Lucene search
K

19 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/09/07 10:42 a.m.72 views

Security Bulletin: Vulnerabilities found in poi-3.9.jar which is shipped with IBM® Intelligent Operations Center [CVE-2017-12626 and X-Force ID: 220800]

Summary Multiple vulnerabilities have been identified in poi-3.9.jar which is shipped with IBM® Intelligent Operations Center. Information about these vulnerabilities affecting IBM® Intelligent Operations Center have been published which addressed the applicable CVE 2017-1262 and X-Force ID: 2208...

7.5CVSS9.4AI score0.10248EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/25 6:47 a.m.37 views

Security Bulletin: The IBM® Engineering System Design Rhapsody products on IBM Jazz Technology contains additional security fixes for X-Force ID 220800 and CVE-2017-12626

Summary Due to flaws in Apache POI, IBM® Engineering System Design Rhapsody is vulnerable to arbitrary code execution X-Force ID 220800 and denial of service CVE-2017-12626. Both vulnerabilities are fixed in v9.0.1 iFix005. Vulnerability Details CVEID:CVE-2017-12626 DESCRIPTION: Apache POI is...

7.5CVSS9.4AI score0.10248EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/04/28 6:35 p.m.26 views

Security Bulletin: Multiple vulnerabilities in IBM Jazz Team Server affect IBM Rational products based on IBM Jazz technology

Summary Multiple vulnerabilities in the IBM Jazz Team Server affecting the following IBM Rational Products: Collaborative Lifecycle Management CLM, Rational DOORS Next Generation RDNG, Rational Engineering Lifecycle Manager RELM, Rational Team Concert RTC, Rational Quality Manager RQM, Rational...

7.5CVSS0.6AI score0.10248EPSS
Exploits3Affected Software7
vulnersOsv
vulnersOsv
added 2021/01/14 7:18 p.m.6 views

ae.teletronics.nlp:entityextraction (>=1.3 <=1.4), at.iem:sysson_2.10 (=1.12.0) +2533 more potentially affected by CVE-2017-12626 via org.apache.poi:poi (>=3.0-FINAL <=3.16-beta2)

org.apache.poi:poi MAVEN version =3.0-FINAL, =1.3, =1.10.2, =1.13.0, =1.0.1, =0.0.1, =1.1.8, =2.23.5, =2.23.5, =19.1.0, =2.23.5, =18.12.0 and more Source cves: CVE-2017-12626 Source advisory: OSV:GHSA-523C-XH4G-MH5M...

7.5CVSS7.2AI score0.10248EPSS
Exploits3
IBM Security Bulletins
IBM Security Bulletins
added 2020/12/21 12:38 p.m.51 views

Security Bulletin: Apache Poi as used by IBMQRadar SIEM is vulnerable to information disclosure (CVE-2019-12415, CVE-2017-12626)

Summary Apache Poi as used by IBMQRadar SIEM is vulnerable to information disclosure Vulnerability Details CVEID: CVE-2019-12415 DESCRIPTION: Apache POI could allow a remote attacker to obtain sensitive information, caused by an XML external entity XXE error when processing XML data by tool...

7.5CVSS1.4AI score0.10248EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/07 4:58 p.m.43 views

Security Bulletin: Multiple vulnerabilities in Open Source used in IBM Cloud Pak System

Summary Multiple vulnerabilities identified in Open Source used in IBM Cloud Pak System. IBM Cloud Pak System addressed vulnerabilities. Vulnerability Details CVEID: CVE-2018-11771 DESCRIPTION: Apache Commons Compress is vulnerable to a denial of service, caused by the failure to return the corre...

9.8CVSS1.4AI score0.96121EPSS
Exploits9Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/04/20 2:38 p.m.35 views

Security Bulletin: A security vulnerability has been identified in the Apache POI, which is vulnerable to Denial of Service. (CVE-2017-12626, CVE-2017-5644)

Summary The Apache POI has security vulnerability to exploit the application through denial of service. Respective security vulnerabilities are discussed in detail in the subsequent sections. Vulnerability Details IBM Rational Asset Manager bundles Apache POI, which is used to set custom attribut...

7.5CVSS0.8AI score0.10248EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/04/13 2:43 p.m.38 views

Security Bulletin: IBM SPSS Statistics is affected by an Apache Poi vulnerability (CVE-2017-12626)

Summary IBM SPSS Statistics has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2017-12626 DESCRIPTION: Apache POI is vulnerable to a denial of service, caused by an error while parsing malicious WMF, EMF, MSG and macros and specially crafted DOC, PPT and XLS. By persuadin...

7.5CVSS1.3AI score0.10248EPSS
Exploits3Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/01/27 12:0 a.m.81 views

Oracle Application Testing Suite Multiple Vulnerabilities (Jan 2020 CPU)

The version of Oracle Application Testing Suite installed on the remote host is affected by multiple vulnerabilities : - Vulnerability in the Oracle Application Testing Suite product of Oracle Enterprise Manager component: Oracle Flow Builder Jython. Supported versions that are affected are...

