June 4, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Multiple Adobe Photoshop Vulnerabilities
May 15, 2025
CVE-2025-4664 – Google Chrome Vulnerability
May 15, 2025
Multiple Adobe Photoshop Vulnerabilities
May 15, 2025
CVE-2025-4664 – Google Chrome Vulnerability
May 15, 2025
Severity
Medium
Analysis Summary
CVE-2025-2900 CVSS:7.5
IBM Semeru Runtime is vulnerable to a denial of service caused by a buffer overflow and subsequent crash, due to a defect in its native AES/CBC encryption implementation.
CVE-2025-33104 CVSS:4.4
IBM WebSphere Application Server is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Impact
- Buffer Overflow
- Cross-Site Scripting
Indicators of Compromise
CVE
CVE-2025-2900
CVE-2025-33104
Affected Vendors
- IBM
Affected Products
- IBM Semeru Runtime - 11.0.12.0 - 11.0.26.0
- IBM Websphere Application Server - 8.5
- IBM Websphere Application Server - 9.0
- IBM Semeru Runtime - 8.0.302.0 - 8.0.442.0
- IBM Semeru Runtime - 17.0.0.0 - 17.0.14.0
- IBM Semeru Runtime - 21.0.0.0 - 21.06.0
Remediation
Refer to IBM Security Advisory for patch, upgrade or suggested workaround information.
