the glob npm package, DevOps Test Performance and Rational Performance Tester contain a potential command injection vulnerability. Vulnerability Details CVEID:CVE-2025-64756 DESCRIPTION: Glob matches files using patterns the shell uses. Starting in version 10.2.0 and prior t...

7.5CVSS6.4AI score0.03026EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2026/04/16 2:52 p.m.•8 views

Security Bulletin: IBM Sterling B2B Integrator and IBM Sterling File Gateway are vulnerable due to improper permission check vulnerability in Zookeeper (CVE-2025-58457)

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway are vulnerable due to improper permission check vulnerability in Zookeeper Vulnerability Details CVEID:CVE-2025-58457 DESCRIPTION: Improper permission check in ZooKeeper AdminServer lets authorized clients to run snapshot and resto...

4.3CVSS7.1AI score0.00294EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2026/04/16 2:47 p.m.•8 views

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of the Connect2id Nimbus JOSE + JWT library

Summary Due to use of the Connect2id Nimbus JOSE + JWT library, DevOps Test Performance and Rational Performance Tester contain a potential Denial of Service DoS vulnerability. Vulnerability Details CVEID:CVE-2025-53864 DESCRIPTION: Connect2id Nimbus JOSE + JWT 10.0.x before 10.0.2 and 9.37.x...

5.8CVSS5.9AI score0.00806EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2026/04/16 2:43 p.m.•4 views

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of the npm semver package

Summary Due to use of the npm semver package, DevOps Test Performance and Rational Performance Tester contain a potential Regular Expression Denial of Service ReDoS vulnerability. Vulnerability Details CVEID:CVE-2022-25883 DESCRIPTION: Versions of the package semver before 7.5.2 are vulnerable to...

7.5CVSS5.8AI score0.02761EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2026/04/16 2:40 p.m.•8 views

Security Bulletin: DevOps Test Performance contains a vulnerability related to use os qOS.ch Logback-core

Summary Due to use of qOS.ch Logback-core, DevOps Test Performance and Rational Performance Tester contain a potential Remote Code Execution RCE vulnerability. Vulnerability Details CVEID:CVE-2025-11226 DESCRIPTION: ACE vulnerability in conditional configuration file processing by QOS.CH...

7CVSS6.3AI score0.00181EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2026/04/16 2:27 p.m.•5 views

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of the Node.js on-headers middleware

Summary Due to use of the Node.js on-headers middleware, DevOps Test Performance and Rational Performance Tester contain an Improper Handling of Unexpected Data Type vulnerability, potentially enabling header manipulation. Vulnerability Details CVEID:CVE-2025-7339 DESCRIPTION: on-headers is a...

3.4CVSS5.8AI score0.00174EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2026/04/16 1:52 p.m.•7 views

Security Bulletin: Multiple vulnerabilities affect IBM® SDK, Java™ Technology Edition for Content Collector for Email, Content Collector for File Systems and Content Collector for Microsoft SharePoint

Summary IBM SDK, Java Technology Edition Quarterly CPU - Oct 2025 - Includes vulnerablity fix for Java SE related to the JAXP component and Security component CVE-2026-21925 CVSS 4.8,CVE-2026-21932 CVSS 7.4,CVE-2026-21933 CVSS 6.1 and CVE-2026-21945 CVSS 7.5 Vulnerability Details...

7.5CVSS5.8AI score0.00864EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2026/04/16 1:14 p.m.•11 views

Security Bulletin: IBM SOAR QRadar Plugin App is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM SOAR QRadar Plugin App has addressed the applicable CVEs with an update. Vulnerability Details CVEID:CVE-2026-24049 DESCRIPTION: wheel is a command line tool...

7.1CVSS6.3AI score0.00311EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2026/04/16 1:8 p.m.•9 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses c3p0-0.11.2.jar and mchange-commons-java-0.3.2.jar which are vulnerable to CVE-2026-27830 and CVE-2026-27727.

Summary IBM Maximo Application Suite - Monitor Component uses c3p0-0.11.2.jar and mchange-commons-java-0.3.2.jar which are vulnerable to CVE-2026-27830 and CVE-2026-27727. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-27727 DESCRIPTION:...

