322 matches found
Security Bulletin: IBM Operations Analytics - Log Analysis is affected by potential data integrity and denial of service due to Apache POI
Summary Apache POI in Apache Solr is used by IBM Operations Analytics - Log Analysis as part of extracting text and metadata from document files. CVE‑2022‑26336, CVE‑2025‑31672 Vulnerability Details CVEID:CVE-2025-31672 DESCRIPTION: Improper Input Validation vulnerability in Apache POI. The issue...
Security Bulletin:IBM Storage Protect Server is affected by a vulnerability in the Apache POI library that could lead to denial-of-service when processing specially crafted archive files (CVE-2019-12415).
Summary IBM Storage Protect Server uses the Apache POI library in certain components; this library is vulnerable to processing specially crafted archive files that may cause excessive memory allocation, potentially leading to a denial-of-service condition. Vulnerability Details CVEID:CVE-2019-124...
Security Bulletin: IBM Operational Decision Manager for March 2026 - Multiple CVEs addressed
Summary IBM Operational Decision Manager is vulnerable to multiple remote code execution and denial of service attacks in third party and open source used in the product for various functions. See full list below. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2025-41254...
OSV-2026-297 Security exception in org.apache.poi.util.IOUtils.safelyAllocate
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=486522036 Crash type: Security exception Crash state: org.apache.poi.util.IOUtils.safelyAllocate org.apache.poi.hssf.record.RecordInputStream.readRemainder org.apache.poi.hssf.record.UnknownRecord...
OSV-2026-177 Security exception in org.apache.poi.util.IOUtils.safelyAllocate
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=479908886 Crash type: Security exception Crash state: org.apache.poi.util.IOUtils.safelyAllocate org.apache.poi.hssf.record.RecordInputStream.readRemainder org.apache.poi.hssf.record.UnknownRecord...
Security Bulletin: IBM Engineering Lifecycle Management - Jazz Foundation is impacted by vulnerabilities in Apache POI
Summary A vulnerabilitiy has been identified in Apache POI, which is used in IBM Engineering Lifecycle Management - Jazz Foundation. Vulnerability Details CVEID:CVE-2025-31672 DESCRIPTION: Improper Input Validation vulnerability in Apache POI. The issue affects the parsing of OOXML format files...
Oracle Business Intelligence Enterprise Edition (12.2.1.4) (January 2026 CPU)
The version of Oracle Business Intelligence Enterprise Edition 12.2.1.4 installed on the remote host is affected by multiple vulnerabilities as referenced in the January 2026 CPU advisory. - Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics component...
OSV-2026-87 Security exception in org.apache.poi.util.IOUtils.safelyAllocate
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=476184826 Crash type: Security exception Crash state: org.apache.poi.util.IOUtils.safelyAllocate org.apache.poi.ddf.EscherComplexProperty.ensureComplexData org.apache.poi.ddf.EscherComplexProperty.getComplexData...
OSV-2025-1061 Security exception in org.apache.poi.hssf.record.aggregates.SharedValueManager$SharedFormulaGroup.<ini
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=476431391 Crash type: Security exception Crash state: org.apache.poi.hssf.record.aggregates.SharedValueManager$SharedFormulaGroup. org.apache.poi.hssf.record.aggregates.SharedValueManager.create...
SAP BusinessObjects Business Intelligence Platform Deserialization (3617142)
The version of SAP BusinessObjects Business Intelligence Platform installed on the remote host is prior to 2025 SP000 000500, 4.3 SP004 001400, or 4.3 SP005 000200. It is, therefore, affected by a vulnerability as referenced in the 3617142 advisory. - Improper Input Validation vulnerability in...
EUVD-2021-0489
Malware in sbrugna...
EUVD-2022-4799
Malicious code in bioql PyPI...
EUVD-2022-4891
Malicious code in bioql PyPI...
EUVD-2022-2955
Malicious code in bioql PyPI...
EUVD-2025-10668
Malicious code in bioql PyPI...
EUVD-2022-5754
Malicious code in bioql PyPI...
EUVD-2022-3406
Malicious code in bioql PyPI...
EUVD-2022-1590
Malicious code in bioql PyPI...
EUVD-2022-1484
Malicious code in bioql PyPI...
Security Bulletin: IBM InfoSphere Information Server is affected by an improper input validation vulnerability in Apache POI (CVE-2025-31672)
Summary An improper input validation vulnerability in Apache POI that is used by InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2025-31672 DESCRIPTION: Improper Input Validation vulnerability in Apache POI. The issue affects the parsing of OOXML format files like xls...