IBM Patches Over 100 Vulnerabilities

IBM Patches Over 100 Vulnerabilities

Posted on By CWS

IBM this week introduced fixes for greater than 100 vulnerabilities throughout its merchandise, together with a number of critical-severity bugs. Most of them have been in third-party dependencies.

Storage Defender acquired patches for six critical-severity defects, all affecting third-party elements in Knowledge Shield (which is included in Storage Defender).

The weaknesses may result in denial-of-service (DoS) situations, reminiscence corruption, arbitrary file overwrite, and utility crashes.

One other critical-severity vulnerability was addressed in IBM Guardium Knowledge Safety’s implementation of the Apache Tomcat server. The flaw, tracked as CVE-2025-48913, may result in code execution.

IBM additionally introduced a repair for a critical-severity bug within the form-data library utilized in Maximo Software Suite, which may permit attackers to inject parameters in requests.

Edge Knowledge Collector acquired patches for a essential SQL injection defect within the Django internet framework.

IBM additionally fastened dozens of vulnerabilities in Observability with Instana (OnPrem), together with essential bugs in Tomcat, libxml2, and WebKit that would result in command execution, DoS situations, course of crashes, and different sudden conduct.

A critical-severity challenge within the Corosync library was addressed with safety updates for IBM Db2. The weak point may result in a course of crash or arbitrary code execution, if encryption is disabled or the attacker is aware of the encryption key.Commercial. Scroll to proceed studying.

A number of high- and medium-severity flaws have been additionally patched throughout Content material Collector, DataPower Operations Dashboard, License Metric Software, Planning Analytics, Watsonx Subscription, InfoSphere Data Server, StreamSets, and Db2 for Linux, UNIX and Home windows.

Further info on these vulnerabilities and the corresponding patches may be discovered on IBM’s safety bulletins web page.

Associated: Fortinet Patches Crucial Authentication Bypass Vulnerabilities

Associated: Ivanti EPM Replace Patches Crucial Distant Code Execution Flaw

Associated: Microsoft Patches 57 Vulnerabilities, Three Zero-Days

Associated: Adobe Patches Almost 140 Vulnerabilities

Security Week News Tags:, ,

Related Posts

Hawaiian Airlines Hacked as Aviation Sector Warned of Scattered Spider Attacks Hawaiian Airlines Hacked as Aviation Sector Warned of Scattered Spider Attacks Security Week News
SolarWinds Patches Three Critical Serv-U Vulnerabilities SolarWinds Patches Three Critical Serv-U Vulnerabilities Security Week News
SAP Patches Another Critical NetWeaver Vulnerability SAP Patches Another Critical NetWeaver Vulnerability Security Week News
LastPass Users Targeted With Backup-Themed Phishing Emails LastPass Users Targeted With Backup-Themed Phishing Emails Security Week News
Fortinet Warns of New Attacks Exploiting Old Vulnerability Fortinet Warns of New Attacks Exploiting Old Vulnerability Security Week News
Cryptojackers Caught Mining Monero via Exposed DevOps Infrastructure Cryptojackers Caught Mining Monero via Exposed DevOps Infrastructure Security Week News