Posts by Noe

🔴IBM has issued an alert concerning a new vulnerability affecting IBM Navigator for i, identified under the reference CVE-2025-2950, this flaw is assessed with a CVSS score of 5.4/10. The problem stems from an incorrect neutralization of the content of HTTP headers in IBM Navigator for i.An authenticated user can exploit this weakness to manipulate…

🔍 Security Bulletin – IBM i: Database Access Vulnerability (CVE-2024-52895) IBM i is affected by a vulnerability that could lead to a denial of service on database access. This flaw, referenced as CVE-2024-52895, is caused by a bypass of database capacity restrictions. 📊 Basic CVSS score: 6.5 🔹 Potential impact:This vulnerability could disrupt data access…

🚨 Critical Security Alert: IBM i Vulnerability (CVE-2024-55898) – High Risk of Privilege Elevation 🚨 A major vulnerability has been identified in IBM i, exposing systems to a critical risk of elevation of privileges. This vulnerability, referenced as CVE-2024-55898, is due to an uncontrolled search path element, enabling a malicious user to take full control…

📢 IBM has issued a new security bulletin concerning IBM® SDK Java™ Technology Edition and IBM® Runtime Environment Java™ used by IBM i. 🚨 Two major vulnerabilities have been identified:✔️ Partial denial of service via Networking & Serialization components [CVE-2024-21208 & CVE-2024-21217]✔️ String length calculation error in Eclipse OpenJ9 [CVE-2024-10917] ⚠️ Vulnerability details 🔴 CVE-2024-21208…

Hello everyone, New security alert concerning a buffer overflow attack in IBM Rational Developer for i. The environment contains a debugger XML profile serialization feature called XStream. As a reminder, XStream is a Java library designed to facilitate conversion from Java to XML and vice versa. By sending a specially crafted binary input stream a…

Security bulletin: IBM PowerHA SystemMirror for IBM i is vulnerable to multiple vulnerabilities in the PowerHA Web interface. The PowerHA web interface makes it easy to manage PowerHA operations from a web browser. The IBM PowerHA SystemMirror web interface for IBM i is vulnerable to obtaining cookie values (CVE-2024-55897) and hijacking user clicks (CVE-2024-55896), as…

📢 IBM has just published a vulnerability bulletin concerning the Rational Developer for i (RDi) development environment. 🚨 Two vulnerabilities have been identified in Code Coverage:✔️ [CVE-2024-47554] Denial of Service (DoS) in the PDF Exporter module 🛑✔️[CVE-2024-45801] Remote code execution in the Reports module ⚠️ 🔎 Vulnerability details 🔴 [CVE-2024-47554] Denial of service via Apache…

📢 IBM has issued a new security bulletin concerning the IBM HTTP Server (powered by Apache).💡 Why is this important?The server is vulnerable to several attacks enabling a remote attacker to retrieve sensitive information, bypass security restrictions and manipulate server-side requests. 🔎 Vulnerability details 📂 CVE-2024-39884 – Inclusion of sensitive information in source code🔹 Impact:…

📢 IBM has published a major vulnerability affecting IBM Flexible Service Processors (FSP)[CVE-2024-45656]. This issue allows malicious users to gain service privileges on the FSP, an essential component for server out-of-band management. This vulnerability has a CVSS score of 9.8, making it a critical threat to the security of your systems. 💻 What is the…