9.8CVSS6.1AI score0.00812EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2026/04/16 1:7 p.m.•9 views

Security Bulletin: IBM Edge Data Collector uses django-4.2.27-py3-none-any.whl which is vulnerable to CVE-2025-13473, CVE-2025-14550, CVE-2026-1207, CVE-2026-1285, CVE-2026-1287, CVE-2026-1312.

Summary IBM Edge Data Collector uses django-4.2.27-py3-none-any.whl which is vulnerable to CVE-2025-13473, CVE-2025-14550, CVE-2026-1207, CVE-2026-1285, CVE-2026-1287, CVE-2026-1312. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-25673...

8.5CVSS5.8AI score0.00993EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2026/04/16 1:4 p.m.•6 views

Security Bulletin: IBM SOAR QRadar Plugin App is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM SOAR QRadar Plugin App has addressed the applicable CVEs with an update. Vulnerability Details CVEID:CVE-2026-26007 DESCRIPTION: cryptography is a package...

8.2CVSS5.8AI score0.00341EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2026/04/16 12:23 p.m.•9 views

Security Bulletin: IBM SOAR QRadar Plugin App is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM SOAR QRadar Plugin App has addressed the applicable CVEs with an update. Vulnerability Details CVEID:CVE-2026-22701 DESCRIPTION: filelock is a...

5.3CVSS5.7AI score0.00115EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2026/04/16 12:21 p.m.•6 views

Security Bulletin: IBM SOAR QRadar Plugin App is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM SOAR QRadar Plugin App has addressed the applicable CVEs with an update. Vulnerability Details CVEID:CVE-2025-66418 DESCRIPTION: urllib3 is a user-friendly...

8.9CVSS5.9AI score0.02667EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2026/04/16 12:20 p.m.•8 views

Security Bulletin: IBM SOAR QRadar Plugin App is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM SOAR QRadar Plugin App has addressed the applicable CVEs with an update. Vulnerability Details CVEID:CVE-2025-68146 DESCRIPTION: filelock is a...

6.5CVSS5.9AI score0.00184EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2026/04/16 12:19 p.m.•9 views

Security Bulletin: IBM SOAR QRadar Plugin App is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM SOAR QRadar Plugin App has addressed the applicable CVEs with an update. Vulnerability Details CVEID:CVE-2025-66418 DESCRIPTION: urllib3 is a user-friendly...

8.9CVSS5.9AI score0.00633EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2026/04/16 12:12 p.m.•12 views

Security Bulletin: Multiple Vulnerabilities in IBM Event Processing

Summary Multiple vulnerabilities were addressed in IBM Event Processing 1.5.0 Vulnerability Details CVEID:CVE-2026-1002 DESCRIPTION: The Vert.x Web static handler component cache can be manipulated to deny the access to static files served by the handler using specifically crafted request URI. Th...

9.2CVSS5.9AI score0.02591EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2026/04/16 11:54 a.m.•7 views

Security Bulletin: Vulnerability in platform-python affects IBM Netezza Appliance

Summary The platform-python package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2025-13836 Vulnerability Details CVEID:CVE-2025-13836 DESCRIPTION: When reading an HTTP response from a server, if no read amount is specified, the default behavior wi...

7.5CVSS5.8AI score0.01525EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2026/04/16 11:47 a.m.•6 views

Security Bulletin: Vulnerability in iperf affects IBM Netezza Appliance

Summary The iperf package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2025-54349 Vulnerability Details CVEID:CVE-2025-54349 DESCRIPTION: In iperf before 3.19.1, iperfauth.c has an off-by-one error and resultant heap-based buffer overflow...

10CVSS6.1AI score0.00381EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2026/04/16 11:40 a.m.•6 views

Security Bulletin: Vulnerabilities in urllib3 affects IBM Netezza Appliance

Summary The urllib3 library is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2025-66418 & CVE-2025-66471 Vulnerability Details CVEID:CVE-2025-66418 DESCRIPTION: urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and pri...

8.9CVSS6AI score0.00633EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2026/04/16 11:32 a.m.•10 views

Security Bulletin: Vulnerability in OpenSSL affects IBM Netezza Appliance

Summary The OpenSSL package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2025-9230 Vulnerability Details CVEID:CVE-2025-9230 DESCRIPTION: Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can...

