Security Bulletin: Multiple Vulnerabilities in IBM Application Performance Management

Summary Multiple vulnerabilities were addressed in IBM Application Performance Management 8.1.4.0 IF16 patch Vulnerability Details CVEID:CVE-2023-32342 DESCRIPTION: IBM GSKit could allow a remote attacker to obtain sensitive information, caused by a timing-based side channel in the RSA Decryption...

br.com.phdigitalcode:carga_planilha (=0.0.1), com.github.kondaurovdev:apache_poi_2.11 (=0.1.1) +2 more potentially affected by CVE-2016-5000 via org.apache.poi:poi-examples (>=3.10-beta1 <=3.13)

org.apache.poi:poi-examples MAVEN version =3.10-beta1, =1.0.5, =1.0, =1.2 Source cves: CVE-2016-5000 Source advisory: OSV:GHSA-PMQQ-7WFV-JFFF...

Security Bulletin: Apache POI as used in IBM QRadar SIEM is vulnerable to various CVEs.

Summary Vulnerabilities affecting Apache Poi as used in IBM QRadar SIEM Vulnerability Details CVE-ID: CVE-2012-0213 Description: Apache POI is vulnerable to a denial of service, caused by the improper handling of memory when processing certain Channel Definition Format CDF/ Compound File Binary...

Security Bulletin: IBM Forms Experience Builder could be susceptible to Apache POI Vulnerabilities

Summary IBM Forms Experience Builder could be susceptible to allowing for a denial of service, cause by an error in Apache POI Libraries Vulnerability Details CVEID: CVE-2014-3574 DESCRIPTION: Apache POI is vulnerable to a denial of service, caused by an XML External Entity Injection XXE error wh...

Security Bulletin: IBM WebSphere Dashboard Framework is affected by a security vulnerability in Apache POI (CVE-2016-5000)

Summary Apache POI, which is bundled with IBM WebSphere Dashboard Framework, could allow a remote attacker to obtain sensitive information. Vulnerability Details IBM WebSphere Dashboard Framework WDF bundles a copy of Apache POI, which is used by the spreadsheet integration functionality. CVEID:...

CVE-2016-5000

The XLSX2CSV example in Apache POI before 3.14 allows remote attackers to read arbitrary files via a crafted OpenXML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue...

CVE-2016-5000

The CVE-2016-5000 entry concerns the XLSX2CSV example in Apache POI. The root cause is an XML External Entity (XXE) vulnerability introduced when parsing OpenXML in the XLSX2CSV path, allowing a crafted document to cause an external-entity reference to read arbitrary files. Affected products/vers...

CVE-2016-5000

The XLSX2CSV example in Apache POI before 3.14 allows remote attackers to read arbitrary files via a crafted OpenXML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue...

CVE-2016-5000

The XLSX2CSV example in Apache POI before 3.14 allows remote attackers to read arbitrary files via a crafted OpenXML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue...

CVE-2016-5000

The XLSX2CSV example in Apache POI before 3.14 allows remote attackers to read arbitrary files via a crafted OpenXML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue...