CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

18 matches found

IBM Security Bulletins•added 2022/09/25 11:13 p.m.•19 views

Security bulletin: Open redirect and cross-site scripting vulnerabilities in IBM DataQuant for z/OS and IBM DataQuant for Multiplatforms help systems (CVE-2012-2159, CVE-2012-2161)

Abstract IBM DataQuant for z/OS and IBM DataQuant for Multiplatforms make use of the IBM Eclipse Help System IEHS, which has the security vulnerabilities described in this bulletin. Content VULNERABILITY DETAILS: CVE ID: CVE-2012-2159 DESCRIPTION: Some scripts used by the help system are vulnerab...

5.8CVSS8.8AI score0.00289EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2022/09/25 11:13 p.m.•34 views

Security bulletin: Potential security vulnerabilities in IBM DataQuant with JRE 6

Abstract IBM® DataQuant makes use of Java Runtime Environment JRE Version 6. This security bulletin explains how to address potential security exposures with IBM DataQuant for z/OS and IBM DataQuant for Multiplatforms due to vulnerabilities in Java Software Developer Kits. See ‘Vulnerability...

10CVSS9.8AI score0.29177EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2022/01/14 11:47 a.m.•171 views

Security Bulletin: IBM SDK Java 8.0.7.0 Update for IBM DataQuant

Summary Security Bulletin provides IBM DataQuant users with instructions for updating to Java 8.0.7.0 Vulnerability Details CVEID: CVE-2021-35560 DESCRIPTION: An unspecified vulnerability in Java SE related to the Deployment component could allow an unauthenticated attacker to take control of the...

9.8CVSS6.8AI score0.00675EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2021/09/22 11:29 p.m.•42 views

Security Bulletin: IBM SDK, Java Tech Edition Quarterly CPU Jul 2021 - Includes Oracle Jul 2021 CPU (minus CVE-2021-2341)

Summary This Security Bulletin provides steps for updating Java for IBM DataQuant. Vulnerability Details CVEID: CVE-2021-2388 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow an unauthenticated attacker to take control of the system. CVSS Base score: 7....

7.5CVSS0.3AI score0.00805EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2021/09/17 3:54 p.m.•37 views

Security Bulletin: IBM SDK, Java Tech Edition Quarterly CPU Apr 2021 + Oracle APR 2021; Jul 2021 + Oracle Jul 2021

Summary This Security Bulletin provides steps for updating Java for IBM DataQuant. Vulnerability Details CVEID: CVE-2021-2161 DESCRIPTION: An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause no confidentiality impact, high...

5.9CVSS0.2AI score0.01132EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2021/06/28 7:25 p.m.•33 views

Security Bulletin: IBM DataQuant Fix for (All) Apache PDF Box (Publicly disclosed vulnerability)

Summary Advisory ADV00321067: CVE-2021-27807 and CVE-2021-27906 Vulnerability Details CVEID: CVE-2021-27807 DESCRIPTION: Apache PDFBox is vulnerable to a denial of service, caused by an infinite loop flaw. By persuading a victim to open a specially-crafted .PDF file, a remote attacker could explo...

5.5CVSS5.7AI score0.00647EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2021/04/02 10:20 p.m.•24 views

Security Bulletin: IBM DataQuant is vulnerable to CVE-2929-2773

Summary CVE-2020-2773, an unspecified vulnerability in Java SE related to the Java SE Security component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. Vulnerability Details CVEID: CVE-2020-2773 DESCRIPTION...

4.3CVSS0.9AI score0.00601EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2021/04/02 10:14 p.m.•27 views

Security Bulletin: IBM DataQuant is vulnerable to CVE-2020-14781

Summary CVE-2020-14781 is an unspecified vulnerability in Java SE related to the JNDI component could allow an unauthenticated attacker to obtain sensitive information resulting in a low confidentiality impact using unknown attack vectors. Vulnerability Details CVEID: CVE-2020-14781 DESCRIPTION: ...

4.3CVSS0.2AI score0.00103EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2021/04/02 9:57 p.m.•41 views

Security Bulletin: IBM DataQuant is vulnerable to CVE-2020-14803

Summary CVE-2020-14803 is an unspecified vulnerability in Java SE could allow an unauthenticated attacker to obtain sensitive information resulting in a low confidentiality impact using unknown attack vectors. Vulnerability Details CVEID: CVE-2020-14803 DESCRIPTION: An unspecified vulnerability i...

