Security Bulletin: A Security Vulnerability was fixed in IBM Application Gateway.

September 27, 2022 | Medium Severity

IBM Security Application Gateway is vulnerable to cross-site scripting. This has been fixed in IBM Application Gateway 22.07 ...read more


Security Bulletin: IBM WebSphere Application Server is vulnerable to Server-Side Request Forgery (CVE-2022-35282)

September 27, 2022 | Medium Severity

IBM WebSphere Application Server is vulnerable to a server-side request forgery vulnerability. This has been addressed. ...read more


Security Bulletin: Information disclosure vulnerability in IBM QRadar User Behavior Analytics (CVE-2022-36771)

September 27, 2022 | Medium Severity

Non-Admin access to some admin level information was available if users had correct paths to the information. Checks were added to authorize access even when it is not initiated from the user interface. ...read more


Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM App Connect Enterprise and IBM Integration Bus

September 27, 2022 | Medium Severity

There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition used by IBM App Connect Enterprise and IBM Integration Bus. These issues were disclosed as part of the IBM SDK, Java Technology Edition Quarterly CPU - Apr 2022 (includes Oracle April 2022 CPU). The fix includes IBM Java SDK 8.0.7.11 ...read more


Security Bulletin: IBM PowerVM Novalink is vulnerable because IBM WebSphere Application Server Liberty vulnerable to identity spoofing by an authenticated user using a specially crafted request.

September 27, 2022 | Medium Severity

IBM PowerVM Novalink is vulnerable because IBM WebSphere Application Server Liberty vulnerable to identity spoofing by an authenticated user using a specially crafted request. (CVE-2022-22476) ...read more


Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Functional Tester

September 27, 2022 | Medium Severity

There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 1.8 and IBM® Runtime Environment Java™ Version 1.8 used by Rational Functional Tester. Rational Functional Tester has addressed the applicable CVEs. ...read more


Security Bulletin: IBM PowerVM Novalink is vulnerable because IBM WebSphere Application Server Liberty vulnerable to HTTP header injection, caused by improper validation.

September 27, 2022 | Medium Severity

IBM PowerVM Novalink is vulnerable because IBM WebSphere Application Server Liberty vulnerable to HTTP header injection, caused by improper validation. This could allow an attacker to conduct various attacks against the vulnerable system, including cache poisoning and cross-site scripting. (CVE-2022-34165) ...read more


Security Bulletin: IBM MQ Appliance is vulnerable to cross-site scripting (CVE-2022-32750)

September 27, 2022 | Medium Severity

IBM MQ Appliance has resolved a cross-site scripting vulnerability. ...read more


Security Bulletin: A vulnerability in IBM Java SDK and IBM Java Runtime affect IBM Decision Optimization Center (CVE-2022-21299)

September 27, 2022 | Medium Severity

There is a vulnerability in IBM® SDK Java™ and IBM® Runtime Environment Java™ Versions 7 & 8 used by IBM Decision Optimization Center. IBM Decision Optimization Center has addressed the applicable CVE. ...read more