Lucene search
K

493 matches found

NVD
NVD
added 2016/02/15 2:59 a.m.16 views

CVE-2015-4991

IBM SPSS Modeler 14.2 through FP3 IF027, 15 through FP3 IF015, 16 through FP2 IF012, 17 through FP1 IF018, and 17.1 through IF008 includes unspecified cleartext data in memory dumps, which allows local users to obtain sensitive information by reading a dump file...

4CVSS3.8AI score0.00304EPSS
Exploits0References2
Prion
Prion
added 2016/02/15 2:59 a.m.13 views

Design/Logic Flaw

IBM SPSS Modeler 14.2 through FP3 IF027, 15 through FP3 IF015, 16 through FP2 IF012, 17 through FP1 IF018, and 17.1 through IF008 includes unspecified cleartext data in memory dumps, which allows local users to obtain sensitive information by reading a dump file...

2.1CVSS6AI score0.00304EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2016/02/15 2:59 a.m.1 views

CVE-2015-4991

IBM SPSS Modeler 14.2 through FP3 IF027, 15 through FP3 IF015, 16 through FP2 IF012, 17 through FP1 IF018, and 17.1 through IF008 includes unspecified cleartext data in memory dumps, which allows local users to obtain sensitive information by reading a dump file...

4CVSS5.5AI score0.00304EPSS
Exploits0References3
Cvelist
Cvelist
added 2016/02/15 2:0 a.m.19 views

CVE-2015-4991

IBM SPSS Modeler 14.2 through FP3 IF027, 15 through FP3 IF015, 16 through FP2 IF012, 17 through FP1 IF018, and 17.1 through IF008 includes unspecified cleartext data in memory dumps, which allows local users to obtain sensitive information by reading a dump file...

3.8AI score0.00304EPSS
Exploits0References2
CVE
CVE
added 2016/02/15 2:0 a.m.39 views

CVE-2015-4991

CVE-2015-4991 affects IBM SPSS Modeler (versions 14.2 FP3 IF027 and earlier; 15 FP3 IF015 and earlier; 16 FP2 IF012 and earlier; 17 FP1 IF018 and earlier; 17.1 IF008 and earlier). The issue: memory dumps contain plain text data, enabling a local attacker to read sensitive information. Impact is l...

4CVSS3.8AI score0.00304EPSS
Exploits0References2Affected Software1
OpenVAS
OpenVAS
added 2015/10/08 12:0 a.m.46 views

Oracle: Security Advisory (ELSA-2007-0327)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6AI score0.90768EPSS
Exploits5References2
NVD
NVD
added 2014/06/08 11:55 p.m.15 views

CVE-2014-3038

IBM SPSS Modeler 16.0 before 16.0.0.1 on UNIX does not properly drop group privileges, which allows local users to bypass intended file-access restrictions by leveraging 1 gid 0 or 2 root's group memberships...

3.6CVSS6.1AI score0.0033EPSS
Exploits0References4
Prion
Prion
added 2014/06/08 11:55 p.m.17 views

Design/Logic Flaw

IBM SPSS Modeler 16.0 before 16.0.0.1 on UNIX does not properly drop group privileges, which allows local users to bypass intended file-access restrictions by leveraging 1 gid 0 or 2 root's group memberships...

3.6CVSS6.6AI score0.0033EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2014/06/08 11:0 p.m.20 views

CVE-2014-3038

IBM SPSS Modeler 16.0 before 16.0.0.1 on UNIX does not properly drop group privileges, which allows local users to bypass intended file-access restrictions by leveraging 1 gid 0 or 2 root's group memberships...

6.1AI score0.0033EPSS
Exploits0References4
CVE
CVE
added 2014/06/08 11:0 p.m.44 views

CVE-2014-3038

CVE-2014-3038 affects IBM SPSS Modeler 16 on UNIX. The vulnerability arises when a spawned process retains root GID and privileged groups after authentication, allowing a local attacker to access files normally restricted to privileged users by leveraging (1) gid 0 or (2) root’s group memberships...

3.6CVSS6.3AI score0.0033EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.42 views

Oracle Linux 5 : Important: / tomcat (ELSA-2007-0327)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2007-0327 advisory. jakarta-commons-modeler-1.1-8jpp.1.0.2.el5 1.1-8jpp.1.0.2.el5 - rebuild after the fix for bug 238139 made it into the build root - Resolves: bug 238694...

