Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2012-4821

Summary
Assigner-ibm
Assigner Org ID-9a959283-ebb5-44b6-b705-dcc2bbced522
Published At-11 Jan, 2013 | 00:00
Updated At-06 Aug, 2024 | 20:50
Rejected At-
Credits

Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allow remote attackers to execute arbitrary code via "insecure use" of the (1) java.lang.Class getDeclaredMethods or nd (2) java.lang.reflect.AccessibleObject setAccessible() methods.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:ibm
Assigner Org ID:9a959283-ebb5-44b6-b705-dcc2bbced522
Published At:11 Jan, 2013 | 00:00
Updated At:06 Aug, 2024 | 20:50
Rejected At:
â–¼CVE Numbering Authority (CNA)

Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allow remote attackers to execute arbitrary code via "insecure use" of the (1) java.lang.Class getDeclaredMethods or nd (2) java.lang.reflect.AccessibleObject setAccessible() methods.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www-01.ibm.com/support/docview.wss?uid=swg21616616
x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21616594
x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/78765
vdb-entry
x_refsource_XF
http://www-01.ibm.com/support/docview.wss?uid=swg21616617
x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21621154
x_refsource_CONFIRM
http://seclists.org/bugtraq/2012/Sep/38
mailing-list
x_refsource_BUGTRAQ
http://www-01.ibm.com/support/docview.wss?uid=swg21616652
x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg1IV29659
vendor-advisory
x_refsource_AIXAPAR
http://www.securityfocus.com/bid/55495
vdb-entry
x_refsource_BID
http://www-01.ibm.com/support/docview.wss?uid=swg21615800
x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21616490
x_refsource_CONFIRM
https://www-304.ibm.com/support/docview.wss?uid=swg21616546
x_refsource_CONFIRM
http://rhn.redhat.com/errata/RHSA-2012-1467.html
vendor-advisory
x_refsource_REDHAT
http://www-01.ibm.com/support/docview.wss?uid=swg21616708
x_refsource_CONFIRM
http://secunia.com/advisories/51634
third-party-advisory
x_refsource_SECUNIA
http://www-01.ibm.com/support/docview.wss?uid=swg21615705
x_refsource_CONFIRM
http://secunia.com/advisories/51326
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21616616
Resource:
x_refsource_CONFIRM
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21616594
Resource:
x_refsource_CONFIRM
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/78765
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21616617
Resource:
x_refsource_CONFIRM
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21621154
Resource:
x_refsource_CONFIRM
Hyperlink: http://seclists.org/bugtraq/2012/Sep/38
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21616652
Resource:
x_refsource_CONFIRM
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg1IV29659
Resource:
vendor-advisory
x_refsource_AIXAPAR
Hyperlink: http://www.securityfocus.com/bid/55495
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21615800
Resource:
x_refsource_CONFIRM
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21616490
Resource:
x_refsource_CONFIRM
Hyperlink: https://www-304.ibm.com/support/docview.wss?uid=swg21616546
Resource:
x_refsource_CONFIRM
Hyperlink: http://rhn.redhat.com/errata/RHSA-2012-1467.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21616708
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/51634
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21615705
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/51326
Resource:
third-party-advisory
x_refsource_SECUNIA
â–¼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www-01.ibm.com/support/docview.wss?uid=swg21616616
x_refsource_CONFIRM
x_transferred
http://www-01.ibm.com/support/docview.wss?uid=swg21616594
x_refsource_CONFIRM
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/78765
vdb-entry
x_refsource_XF
x_transferred
http://www-01.ibm.com/support/docview.wss?uid=swg21616617
x_refsource_CONFIRM
x_transferred
http://www-01.ibm.com/support/docview.wss?uid=swg21621154
x_refsource_CONFIRM
x_transferred
http://seclists.org/bugtraq/2012/Sep/38
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://www-01.ibm.com/support/docview.wss?uid=swg21616652
x_refsource_CONFIRM
x_transferred
http://www-01.ibm.com/support/docview.wss?uid=swg1IV29659
vendor-advisory
x_refsource_AIXAPAR
x_transferred
http://www.securityfocus.com/bid/55495
vdb-entry
x_refsource_BID
x_transferred
http://www-01.ibm.com/support/docview.wss?uid=swg21615800
x_refsource_CONFIRM
x_transferred
http://www-01.ibm.com/support/docview.wss?uid=swg21616490
x_refsource_CONFIRM
x_transferred
https://www-304.ibm.com/support/docview.wss?uid=swg21616546
x_refsource_CONFIRM
x_transferred
http://rhn.redhat.com/errata/RHSA-2012-1467.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www-01.ibm.com/support/docview.wss?uid=swg21616708
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/51634
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www-01.ibm.com/support/docview.wss?uid=swg21615705
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/51326
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21616616
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21616594
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/78765
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21616617
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21621154
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://seclists.org/bugtraq/2012/Sep/38
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21616652
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg1IV29659
Resource:
vendor-advisory
x_refsource_AIXAPAR
x_transferred
Hyperlink: http://www.securityfocus.com/bid/55495
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21615800
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21616490
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://www-304.ibm.com/support/docview.wss?uid=swg21616546
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://rhn.redhat.com/errata/RHSA-2012-1467.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21616708
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/51634
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21615705
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/51326
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:psirt@us.ibm.com
Published At:11 Jan, 2013 | 00:55
Updated At:29 Apr, 2026 | 01:13

Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allow remote attackers to execute arbitrary code via "insecure use" of the (1) java.lang.Class getDeclaredMethods or nd (2) java.lang.reflect.AccessibleObject setAccessible() methods.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.09.3HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
Type: Primary
Version: 2.0
Base score: 9.3
Base severity: HIGH
Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C
CPE Matches
IBM Corporation
ibm
>>java>>Versions from 1.4.2(inclusive) to 1.4.2.13.13(inclusive)
cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*
IBM Corporation
ibm
>>java>>Versions from 5.0.0.0(inclusive) to 5.0.14.0(inclusive)
cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*
IBM Corporation
ibm
>>java>>Versions from 6.0.0.0(inclusive) to 6.0.11.0(inclusive)
cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*
IBM Corporation
ibm
>>java>>Versions from 7.0.0.0(inclusive) to 7.0.2.0(inclusive)
cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*
IBM Corporation
ibm
>>lotus_domino>>8.0
cpe:2.3:a:ibm:lotus_domino:8.0:*:*:*:*:*:*:*
IBM Corporation
ibm
>>lotus_domino>>8.0.1
cpe:2.3:a:ibm:lotus_domino:8.0.1:*:*:*:*:*:*:*
IBM Corporation
ibm
>>lotus_domino>>8.0.2
cpe:2.3:a:ibm:lotus_domino:8.0.2:*:*:*:*:*:*:*
IBM Corporation
ibm
>>lotus_domino>>8.0.2.1
cpe:2.3:a:ibm:lotus_domino:8.0.2.1:*:*:*:*:*:*:*
IBM Corporation
ibm
>>lotus_domino>>8.0.2.2
cpe:2.3:a:ibm:lotus_domino:8.0.2.2:*:*:*:*:*:*:*
IBM Corporation
ibm
>>lotus_domino>>8.0.2.3
cpe:2.3:a:ibm:lotus_domino:8.0.2.3:*:*:*:*:*:*:*
IBM Corporation
ibm
>>lotus_domino>>8.0.2.4
cpe:2.3:a:ibm:lotus_domino:8.0.2.4:*:*:*:*:*:*:*
IBM Corporation
ibm
>>lotus_domino>>8.5.0
cpe:2.3:a:ibm:lotus_domino:8.5.0:*:*:*:*:*:*:*
IBM Corporation
ibm
>>lotus_domino>>8.5.0.1
cpe:2.3:a:ibm:lotus_domino:8.5.0.1:*:*:*:*:*:*:*
IBM Corporation
ibm
>>lotus_domino>>8.5.1
cpe:2.3:a:ibm:lotus_domino:8.5.1:*:*:*:*:*:*:*
IBM Corporation
ibm
>>lotus_domino>>8.5.1.1
cpe:2.3:a:ibm:lotus_domino:8.5.1.1:*:*:*:*:*:*:*
IBM Corporation
ibm
>>lotus_domino>>8.5.1.2
cpe:2.3:a:ibm:lotus_domino:8.5.1.2:*:*:*:*:*:*:*
IBM Corporation
ibm
>>lotus_domino>>8.5.1.3
cpe:2.3:a:ibm:lotus_domino:8.5.1.3:*:*:*:*:*:*:*
IBM Corporation
ibm
>>lotus_domino>>8.5.1.4
cpe:2.3:a:ibm:lotus_domino:8.5.1.4:*:*:*:*:*:*:*
IBM Corporation
ibm
>>lotus_domino>>8.5.1.5
cpe:2.3:a:ibm:lotus_domino:8.5.1.5:*:*:*:*:*:*:*
IBM Corporation
ibm
>>lotus_domino>>8.5.2.0
cpe:2.3:a:ibm:lotus_domino:8.5.2.0:*:*:*:*:*:*:*
IBM Corporation
ibm
>>lotus_domino>>8.5.2.1
cpe:2.3:a:ibm:lotus_domino:8.5.2.1:*:*:*:*:*:*:*
IBM Corporation
ibm
>>lotus_domino>>8.5.2.2
cpe:2.3:a:ibm:lotus_domino:8.5.2.2:*:*:*:*:*:*:*
IBM Corporation
ibm
>>lotus_domino>>8.5.2.3
cpe:2.3:a:ibm:lotus_domino:8.5.2.3:*:*:*:*:*:*:*
IBM Corporation
ibm
>>lotus_domino>>8.5.2.4
cpe:2.3:a:ibm:lotus_domino:8.5.2.4:*:*:*:*:*:*:*
IBM Corporation
ibm
>>lotus_domino>>8.5.3.0
cpe:2.3:a:ibm:lotus_domino:8.5.3.0:*:*:*:*:*:*:*
IBM Corporation
ibm
>>lotus_domino>>8.5.3.1
cpe:2.3:a:ibm:lotus_domino:8.5.3.1:*:*:*:*:*:*:*
IBM Corporation
ibm
>>lotus_domino>>8.5.3.2
cpe:2.3:a:ibm:lotus_domino:8.5.3.2:*:*:*:*:*:*:*
IBM Corporation
ibm
>>lotus_notes>>8.0
cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*
IBM Corporation
ibm
>>lotus_notes>>8.0.0
cpe:2.3:a:ibm:lotus_notes:8.0.0:*:*:*:*:*:*:*
IBM Corporation
ibm
>>lotus_notes>>8.0.1
cpe:2.3:a:ibm:lotus_notes:8.0.1:*:*:*:*:*:*:*
IBM Corporation
ibm
>>lotus_notes>>8.0.2
cpe:2.3:a:ibm:lotus_notes:8.0.2:*:*:*:*:*:*:*
IBM Corporation
ibm
>>lotus_notes>>8.0.2.0
cpe:2.3:a:ibm:lotus_notes:8.0.2.0:*:*:*:*:*:*:*
IBM Corporation
ibm
>>lotus_notes>>8.0.2.1
