493 matches found
CVE-2015-4991
IBM SPSS Modeler 14.2 through FP3 IF027, 15 through FP3 IF015, 16 through FP2 IF012, 17 through FP1 IF018, and 17.1 through IF008 includes unspecified cleartext data in memory dumps, which allows local users to obtain sensitive information by reading a dump file...
Design/Logic Flaw
IBM SPSS Modeler 14.2 through FP3 IF027, 15 through FP3 IF015, 16 through FP2 IF012, 17 through FP1 IF018, and 17.1 through IF008 includes unspecified cleartext data in memory dumps, which allows local users to obtain sensitive information by reading a dump file...
CVE-2015-4991
IBM SPSS Modeler 14.2 through FP3 IF027, 15 through FP3 IF015, 16 through FP2 IF012, 17 through FP1 IF018, and 17.1 through IF008 includes unspecified cleartext data in memory dumps, which allows local users to obtain sensitive information by reading a dump file...
CVE-2015-4991
IBM SPSS Modeler 14.2 through FP3 IF027, 15 through FP3 IF015, 16 through FP2 IF012, 17 through FP1 IF018, and 17.1 through IF008 includes unspecified cleartext data in memory dumps, which allows local users to obtain sensitive information by reading a dump file...
CVE-2015-4991
CVE-2015-4991 affects IBM SPSS Modeler (versions 14.2 FP3 IF027 and earlier; 15 FP3 IF015 and earlier; 16 FP2 IF012 and earlier; 17 FP1 IF018 and earlier; 17.1 IF008 and earlier). The issue: memory dumps contain plain text data, enabling a local attacker to read sensitive information. Impact is l...
Oracle: Security Advisory (ELSA-2007-0327)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2014-3038
IBM SPSS Modeler 16.0 before 16.0.0.1 on UNIX does not properly drop group privileges, which allows local users to bypass intended file-access restrictions by leveraging 1 gid 0 or 2 root's group memberships...
Design/Logic Flaw
IBM SPSS Modeler 16.0 before 16.0.0.1 on UNIX does not properly drop group privileges, which allows local users to bypass intended file-access restrictions by leveraging 1 gid 0 or 2 root's group memberships...
CVE-2014-3038
IBM SPSS Modeler 16.0 before 16.0.0.1 on UNIX does not properly drop group privileges, which allows local users to bypass intended file-access restrictions by leveraging 1 gid 0 or 2 root's group memberships...
CVE-2014-3038
CVE-2014-3038 affects IBM SPSS Modeler 16 on UNIX. The vulnerability arises when a spawned process retains root GID and privileged groups after authentication, allowing a local attacker to access files normally restricted to privileged users by leveraging (1) gid 0 or (2) root’s group memberships...
Oracle Linux 5 : Important: / tomcat (ELSA-2007-0327)
The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2007-0327 advisory. jakarta-commons-modeler-1.1-8jpp.1.0.2.el5 1.1-8jpp.1.0.2.el5 - rebuild after the fix for bug 238139 made it into the build root - Resolves: bug 238694...
CVE-2012-5769
IBM SPSS Modeler 14.0, 14.1, 14.2 through FP3, and 15.0 before FP2 allows remote attackers to read arbitrary files, and possibly send HTTP requests to intranet servers or cause a denial of service CPU and memory consumption, via an XML external entity declaration in conjunction with an entity...
CVE-2012-5769
IBM SPSS Modeler 14.0, 14.1, 14.2 through FP3, and 15.0 before FP2 allows remote attackers to read arbitrary files, and possibly send HTTP requests to intranet servers or cause a denial of service CPU and memory consumption, via an XML external entity declaration in conjunction with an entity...
CVE-2012-5769
IBM SPSS Modeler versions affected: 14.0, 14.1, 14.2 through FP3, and 15.0 before FP2. The root cause is an XML External Entity (XXE) vulnerability in XML processing that could cause sensitive data exposure (reading local/remote files) and potentially trigger requests to intranet servers or a den...
SAP NetWeaver Workflow Modeler - Multiple XSS
Application: SAP NetWeaver Workflow Modeler Versions Affected: SAP NetWeaver NW2004s SP6 Workflow Modeler Vendor URL: http://www.sap.com Bugs: XSS Exploits: YES Reported: 06.08.2010 Vendor response: 07.08.2010 Date of Public Advisory: 12.02.2014 Reference: SAP Security Note 1860923 Author:...
Out-of-bounds
Unspecified vulnerability in IBM WebSphere Business Modeler Basic and Advanced 6.0.2.1 before Interim Fix 11 allows remote authenticated users to bypass intended access restrictions and delete unspecified repository resources via unknown vectors, even when they are not administrators or members o...
CVE-2008-0402
Unspecified vulnerability in IBM WebSphere Business Modeler Basic and Advanced 6.0.2.1 before Interim Fix 11 allows remote authenticated users to bypass intended access restrictions and delete unspecified repository resources via unknown vectors, even when they are not administrators or members o...
CVE-2008-0402
Unspecified vulnerability in IBM WebSphere Business Modeler Basic and Advanced 6.0.2.1 before Interim Fix 11 allows remote authenticated users to bypass intended access restrictions and delete unspecified repository resources via unknown vectors, even when they are not administrators or members o...
CVE-2008-0402
CVE-2008-0402 affects IBM WebSphere Business Modeler Basic and Advanced 6.0.2.1 prior to Interim Fix 11. It describes an unspecified vulnerability that lets remote authenticated users bypass access restrictions and delete unspecified repository resources via unknown vectors, even when not adminis...
CVE-2007-5435
Unspecified vulnerability in CA ERwin Process Modeler formerly AllFusion Process Modeler 7.2 might allow user-assisted remote attackers to cause a denial of service via a crafted Data Standards File Datatype Standards File...