7.5CVSS5.8AI score0.01744EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2026/04/16 11:17 a.m.•10 views

Security Bulletin: Vulnerability in brotli affects IBM Netezza Appliance

Summary The brotli package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2025-6176 Vulnerability Details CVEID:CVE-2025-6176 DESCRIPTION: Scrapy versions up to 2.13.2 are vulnerable to a denial of service DoS attack due to a flaw in its brotli...

7.5CVSS5.8AI score0.00509EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2026/04/16 11:13 a.m.•8 views

Security Bulletin: Vulnerabilities in poppler affects IBM Netezza Appliance

Summary The poppler package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEs CVE-2025-32365, CVE-2022-38784, CVE-2020-36024 Vulnerability Details CVEID:CVE-2025-32365 DESCRIPTION: Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds...

7.8CVSS6.2AI score0.00574EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2026/04/16 11:9 a.m.•8 views

Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoriong operands are vulnerable to cross-site scripting (GHSA-h8r8-wccr-v5f2, GHSA-cjmm-f4jc-qw8r) and prototype polution (GHSA-cj63-jhhr-wcxv)

Summary Node.js module dompurify is used by IBM App Connect Enterprise Certified Container. IBM App Connect Enterprise Certified Container DesignerAuthoring operands are vulnerable to cross-site scripting GHSA-h8r8-wccr-v5f2, GHSA-cjmm-f4jc-qw8r and prototype polution GHSA-cj63-jhhr-wcxv. This...

5.9AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2026/04/16 11:6 a.m.•7 views

Security Bulletin: Vulnerability in OpenSSL affects IBM Netezza Appliance

Summary The OpenSSL package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2025-69419 Vulnerability Details CVEID:CVE-2025-69419 DESCRIPTION: Issue summary: Calling PKCS12getfriendlyname function on a maliciously crafted PKCS12 file with a BMPString...

7.4CVSS6AI score0.00444EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2026/04/16 11:2 a.m.•7 views

Security Bulletin: Vulnerabilities in cups affects IBM Netezza Appliance

Summary The cups package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEs CVE-2025-58436, CVE-2025-61915 Vulnerability Details CVEID:CVE-2025-58436 DESCRIPTION: OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating...

6.7CVSS5.8AI score0.00409EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2026/04/16 10:57 a.m.•10 views

Security Bulletin: Vulnerability in curl affects IBM Netezza Appliance

Summary The curl package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2025-9086 Vulnerability Details CVEID:CVE-2025-9086 DESCRIPTION: 1. A cookie is set using the secure keyword for https://target 2. curl is redirected to or otherwise made to...

7.5CVSS5.8AI score0.01301EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2026/04/16 10:52 a.m.•10 views

Security Bulletin: Vulnerability in curl affects IBM Netezza Appliance

Summary The curl package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2023-27534 Vulnerability Details CVEID:CVE-2023-27534 DESCRIPTION: A path traversal vulnerability exists in curl 8.0.0 SFTP implementation causes the tilde character to be wrongl...

8.8CVSS6.1AI score0.02195EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2026/04/16 10:46 a.m.•9 views

Security Bulletin: Vulnerability in pytest affects IBM Netezza Appliance

Summary The pytest package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2025-71176 Vulnerability Details CVEID:CVE-2025-71176 DESCRIPTION: pytest through 9.0.2 on UNIX relies on directories with the /tmp/pytest-of-user name pattern, which allows...

6.8CVSS5.8AI score0.0014EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2026/04/16 10:33 a.m.•6 views

Security Bulletin: Vulnerability in Werkzeug affects IBM Netezza Appliance

Summary The Werkzeug package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2026-21860 Vulnerability Details CVEID:CVE-2026-21860 DESCRIPTION: Werkzeug is a comprehensive WSGI web application library. Prior to version 3.1.5, Werkzeug's safejoin...

6.3CVSS5.8AI score0.00424EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2026/04/16 9:34 a.m.•6 views

Security Bulletin: Vulnerability in wheel affects IBM Netezza Appliance

Summary The wheel package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2026-24049 Vulnerability Details CVEID:CVE-2026-24049 DESCRIPTION: wheel is a command line tool for manipulating Python wheel files, as defined in PEP 427. In versions 0.40.0...

7.1CVSS6.4AI score0.00311EPSS
Exploits2Affected Software1
Total number of security vulnerabilities35596