5CVSS5.5AI score0.90768EPSS
Exploits5References5
NVD
NVD
added 2013/01/01 12:35 p.m.16 views

CVE-2012-5769

IBM SPSS Modeler 14.0, 14.1, 14.2 through FP3, and 15.0 before FP2 allows remote attackers to read arbitrary files, and possibly send HTTP requests to intranet servers or cause a denial of service CPU and memory consumption, via an XML external entity declaration in conjunction with an entity...

5.8CVSS6.8AI score0.01438EPSS
Exploits0References4
Cvelist
Cvelist
added 2013/01/01 11:0 a.m.21 views

CVE-2012-5769

IBM SPSS Modeler 14.0, 14.1, 14.2 through FP3, and 15.0 before FP2 allows remote attackers to read arbitrary files, and possibly send HTTP requests to intranet servers or cause a denial of service CPU and memory consumption, via an XML external entity declaration in conjunction with an entity...

6.8AI score0.01438EPSS
Exploits0References4
CVE
CVE
added 2013/01/01 11:0 a.m.36 views

CVE-2012-5769

IBM SPSS Modeler versions affected: 14.0, 14.1, 14.2 through FP3, and 15.0 before FP2. The root cause is an XML External Entity (XXE) vulnerability in XML processing that could cause sensitive data exposure (reading local/remote files) and potentially trigger requests to intranet servers or a den...

5.8CVSS7AI score0.01438EPSS
Exploits0References4Affected Software1
erpscan
erpscan
added 2010/06/08 12:0 a.m.23 views

SAP NetWeaver Workflow Modeler - Multiple XSS

Application: SAP NetWeaver Workflow Modeler Versions Affected: SAP NetWeaver NW2004s SP6 Workflow Modeler Vendor URL: http://www.sap.com Bugs: XSS Exploits: YES Reported: 06.08.2010 Vendor response: 07.08.2010 Date of Public Advisory: 12.02.2014 Reference: SAP Security Note 1860923 Author:...

0.3AI score
Exploits0
Prion
Prion
added 2008/01/23 12:0 p.m.11 views

Out-of-bounds

Unspecified vulnerability in IBM WebSphere Business Modeler Basic and Advanced 6.0.2.1 before Interim Fix 11 allows remote authenticated users to bypass intended access restrictions and delete unspecified repository resources via unknown vectors, even when they are not administrators or members o...

6CVSS6.5AI score0.01173EPSS
Exploits0References8Affected Software1
NVD
NVD
added 2008/01/23 12:0 p.m.12 views

CVE-2008-0402

Unspecified vulnerability in IBM WebSphere Business Modeler Basic and Advanced 6.0.2.1 before Interim Fix 11 allows remote authenticated users to bypass intended access restrictions and delete unspecified repository resources via unknown vectors, even when they are not administrators or members o...

6CVSS6.1AI score0.01173EPSS
Exploits0References8
Cvelist
Cvelist
added 2008/01/23 11:0 a.m.19 views

CVE-2008-0402

Unspecified vulnerability in IBM WebSphere Business Modeler Basic and Advanced 6.0.2.1 before Interim Fix 11 allows remote authenticated users to bypass intended access restrictions and delete unspecified repository resources via unknown vectors, even when they are not administrators or members o...

6.1AI score0.01173EPSS
Exploits0References8
CVE
CVE
added 2008/01/23 11:0 a.m.36 views

CVE-2008-0402

CVE-2008-0402 affects IBM WebSphere Business Modeler Basic and Advanced 6.0.2.1 prior to Interim Fix 11. It describes an unspecified vulnerability that lets remote authenticated users bypass access restrictions and delete unspecified repository resources via unknown vectors, even when not adminis...

6CVSS6.1AI score0.01173EPSS
Exploits0References8Affected Software1
NVD
NVD
added 2007/10/13 1:17 a.m.13 views

CVE-2007-5435

Unspecified vulnerability in CA ERwin Process Modeler formerly AllFusion Process Modeler 7.2 might allow user-assisted remote attackers to cause a denial of service via a crafted Data Standards File Datatype Standards File...

4.3CVSS6.5AI score0.01501EPSS
Exploits0References5
Rows per page
Query Builder