Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition, used by WebSphere Service Registry and Repository. These issues were disclosed as part of the IBM Java SDK updates in October 2023. These issues are also addressed by WebSphere Application Server shipped with WebSphere.....
5.9CVSS
7.4AI Score
0.001EPSS
Summary Vulnerabilities in IBM® Runtime Environment Java™ Technology Edition affects the product's management GUI. The Command Line Interface is unaffected. Vulnerability Details ** CVEID: CVE-2023-21930 DESCRIPTION: **An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise...
7.4CVSS
7AI Score
0.002EPSS
Summary Websphere Application Server (WAS) is shipped as a component of Tivoli Netcool/OMNIbus WebGUI. Information about security vulnerabilities affecting WAS has been published in a security bulletin. Vulnerability Details Refer to the security bulletin(s) listed in the Remediation/Fixes section....
6.8AI Score
Summary IBM® SDK Java™ Technology Edition is shipped as a component of IBM Tivoli Netcool Impact. IBM Tivoli Netcool Impact has addressed the applicable issues, CVE-2023-22045 and CVE-2023-22049 Vulnerability Details ** CVEID: CVE-2023-22045 DESCRIPTION: **An unspecified vulnerability in Java SE...
3.7CVSS
6.4AI Score
0.001EPSS
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 used by IBM System Networking Switch Center (SNSC). These issues were disclosed as part of the IBM Java SDK updates in January 2018 and April 2018. Vulnerability Details VEID: CVE-2018-2579 DESCRIPTION: An...
5.3CVSS
1.4AI Score
0.004EPSS
Pi-hole®'s Web interface (based off of AdminLTE) provides a central location to manage your Pi-hole. Versions 4.0 and above, prior to 5.18.3 are vulnerable to Insufficient Session Expiration. Improper use of admin WEBPASSWORD hash as "Remember me for 7 days" cookie value makes it possible for an...
8.8CVSS
6.7AI Score
0.001EPSS
Rundeck is an open source automation service with a web console, command line tools and a WebAPI. Rundeck community and rundeck-enterprise docker images contained a pre-generated SSH keypair. If the id_rsa.pub public key of the keypair was copied to authorized_keys files on remote host, those...
9.8CVSS
7AI Score
0.002EPSS
Summary IBM® SDK Java™ Technology Edition and IBM® Runtime Environment Java™ used by IBM i are vulnerable to a remote attacker causing a low integrity impact due to an unspecified vulnerability in the libraries component as described in the vulnerability details section. The vulnerability is fixed....
3.7CVSS
6.4AI Score
0.001EPSS
Summary IBM Db2 is shipped as a component of IBM Security Key Lifecycle Manager (SKLM/GKLM). Information about multiple security vulnerabilities affecting IBM Db2 has been published in security bulletins mentioned below. Vulnerability Details Refer to the security bulletin(s) listed in the...
7.5CVSS
7.2AI Score
0.001EPSS
Intel® PROSet/Wireless WiFi and Killer™ WiFi August 2023 Security Update
Intel has informed HP of potential vulnerabilities identified in some Intel® PROSet/Wireless WiFi and Killer™ WiFi products, which might allow escalation of privilege or denial of service. Intel is releasing firmware and software updates to mitigate these potential vulnerabilities. Intel has...
8.2CVSS
7.3AI Score
0.0005EPSS
Intel Connectivity Performance Suite November 2023 Security Update
Intel has informed HP of a potential security vulnerability in the Intel® Connectivity Performance Suite software for some Intel® Wireless Products, which might allow information disclosure. Intel is releasing software updates to mitigate this potential vulnerability. Intel has released updates...
7.5CVSS
6.8AI Score
0.001EPSS
Intel Chipset Device Software November 2023 Security Update
Intel has informed HP of a potential security vulnerability in some Intel® Chipset Device Software, which might allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Intel has released updates to mitigate the potential vulnerability. HP has...
