CVE-2018-1681

CVE-2018-1681 affects IBM Data Science Experience Local. The IBM security bulletin confirms a vulnerability that could disclose highly sensitive information to a local unprivileged user. Affected versions are IBM Data Science Experience Local 1.1.0, 1.1.1, 1.1.2, 1.1.3, and 1.2.0. The remediation...

CVE-2018-1769

CVE-2018-1769 affects IBM Spectrum Protect Operations Center (formerly Tivoli Storage Manager Operations Center). The vulnerability occurs when tracing is enabled for OC_TASKS, causing the monitoring ID password to be written in plaintext to trace files. Affected versions are 8.1.0.000–8.1.6.100 ...

CVE-2018-1854

IBM Spectrum Protect Operations Center (formerly Tivoli Storage Manager Operations Center) is affected by CVE-2018-1854: a cross-site scripting vulnerability in the Web UI that can lead to credentials disclosure within a trusted session. Affected versions are 8.1.0.000–8.1.6.100 and 7.1.0.000–7.1...

CVE-2018-1589

CVE-2018-1589 is documented in IBM’s Multi-Cloud Data Encryption (MDE) security bulletin as a denial-of-service vulnerability. The issue occurs because MDE does not properly restrict the size or amount of resources requested or influenced by an actor, allowing resource consumption beyond intended...

CVE-2017-1579

CVE-2017-1579 is addressed in IBM DOORS Next Generation (DNG/RRC). The IBM Security Bulletin reports a cross-site scripting vulnerability in the Web UI of Rational DOORS Next Generation, allowing an attacker to embed arbitrary JavaScript and potentially disclose credentials within a trusted sessi...

CVE-2012-1359

CVE-2012-1359, as reserved, has a connected IBM advisory detailing multiple security vulnerabilities in IBM JRE 7.0 SR2 or earlier (and non-IBM Java 7.0 when used with Rational Functional Tester). The bulletin lists numerous CVEs (e.g., CVE-2012-3159 and related issues across JRE components such ...

CVE-2016-6109

CVE-2016-6109 is a cross-site scripting vulnerability in IBM Business Process Manager (BPM) used with IBM Cloud Orchestrator/Enterprise. IBM advisories (IBM BPM/Cloud Orchestrator links) enumerate affected BPM/Cloud Orchestrator versions and state the vulnerability allows embedding arbitrary Java...

CVE-2016-6041

IBM Tealeaf Customer Experience (IBM Tealeaf CX) is affected by CVE-2016-6041: the product does not properly secure session cookies, potentially allowing an authenticated user to obtain sensitive information. Affected versions include IBM Tealeaf CX v8.7 through v9.0.2. Remediation paths are prov...

CVE-2018-1365

Summary: CVE-2018-1365 affects IBM Cloud Event Management and IBM Alert Notification when viewed in Internet Explorer. The vulnerability allows an attacker to hijack a victim’s click actions by loading the affected console in an iframe not belonging to the system, potentially enabling further att...

CVE-2017-1797

IBM Kenexa LCMS Premier on Cloud is affected by a SQL injection vulnerability tracked as CVE-2017-1797. A remote attacker could send specially crafted SQL statements to view, add, modify, or delete data in the back-end database. Affected versions include 9.3 through 11.1; remediation is to upgrad...

CVE-2023-22245

CVE-2023-22245 is linked to Adobe Substance 3D Stager. The connected CNNVD entry reports a vulnerability in versions prior to 2.0.0 arising from an out-of-bounds write that can cause a memory leak. remediation noted by Adobe APSB23-16 involves a security update; updating to 2.0.0 or later is the ...

CVE-2021-0890

CVE-2021-0890 is listed in the Android 12 security release notes under the System category with Type: ID (information disclosure) and Severity: Moderate, corresponding to Android bug ID A-190757775. The Connected document provides the vulnerability’s categorization and severity but does not inclu...

CVE-2021-0949

Android 12 release notes include CVE-2021-0949 in the System category. Details show: CVE-2021-0949, Android bug ID A-184658476, Type: Information Disclosure (ID), Severity: Moderate. The document lists it among the Android 12 vulnerability entries with no specific exploit details or remediation v...

CVE-2021-0866

CVE-2021-0866 is listed under Android 12 Framework with type Information Disclosure (ID) and Moderate severity, referenced by Android bug ID A-184658476. The provided connected document does not include details on the root cause, affected subcomponent, impact scope, exploitability, or a fix. No r...

CVE-2021-0859

CVE-2021-0859 is listed in Android 12 security release notes under the System category with Type: ID and Severity: High. This entry confirms a vulnerability classified as Information Disclosure and indicates it is addressed as part of Android 12 updates. The Android notes state that patches will ...

CVE-2021-25279

CVE-2021-25279 is listed in Google's Pixel security bulletin under Pixel modem vulnerabilities as an Elevation of Privilege (EoP) affecting the Modem component. The entry is marked as Critical. The bulletin indicates the issue is addressed by updates at or after the 2022-03-05 security patch leve...

CVE-2021-0857

Android 12 Security Release Notes enumerate CVE-2021-0857 in the System category with Type: RCE and Severity: High? No, Moderate as per the note list. The documents do not specify the vulnerable component, root cause, or exploit details. The notes state patches for issues in Android 12 were relea...

CVE-2021-0856

CVE-2021-0856 is listed under Android 12 Framework vulnerabilities with type Elevation of Privilege (EoP) and High severity. The Android 12 security release notes include CVE-2021-0856 in the Framework section (reference A-146211400). No exploit details or root-cause description are provided in t...

CVE-2021-0853

CVE-2021-0853 is listed in the Android 12 security bulletin under the Framework component with Type: ID (Information disclosure) and Severity: Moderate . The provided document set does not include details on the root cause, affected subcomponents, specific versions, exploit vectors, or remediatio...

CVE-2021-0854

Android 12 security release notes include CVE-2021-0854 in the System group, listed as A-154501976 with type ID and severity Moderate. No further technical details, affected products, exploit info, or fixes are provided in the referenced document.