cpe:2.3:a:ibm:lotus_notes:8.0.2.1:*:*:*:*:*:*:*
IBM Corporation
ibm
>>lotus_notes>>8.0.2.2
cpe:2.3:a:ibm:lotus_notes:8.0.2.2:*:*:*:*:*:*:*
IBM Corporation
ibm
>>lotus_notes>>8.0.2.3
cpe:2.3:a:ibm:lotus_notes:8.0.2.3:*:*:*:*:*:*:*
IBM Corporation
ibm
>>lotus_notes>>8.0.2.4
cpe:2.3:a:ibm:lotus_notes:8.0.2.4:*:*:*:*:*:*:*
IBM Corporation
ibm
>>lotus_notes>>8.0.2.5
cpe:2.3:a:ibm:lotus_notes:8.0.2.5:*:*:*:*:*:*:*
IBM Corporation
ibm
>>lotus_notes>>8.0.2.6
cpe:2.3:a:ibm:lotus_notes:8.0.2.6:*:*:*:*:*:*:*
IBM Corporation
ibm
>>lotus_notes>>8.5
cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*
IBM Corporation
ibm
>>lotus_notes>>8.5.0.0
cpe:2.3:a:ibm:lotus_notes:8.5.0.0:*:*:*:*:*:*:*
IBM Corporation
ibm
>>lotus_notes>>8.5.0.1
cpe:2.3:a:ibm:lotus_notes:8.5.0.1:*:*:*:*:*:*:*
IBM Corporation
ibm
>>lotus_notes>>8.5.1
cpe:2.3:a:ibm:lotus_notes:8.5.1:*:*:*:*:*:*:*
IBM Corporation
ibm
>>lotus_notes>>8.5.1.0
cpe:2.3:a:ibm:lotus_notes:8.5.1.0:*:*:*:*:*:*:*
IBM Corporation
ibm
>>lotus_notes>>8.5.1.1
cpe:2.3:a:ibm:lotus_notes:8.5.1.1:*:*:*:*:*:*:*
IBM Corporation
ibm
>>lotus_notes>>8.5.1.2
cpe:2.3:a:ibm:lotus_notes:8.5.1.2:*:*:*:*:*:*:*
IBM Corporation
ibm
>>lotus_notes>>8.5.1.3
cpe:2.3:a:ibm:lotus_notes:8.5.1.3:*:*:*:*:*:*:*
IBM Corporation
ibm
>>lotus_notes>>8.5.1.4
cpe:2.3:a:ibm:lotus_notes:8.5.1.4:*:*:*:*:*:*:*
IBM Corporation
ibm
>>lotus_notes>>8.5.1.5
cpe:2.3:a:ibm:lotus_notes:8.5.1.5:*:*:*:*:*:*:*
IBM Corporation
ibm
>>lotus_notes>>8.5.2.0
cpe:2.3:a:ibm:lotus_notes:8.5.2.0:*:*:*:*:*:*:*
IBM Corporation
ibm
>>lotus_notes>>8.5.2.1
cpe:2.3:a:ibm:lotus_notes:8.5.2.1:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://rhn.redhat.com/errata/RHSA-2012-1467.htmlpsirt@us.ibm.com
Third Party Advisory
http://seclists.org/bugtraq/2012/Sep/38psirt@us.ibm.com
Mailing List
Third Party Advisory
http://secunia.com/advisories/51326psirt@us.ibm.com
Third Party Advisory
http://secunia.com/advisories/51634psirt@us.ibm.com
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg1IV29659psirt@us.ibm.com
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21615705psirt@us.ibm.com
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21615800psirt@us.ibm.com
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21616490psirt@us.ibm.com
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21616594psirt@us.ibm.com
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21616616psirt@us.ibm.com
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21616617psirt@us.ibm.com
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21616652psirt@us.ibm.com
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21616708psirt@us.ibm.com
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21621154psirt@us.ibm.com
Vendor Advisory
http://www.securityfocus.com/bid/55495psirt@us.ibm.com
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/78765psirt@us.ibm.com
Third Party Advisory
VDB Entry
https://www-304.ibm.com/support/docview.wss?uid=swg21616546psirt@us.ibm.com
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2012-1467.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://seclists.org/bugtraq/2012/Sep/38af854a3a-2127-422b-91ae-364da2661108
Mailing List
Third Party Advisory