7.2AI Score
0.0004EPSS
Intel Extreme Tuning Utility (XTU) November 2023 Security Update
Intel has informed HP of a potential security vulnerability in some Intel® Extreme Tuning Utility (XTU) software, which might allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Intel has released updates to mitigate the potential...
7.8CVSS
7.2AI Score
0.0004EPSS
AMD Ryzen Master™ SDK August 2023 Security Update
AMD has informed HP of potential security vulnerabilities identified in the AMD® Ryzen Master™ SDK, which might allow arbitrary code execution, denial of service, or information disclosure. AMD has released software updates to mitigate the potential vulnerabilities. AMD has released updates to...
6.7CVSS
7.5AI Score
0.0004EPSS
Microsoft named a Leader in 2023 Gartner® Magic Quadrant™ for Access Management for the 7th year
Protecting identity from compromise is top of mind for security professionals as identity attacks continue to intensify. Earlier this year we reported that we had observed a nearly three-fold increase in password attacks per second in the last two years, from 579 in 2021 to 4,000 in 2023.1...
7.1AI Score
Microsoft named a Leader in 2023 Gartner® Magic Quadrant™ for Access Management for the 7th year
Protecting identity from compromise is top of mind for security professionals as identity attacks continue to intensify. Earlier this year we reported that we had observed a nearly three-fold increase in password attacks per second in the last two years, from 579 in 2021 to 4,000 in 2023.1...
7.2AI Score
Summary There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVE(s) listed in this document might affect some configurations of IBM WebSphere Application Server...
5.9CVSS
7.5AI Score
0.001EPSS
Summary There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVE(s) listed in this document might affect some configurations of IBM WebSphere Application Server...
3.7CVSS
5.6AI Score
0.001EPSS
New Microsoft Purview features use AI to help secure and govern all your data
In the past few years, we have witnessed how digital and cloud transformation has accelerated the growth of data. With more and more customers moving to the cloud, and with the rise of hybrid work, data usage has moved beyond the traditional borders of business. Data is now stored in multiple...
6.6AI Score
New Microsoft Purview features use AI to help secure and govern all your data
In the past few years, we have witnessed how digital and cloud transformation has accelerated the growth of data. With more and more customers moving to the cloud, and with the rise of hybrid work, data usage has moved beyond the traditional borders of business. Data is now stored in multiple...
6.6AI Score
Summary There are vulnerabilities in IBM® Java™ Version 8, IBM WebSphere Application Server Liberty and IBM® Global Security Kit (GSKit) used by IBM Planning Analytics and IBM Planning Analytics Workspace. IBM Planning Analytics 2.0.9.19 and IBM Planning Analytics Workspace 2.0.91 have addressed...
9.8CVSS
9.5AI Score
0.034EPSS
Summary All applicable Java SE CVEs published by Oracle as part of their April 2023 Critical Patch Update plus CVE-2023-2597. Following IBM® Engineering Lifecycle Engineering products are vulnerable to this attack, it has been addressed in this bulletin: ELM Installer, IBM Engineering Lifecycle...
9.1CVSS
6.5AI Score
0.001EPSS
Russian FSB Cyber Actor Star Blizzard Continues Worldwide Spear-phishing Campaigns
The Russia-based actor is targeting organizations and individuals in the UK and other geographical areas of interest. OVERVIEW The Russia-based actor Star Blizzard (formerly known as SEABORGIUM, also known as Callisto Group/TA446/COLDRIVER/TAG-53/BlueCharlie) continues to successfully use...
10AI Score
Summary IBM® Runtime Environment Java™ Version 8.0.7.0 through 8.0.7.11 used by IBM® Db2® is vulnerable to information disclosure. The fix for this issue was already published in an earlier bulletin. If you have already applied the appropriate Db2 special build or Java version 8.0.8.6 or higher...
7.5CVSS
9.1AI Score
0.002EPSS
Summary Netty is used by IBM® MobileFirst Platform. CVE-2023-34462 Vulnerability Details ** CVEID: CVE-2023-34462 DESCRIPTION: **Netty is vulnerable to a denial of service, caused by a flaw with allocating up to 16MB of heap for each channel during the TLS handshake the SniHandler class. By...