9.8CVSS6.9AI score0.87218EPSS
Exploits7References8
Tenable Nessus
Tenable Nessus
added 2019/10/18 12:0 a.m.54 views

Oracle Primavera Gateway Multiple Vulnerabilities (Oct 2019 CPU)

According to its self-reported version number, the Oracle Primavera Gateway installation running on the remote web server is 15.x prior to 15.2.17, 16.x prior to 16.2.10, 17.x prior to 17.12.5, or 18.x prior to 18.8.7. It is, therefore, affected by multiple vulnerabilities: - An arbitrary file re...

9.8CVSS8.3AI score0.21949EPSS
Exploits5References5
IBM Security Bulletins
IBM Security Bulletins
added 2019/06/13 7:15 p.m.64 views

Security Bulletin: IBM Cognos Controller 2019Q2 Security Updater: Multiple vulnerabilities have been identified in IBM Cognos Controller

Summary This bulletin addresses several security vulnerabilities that are fixed in IBM Cognos Controller. There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 7 and the IBM® Runtime Environment Java™ Technology Edition, Version 8 that are used by IBM...

10CVSS0.9AI score0.73327EPSS
Exploits12Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/02/01 9:20 p.m.56 views

Security Bulletin: IBM OpenPages GRC Platform is affected by Apache POI vulnerability (CVE-2017-12626)

Summary IBM OpenPages GRC Platform has addressed Apache POI vulnerability CVE-2017-12626 Vulnerability Details CVEID: CVE-2017-12626 DESCRIPTION: Apache POI is vulnerable to a denial of service, caused by an error while parsing malicious WMF, EMF, MSG and macros and specially crafted DOC, PPT and...

7.5CVSS0.8AI score0.10248EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/08/06 4:33 p.m.32 views

Security Bulletin: eDiscovery Manager is affected by public disclosed vulnerability from Apache Poi

Summary Apache POI is vulnerable to a denial of service, caused by an error while parsing malicious WMF, EMF, MSG and macros and specially crafted DOC, PPT and XLS. By persuading a victim to open a specially crafted file, a remote attacker could exploit this vulnerability to cause the application...

7.5CVSS1.6AI score0.10248EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 3:50 p.m.37 views

Security Bulletin: Vulnerability in Apache POI affects IBM Maximo Asset Management (CVE-2017-12626)

Summary Apache POI used by IBM Maximo Asset Management is vulnerable to a denial of service, cause by an XML External Entity Injection XXE error when processing XML data. By using a specially-crafted OOXML file, a remote attacker could exploit this vulnerability to consume all available CPU...

7.5CVSS0.7AI score0.10248EPSS
Exploits3Affected Software11
Tenable Nessus
Tenable Nessus
added 2018/02/09 12:0 a.m.252 views

Apache POI < 3.17 Multiple DoS Vulnerabilities

The version of Apache POI installed on the remote host is a version prior to 3.17. It is, therefore, affected by multiple DoS vulnerabilities. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 70300 C...

7.5CVSS7.2AI score0.10248EPSS
Exploits3References2
RedhatCVE
RedhatCVE
added 2018/01/30 2:19 a.m.41 views

CVE-2017-12626

Apache POI in versions prior to release 3.17 are vulnerable to Denial of Service Attacks: 1 Infinite Loops while parsing crafted WMF, EMF, MSG and macros POI bugs 61338 and 61294, and 2 Out of Memory Exceptions while parsing crafted DOC, PPT and XLS POI bugs 52372 and 61295...

7.5CVSS3.8AI score0.10248EPSS
Exploits3References1
OSV
OSV
added 2018/01/29 5:29 p.m.26 views

CVE-2017-12626

Apache POI in versions prior to release 3.17 are vulnerable to Denial of Service Attacks: 1 Infinite Loops while parsing crafted WMF, EMF, MSG and macros POI bugs 61338 and 61294, and 2 Out of Memory Exceptions while parsing crafted DOC, PPT and XLS POI bugs 52372 and 61295...

7.5CVSS7.8AI score
Exploits0References11
Cvelist
Cvelist
added 2018/01/29 5:0 p.m.21 views

CVE-2017-12626

Apache POI in versions prior to release 3.17 are vulnerable to Denial of Service Attacks: 1 Infinite Loops while parsing crafted WMF, EMF, MSG and macros POI bugs 61338 and 61294, and 2 Out of Memory Exceptions while parsing crafted DOC, PPT and XLS POI bugs 52372 and 61295...

8.5AI score0.10248EPSS
Exploits3References11
Debian CVE
Debian CVE
added 2018/01/29 5:0 p.m.47 views

CVE-2017-12626

Apache POI in versions prior to release 3.17 are vulnerable to Denial of Service Attacks: 1 Infinite Loops while parsing crafted WMF, EMF, MSG and macros POI bugs 61338 and 61294, and 2 Out of Memory Exceptions while parsing crafted DOC, PPT and XLS POI bugs 52372 and 61295...

7.5CVSS7.7AI score0.10248EPSS
Exploits3
Rows per page
Query Builder