http://secunia.com/advisories/51326af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/51634af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg1IV29659af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21615705af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21615800af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21616490af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21616594af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21616616af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21616617af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21616652af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21616708af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21621154af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.securityfocus.com/bid/55495af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/78765af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
https://www-304.ibm.com/support/docview.wss?uid=swg21616546af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Hyperlink: http://rhn.redhat.com/errata/RHSA-2012-1467.html
Source: psirt@us.ibm.com
Resource:
Third Party Advisory
Hyperlink: http://seclists.org/bugtraq/2012/Sep/38
Source: psirt@us.ibm.com
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://secunia.com/advisories/51326
Source: psirt@us.ibm.com
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/51634
Source: psirt@us.ibm.com
Resource:
Third Party Advisory
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg1IV29659
Source: psirt@us.ibm.com
Resource:
Vendor Advisory
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21615705
Source: psirt@us.ibm.com
Resource:
Vendor Advisory
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21615800
Source: psirt@us.ibm.com
Resource:
Vendor Advisory
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21616490
Source: psirt@us.ibm.com
Resource:
Vendor Advisory
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21616594
Source: psirt@us.ibm.com
Resource:
Vendor Advisory
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21616616
Source: psirt@us.ibm.com
Resource:
Vendor Advisory
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21616617
Source: psirt@us.ibm.com
Resource:
Vendor Advisory
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21616652
Source: psirt@us.ibm.com
Resource:
Vendor Advisory
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21616708
Source: psirt@us.ibm.com
Resource:
Vendor Advisory
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21621154
Source: psirt@us.ibm.com
Resource:
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/55495
Source: psirt@us.ibm.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/78765
Source: psirt@us.ibm.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://www-304.ibm.com/support/docview.wss?uid=swg21616546
Source: psirt@us.ibm.com
Resource:
Vendor Advisory
Hyperlink: http://rhn.redhat.com/errata/RHSA-2012-1467.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://seclists.org/bugtraq/2012/Sep/38
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://secunia.com/advisories/51326
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/51634
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg1IV29659
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21615705
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21615800
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21616490
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21616594
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21616616
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21616617
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21616652
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21616708
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21621154
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/55495
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/78765
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://www-304.ibm.com/support/docview.wss?uid=swg21616546
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