6.5CVSS
6.5AI Score
0.001EPSS
Summary IBM® Db2® is vulnerable to an information disclosure vulnerability due to the consumed GSKit library. The fix for this issue was already published in an earlier bulletin. If you have already applied the appropriate Db2 special build or installed GSKit version 8.0.55.31, which contains the.....
7.5CVSS
6AI Score
0.001EPSS
TIBCOSecurity Advisory: November 14, 2023 - TIBCO EBX -CVE-2023-26222
TIBCO EBX Cross-site Scripting (XXS) Vulnerability Original release date: November 14, 2023 Lastrevised: — CVE-2023-26222 Source: TIBCO SoftwareInc. Products Affected TIBCO EBX versions 5.9.22 and below TIBCO EBX versions 6.0.13 and below TIBCO Product and Service Catalog powered by TIBCO EBX...
5.4CVSS
5.6AI Score
0.0004EPSS
TIBCO Security Advisory: November 14, 2023 - TIBCO EBX-CVE-2023-26222
TIBCO EBX Cross-site Scripting (XXS) Vulnerability Original release date: November 14, 2023 Lastrevised: — CVE-2023-26222 Source: TIBCO SoftwareInc. Products Affected TIBCO EBX versions 5.9.22 and below TIBCO EBX versions 6.0.13 and below TIBCO Product and Service Catalog powered by TIBCO EBX...
5.4CVSS
5.7AI Score
0.0004EPSS
TIBCO Security Advisory: November 14, 2023 - TIBCO EBX-CVE-2023-26222
TIBCO EBX Cross-site Scripting (XXS) Vulnerability Original release date: November 14, 2023 Lastrevised: — CVE-2023-26222 Source: TIBCO SoftwareInc. Products Affected TIBCO EBX versions 5.9.22 and below TIBCO EBX versions 6.0.13 and below TIBCO Product and Service Catalog powered by TIBCO EBX...
8.7CVSS
5.6AI Score
0.0004EPSS
HERNDON, VA., Nov. 28, 2023 - Hive Pro®, a pioneer vendor in Threat Exposure Management, announced a strategic partnership with ICS Arabia, a front-runner in the development of Smart Cities and Digital Infrastructure in the Kingdom of Saudi Arabia and the Middle East. This partnership heralds a...
7.2AI Score
Malwarebytes consumer product roundup: The latest
At Malwarebytes, we’re constantly evolving to protect our customers. These days, our products don’t just protect you from malware, we protect your identity, defend you from ads, safeguard your social media, and keep your mobile safe too. Here are the innovations we’ve made in our products...
7.3AI Score
Summary: A potential security vulnerability in the Intel® QuickAssist Technology (QAT) software for linux may allow escalation of privilege and denial of service. Intel is releasing firmware updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2023-32641...
7.6AI Score
0.001EPSS
Summary: A potential security vulnerability in some Intel® Data Center Manager (DCM) software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2023-31273 Description: Protection mechanism failure in...
7.5AI Score
0.001EPSS
Summary: Potential security vulnerabilities in some Intel® QuickAssist Technology (QAT) software may allow information disclsoure or escalation of privilege. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2023-28741 Description:...
7.6AI Score
0.0004EPSS
Summary: A potential security vulnerability in some Intel® Extreme Tuning Utility (XTU) software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2023-34350 Description: Uncontrolled search path...
7.2AI Score
0.0004EPSS
Summary: A potential security vulnerability in some Intel® Field Programmable Gate Array (FPGA) products may allow information disclosure. Intel is releasing firmware updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2023-22327 Description: Out-of-bounds write...
6.4AI Score
0.0004EPSS
Summary: Potential security vulnerabilities in some Intel® NUC BIOS firmware may allow escalation of privilege or information disclosure. Intel is releasing firmware updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2022-34301(Non-Intel issued) Description:...
