Sdk@* Security Vulnerabilities and Issues — Sdk@* CVE List

Lucene search

IbmSdk*

4 matches found

CVE•added 2023/08/02 3:15 p.m.•328 views

CVE-2022-40609

IBM SDK, Java Technology Edition 7.1.5.18 and 8.0.8.0 could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw. By sending specially-crafted data, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force...

9.8CVSS9AI score0.00089EPSS

CVE•added 2020/02/03 5:15 p.m.•120 views

CVE-2019-4732

IBM SDK, Java Technology Edition Version 7.0.0.0 through 7.0.10.55, 7.1.0.0 through 7.1.4.55, and 8.0.0.0 through 8.0.6.0 could allow a local authenticated attacker to execute arbitrary code on the system, caused by DLL search order hijacking vulnerability in Microsoft Windows client. By placing a ...

7.2CVSS6.3AI score0.00164EPSS

CVE•added 2017/05/22 8:29 p.m.•73 views

CVE-2017-1289

IBM SDK, Java Technology Edition is vulnerable XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume memory resources. IBM X-Force ID: 125150.

8.2CVSS8.6AI score0.00923EPSS

CVE•added 2016/07/02 2:59 p.m.•58 views

CVE-2016-3956

The CLI in npm before 2.15.1 and 3.x before 3.8.3, as used in Node.js 0.10 before 0.10.44, 0.12 before 0.12.13, 4 before 4.4.2, and 5 before 5.10.0, includes bearer tokens with arbitrary requests, which allows remote HTTP servers to obtain sensitive information by reading Authorization headers.

7.5CVSS7.2AI score0.02387EPSS