128Records found
CVE-2020-4305
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-8.1||HIGH
EPSS-1.39% / 80.47%
||
7 Day CHG~0.00%
Published-09 Jul, 2020 | 19:05
Updated-16 Sep, 2024 | 19:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 176677.

Action-Not Available
Vendor-IBM Corporation
Product-infosphere_information_server_on_cloudinfosphere_information_serverInfoSphere Information Server
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2020-4288
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-7.8||HIGH
EPSS-1.32% / 80.00%
||
7 Day CHG~0.00%
Published-14 May, 2020 | 15:50
Updated-16 Sep, 2024 | 17:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption error. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim or cause the application to crash. IBM X-Force ID: 176270.

Action-Not Available
Vendor-Microsoft CorporationIBM Corporation
Product-i2_analysts_notebookwindowsi2 Analysts Notebook
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-4422
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-7.8||HIGH
EPSS-0.97% / 76.63%
||
7 Day CHG~0.00%
Published-14 May, 2020 | 15:50
Updated-17 Sep, 2024 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially crafted file, a remote attacker could exploit this vulnerability to execute arbitrary code on the system or cause the application to crash. IBM X-Force ID: 180167.

Action-Not Available
Vendor-Microsoft CorporationIBM Corporation
Product-i2_analysts_notebookwindowsi2 Analysts Notebook
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-4343
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-7.8||HIGH
EPSS-1.95% / 83.57%
||
7 Day CHG~0.00%
Published-14 May, 2020 | 15:50
Updated-17 Sep, 2024 | 04:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially crafted file, a remote attacker could exploit this vulnerability to execute arbitrary code on the system or cause the application to crash. IBM X-Force ID: 178244.

Action-Not Available
Vendor-Microsoft CorporationIBM Corporation
Product-i2_analysts_notebookwindowsi2 Analysts Notebook
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-4302
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-5.5||MEDIUM
EPSS-1.37% / 80.30%
||
7 Day CHG~0.00%
Published-12 Oct, 2020 | 13:20
Updated-17 Sep, 2024 | 01:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to execute arbitrary code on the system, caused by a CSV injection. By persuading a victim to open a specially-crafted excel file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 176610.

Action-Not Available
Vendor-IBM Corporation
Product-cognos_analyticsCognos Analytics
CWE ID-CWE-1236
Improper Neutralization of Formula Elements in a CSV File
CVE-2020-4724
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-7.8||HIGH
EPSS-0.19% / 40.52%
||
7 Day CHG~0.00%
Published-29 Oct, 2020 | 15:50
Updated-16 Sep, 2024 | 17:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.

Action-Not Available
Vendor-IBM Corporation
Product-i2_analysts_notebooki2 Analyst Notebook
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-4467
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-7.8||HIGH
EPSS-1.32% / 80.00%
||
7 Day CHG~0.00%
Published-14 May, 2020 | 15:50
Updated-17 Sep, 2024 | 00:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by memory corruption. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim or cause the application to crash. IBM X-Force ID: 181721.

