High Severity

IBM Security Bulletin: IBM Domino server IMAP EXAMINE command stack buffer overflow (CVE-2017-1274)

A vulnerability in the IBM Domino server IMAP EXAMINE command potentially could be exploited by an authenticated user resulting in a stack buffer overflow. This could allow a remote attacker to execute code with the privileges of the Domino server. Current 64-bit platforms leverage ASLR (Address Space Layout Randomization) which dramatically reduces the probability of […]

Apache Struts Jakarta Multi-part Parser Code Execution (CVE-2017-5638)

On March 6, 2017 a vulnerability in the Apache Struts Jakarta Multi-part parser code execution was reported by Apache. IBM is analyzing its products to determine which ones may be affected by this vulnerability. Affected IBM products will be issuing mitigations and/or fixes as soon as possible. Please actively monitor both your IBM Support Portal […]

IBM Security Bulletin: A vulnerability in libsoup affects PowerKVM

Oct 20, 2017 10:02 am EDT | High Severity

PowerKVM is affected by a vulnerability in libsoup. IBM has now addressed this vulnerability. CVE(s): CVE-2017-2885 Affected product(s) and affected version(s): PowerKVM 3.1 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: http://www.ibm.com/support/docview.wss?uid=isg3T1025834X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/130196 ...read more


IBM Security Bulletin: Vulnerabilities in Apache HTTPD affect PowerKVM

Oct 20, 2017 10:02 am EDT | Medium Severity

PowerKVM is affected by vulnerabilities in Apache HTTPD. IBM has now addressed these vulnerabilities. CVE(s): CVE-2017-9788, CVE-2017-7679, CVE-2017-7668, CVE-2017-3169, CVE-2017-3167 Affected product(s) and affected version(s): PowerKVM 2.1 and 3.1 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: http://www.ibm.com/support/docview.wss?uid=isg3T1025773X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/128482X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/127420X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/127419X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/127417X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/127416 ...read more


IBM Security Bulletin: Multiple security vulnerabilities affect Liberty for Java for IBM Bluemix (CVE-2017-1583, CVE-2011-4343)

Oct 20, 2017 10:02 am EDT | Medium Severity

There is a potential infomation disclosure vulnerability that affects the Java Server Faces (JSF) component used by WebSphere Application Server. There is a potential infomation disclosure vulnerability that affects the MyFaces component used by JSF in WebSphere Application Server. CVE(s): CVE-2017-1583, CVE-2011-4343 Affected product(s) and affected version(s): This vulnerability affects all versions of Liberty for ...read more


IBM Security Bulletin: Vulnerabilities in MariaDB affect PowerKVM

Oct 20, 2017 10:02 am EDT | High Severity

PowerKVM is affected by vulnerabilities in MariaDB. IBM has now addressed these vulnerabilities. CVE(s): CVE-2017-3600, CVE-2017-3464, CVE-2017-3456, CVE-2017-3453, CVE-2017-3318, CVE-2017-3317, CVE-2017-3313, CVE-2017-3312, CVE-2017-3309, CVE-2017-3308, CVE-2017-3302, CVE-2017-3291, CVE-2017-3265, CVE-2017-3258, CVE-2017-3244, CVE-2017-3243, CVE-2017-3238, CVE-2016-6664, CVE-2016-5617 Affected product(s) and affected version(s): PowerKVM 3.1 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: http://www.ibm.com/support/docview.wss?uid=isg3T1025771X-Force Database: ...read more


IBM Security Bulletin: Vulnerabilities in the Linux kernel affect PowerKVM

Oct 20, 2017 10:01 am EDT | High Severity

PowerKVM is affected by vulnerabilities in the Linux Kernel. IBM has now addressed these vulnerabilities. CVE(s): CVE-2017-11600, CVE-2017-1000364, CVE-2017-7895, CVE-2017-7645, CVE-2017-7308, CVE-2017-6214, CVE-2017-5986, CVE-2017-2636, CVE-2017-2618, CVE-2017-2583, CVE-2016-10208, CVE-2016-9793, CVE-2016-8650, CVE-2016-8646, CVE-2016-7910 Affected product(s) and affected version(s): PowerKVM 3.1 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=isg3T1025779X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/129316X-Force Database: ...read more


IBM Security Bulletin: Vulnerabilities in TigerVNC affect PowerKVM

Oct 20, 2017 10:01 am EDT | High Severity

PowerKVM is affected by vulnerabilities in TigerVNC. IBM has now addressed these vulnerabilities. CVE(s): CVE-2017-7396, CVE-2017-7395, CVE-2017-7394, CVE-2017-7393, CVE-2017-7392, CVE-2017-5581, CVE-2016-10207 Affected product(s) and affected version(s): PowerKVM 2.1 and 3.1 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: http://www.ibm.com/support/docview.wss?uid=isg3T1025772X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/124254X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/124253X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/124252X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/124251X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/124250X-Force Database: ...read more


IBM Security Bulletin: Vulnerabilities in glibc affect PowerKVM

Oct 20, 2017 10:01 am EDT | Medium Severity

PowerKVM is affected by vulnerabilities in the GNU C Library (glibc). IBM has now addressed these vulnerabilities. CVE(s): CVE-2014-9761, CVE-2015-8779, CVE-2015-8778, CVE-2015-8777, CVE-2015-8776 Affected product(s) and affected version(s): PowerKVM 2.1 and 3.1 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: http://www.ibm.com/support/docview.wss?uid=isg3T1025781X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/111085X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/111087X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/111086X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/109775X-Force Database: ...read more


IBM Security Bulletin: Vulnerabilities in PostgreSQL affect PowerKVM

Oct 20, 2017 10:01 am EDT | Medium Severity

PowerKVM is affected by vulnerabilities in PostgreSQL IBM has now addressed these vulnerabilities. CVE(s): CVE-2017-7486, CVE-2017-7484 Affected product(s) and affected version(s): PowerKVM 3.1 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: http://www.ibm.com/support/docview.wss?uid=isg3T1025764X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/125926X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/125924 ...read more


IBM Security Bulletin: A vulnerability in OpenLDAP affects PowerKVM

Oct 20, 2017 10:01 am EDT | Medium Severity

PowerKVM is affected by a vulnerability in OpenLDAP. IBM has now addressed this vulnerability. CVE(s): CVE-2017-9287 Affected product(s) and affected version(s): PowerKVM 2.1 and 3.1 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: http://www.ibm.com/support/docview.wss?uid=isg3T1025766X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/126570 ...read more