9.8CVSS1.2AI score0.00727EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2021/04/02 8:44 p.m.•35 views

Security Bulletin: IBM DataQuant is vulnerable to CVE-2020-14782

Summary IBM DataQuant is vulnerable to CVE-2020-14782, an unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact. Vulnerability Details CVEID: CVE-2020-147...

4.3CVSS0.7AI score0.00144EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2021/02/12 9:29 p.m.•43 views

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Jul 2020 - Includes Oracle Jul 2020 CPU plus one additional vulnerability

Summary Steps to update JRE - IBM DataQuant Vulnerability Details CVEID: CVE-2020-14583 DESCRIPTION: An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause low confidentiality impact, low integrity impact, and no availability...

8.3CVSS0.6AI score0.01018EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2021/02/12 9:29 p.m.•22 views

Security Bulletin: CVE-2020-2590 (deferred from Oracle Jan 2020 CPU)

Summary Steps to update JRE - IBM DataQuant Vulnerability Details CVEID: CVE-2020-2590 DESCRIPTION: An unspecified vulnerability in Java SE related to the Java SE Security component could allow an unauthenticated attacker to cause no confidentiality impact, low integrity impact, and no availabili...

4.3CVSS0.00449EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2021/02/12 9:24 p.m.•28 views

Security Bulletin: CVE-2020-2601 (deferred from Oracle Jan 2020 CPU)

Summary Steps to update JRE - IBM DataQuant Vulnerability Details CVEID: CVE-2020-2601 DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the Java SE, Java SE Embedded Security component could allow an unauthenticated attacker to obtain sensitive information resulting in a hig...

6.8CVSS0.4AI score0.00637EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2021/02/12 9:24 p.m.•39 views

Security Bulletin: Public disclosured vulnerability from Apache POI

Summary IBM DataQuant has addressed the following vulnerabiltiy. Vulnerability Details Advisory CVEs: CVE-2017-12626 CVEID: CVE-2017-12626 DESCRIPTION: Apache POI is vulnerable to a denial of service, caused by an error while parsing malicious WMF, EMF, MSG and macros and specially crafted DOC, P...

7.5CVSS0.4AI score0.01114EPSS

Exploits3Affected Software1

IBM Security Bulletins•added 2021/02/12 2:22 p.m.•30 views

Security Bulletin: Public disclosured vulnerability found by vFinder: (All) Apache PDFBox

Summary IBM DataQuant has addressed the following vulnerability. Vulnerability Details Advisory CVE: CVE-2018-8036 CVEID: CVE-2018-8036 DESCRIPTION: Apache PDFBox is vulnerable to a denial of service, caused by an out of memory exception in AFMParser. By persuading a victim to open a...

7.1CVSS0.5AI score0.0066EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2021/02/12 1:59 p.m.•34 views

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM DataQuant for Workstation (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects IBM DataQuant for Workstation. Vulnerability Details CVEID: CVE-2015-4000 The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey...

4.3CVSS0.7AI score0.92346EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2021/02/11 4:57 p.m.•35 views

Security Bulletin: IBM DataQuant is affected by an Open Source Apache Poi vulnerability.

Summary IBM DataQuant has addressed the following vulnerability. Vulnerability Details Relevant CVE Information: CVEID: CVE-2017-5644 DESCRIPTION: Apache POI is vulnerable to a denial of service, cause by an XML External Entity Injection XXE error when processing XML data. By using a...

7.1CVSS0.4AI score0.0066EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2020/07/21 12:57 a.m.•40 views

Security Bulletin: SB003732

Summary Steps to update JRE - IBM DataQuant Vulnerability Details CVEID: CVE-2020-2805 DESCRIPTION: An unspecified vulnerability in Java SE related to the Java SE Libraries component could allow an unauthenticated attacker to take control of the system. CVSS Base score: 8.3 CVSS Temporal Score:...

8.3CVSS1.2AI score0.03217EPSS

Exploits0Affected Software2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by