7.6AI Score
0.001EPSS
Intel® Graphics Drivers Advisory
Summary: Potential security vulnerabilities in some Intel® Graphics drivers may allow escalation of privilege, denial of service and information disclosure. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2023-29165 Description:...
7.5AI Score
0.0004EPSS
Summary: Summary: Potential security vulnerabilities in some Intel® NUC Software may allow escalation of privilege, denial of service, and information disclosure. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2023-28737...
8.7AI Score
EPSS
Summary: Potential security vulnerabilities in some Intel® One Boot Flash Update (OFU) software may allow escalation of privilege. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2023-32204 Description: Improper access control in...
7.6AI Score
0.0004EPSS
Security Bulletin: IBM® Db2® is vulnerable to insufficient audit logging. (CVE-2023-23487)
Summary IBM® Db2® is vulnerable to insufficient audit logging. Vulnerability Details ** CVEID: CVE-2023-23487 DESCRIPTION: **IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to insufficient audit logging. CVSS Base score: 4.3 CVSS Temporal Score: See: ...
4.3CVSS
6AI Score
0.001EPSS
2023.4 IPU - Intel® Processor Advisory
Summary: A potential security vulnerability in some Intel® Processors may allow escalation of privilege and/or information disclosure and/or denial of service via local access. Intel is releasing firmware updates to mitigate this potential vulnerability. Vulnerability Details: CVEID:...
7.2AI Score
0.0004EPSS
Intel® Support Android App Advisory
Summary: A potential security vulnerability in the Intel® Support android application may allow information disclosure. Intel is not releasing updates to mitigate this potential vulnerability and has issued a Product Discontinuation Notice for the Intel® Support android application. Vulnerability.....
6.3AI Score
0.0004EPSS
Intel® OpenVINO™ Software Advisory
Summary: Potential security vulnerabilities in some Intel® OpenVINO™ software may allow denial of service, information disclosure. Intel is releasing sotfware updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2023-25080 Description: Protection mechanism...
7.3AI Score
0.001EPSS
Intel® Unison™ Software Advisory
Summary: Potential security vulnerabilities in some Intel® Unison™ software may allow escalation of privilege, information disclosure or denial of service. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2023-36860 Description:...
7.9AI Score
0.001EPSS
Intel® Simics Simulator Software Advisory
Summary: A potential security vulnerability in some Intel® Simics Simulator software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2023-34314 Description: Insecure inherited permissions in some...
7.2AI Score
0.0004EPSS
Intel® Chipset Device Software Advisory
Summary: A potential security vulnerability in some Intel® Chipset Device Software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2023-28388 Description: Uncontrolled search path element in some...
7.2AI Score
0.0004EPSS
Intel® Optane™ SSD and Intel® Optane™ SSD DC Firmware Advisory
Summary: Potential security vulnerabilities in some Intel® Optane™ SSD and some Intel® Optane™ SSD DC products may allow escalation of privilege, information disclosure or denial of service. Intel is releasing firmware updates to mitigate these potential vulnerabilities. Vulnerability Details:...
7.8AI Score
0.001EPSS
Russian Foreign Intelligence Service (SVR) Exploiting JetBrains TeamCity CVE Globally
SUMMARY The U.S. Federal Bureau of Investigation (FBI), U.S. Cybersecurity & Infrastructure Security Agency (CISA), U.S. National Security Agency (NSA), Polish Military Counterintelligence Service (SKW), CERT Polska (CERT.PL), and the UK’s National Cyber Security Centre (NCSC) assess Russian...
9.8CVSS
10AI Score
0.97EPSS
Intel® Smart Campus Android App Advisory
Summary: A potential security vulnerability in the Intel® Smart Campus android application may allow denial of service. Intel is not releasing updates to mitigate this potential vulnerability and has issued a Product Discontinuation Notice for Intel® Smart Campus android application. ...
7.2AI Score
0.0004EPSS