Action-Not Available
Vendor-Microsoft CorporationIBM Corporation
Product-i2_analysts_notebookwindowsi2 Analysts Notebook
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-4468
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-7.8||HIGH
EPSS-1.32% / 80.00%
||
7 Day CHG~0.00%
Published-14 May, 2020 | 15:50
Updated-16 Sep, 2024 | 18:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by memory corruption. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim or cause the application to crash. IBM X-Force ID: 181723.

Action-Not Available
Vendor-Microsoft CorporationIBM Corporation
Product-i2_analysts_notebookwindowsi2 Analysts Notebook
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-4285
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-7.8||HIGH
EPSS-1.32% / 80.00%
||
7 Day CHG~0.00%
Published-14 May, 2020 | 15:50
Updated-16 Sep, 2024 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption error. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim or cause the application to crash. IBM X-Force ID: 176266

Action-Not Available
Vendor-Microsoft CorporationIBM Corporation
Product-i2_analysts_notebookwindowsi2 Analysts Notebook
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-1552
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-5.5||MEDIUM
EPSS-1.87% / 83.22%
||
7 Day CHG~0.00%
Published-02 Nov, 2018 | 15:00
Updated-16 Sep, 2024 | 18:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Robotic Process Automation with Automation Anywhere 10.0 and 11.0 allows a remote attacker to execute arbitrary code on the system, caused by a missing restriction in which file types can be uploaded to the control room. By uploading a malicious file and tricking a victim to run it, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 142889.

Action-Not Available
Vendor-IBM Corporation
Product-robotic_process_automation_with_automation_anywhereRobotic Process Automation with Automation Anywhere
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2020-4721
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-7.8||HIGH
EPSS-0.22% / 44.23%
||
7 Day CHG~0.00%
Published-29 Oct, 2020 | 15:50
Updated-16 Sep, 2024 | 20:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 187868.

Action-Not Available
Vendor-IBM Corporation
Product-i2_analysts_notebooki2 Analyst Notebook
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-4723
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-7.8||HIGH
EPSS-0.19% / 40.52%
||
7 Day CHG~0.00%
Published-29 Oct, 2020 | 15:50
Updated-17 Sep, 2024 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 187873.

Action-Not Available
Vendor-IBM Corporation
Product-i2_analysts_notebooki2 Analyst Notebook
CWE ID-CWE-787
Out-of-bounds Write
CVE-2014-0879
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-9.3||HIGH
EPSS-22.90% / 95.93%
||
7 Day CHG~0.00%
Published-21 Mar, 2014 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the Taskmaster Capture ActiveX control in IBM Datacap Taskmaster Capture 8.0.1, and 8.1 before FP2, allows remote attackers to execute arbitrary code via unspecified vectors.

Action-Not Available
Vendor-n/aIBM Corporation
Product-datacap_taskmaster_capturen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-0455
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-9.3||HIGH
EPSS-4.91% / 89.65%
||
7 Day CHG+0.16%
Published-16 Apr, 2014 | 01:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2014-0432 and CVE-2014-2402.

Action-Not Available
Vendor-n/aCanonical Ltd.IBM CorporationOracle CorporationMicrosoft Corporation
Product-ubuntu_linuxjdkjreforms_viewerwindowsn/a
CVE-2014-0461
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-9.3||HIGH
EPSS-10.19% / 93.16%
||
7 Day CHG+0.14%
Published-16 Apr, 2014 | 01:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.

Action-Not Available
Vendor-n/aCanonical Ltd.IBM CorporationOracle CorporationMicrosoft CorporationDebian GNU/Linux
Product-debian_linuxubuntu_linuxjdkjreforms_viewerwindowsn/a
CVE-2013-6724
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-9.3||HIGH
EPSS-4.54% / 89.22%
||
7 Day CHG~0.00%
Published-01 Feb, 2014 | 15:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the vsflex8l ActiveX control in IBM SPSS SamplePower 3.0.1 before FP1 IF1 allows remote attackers to execute arbitrary code via a crafted ComboList property value.

Action-Not Available
Vendor-n/aIBM Corporation
Product-spss_samplepowern/a
CVE-2013-5456
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-9.3||HIGH
EPSS-1.80% / 82.91%
||
7 Day CHG~0.00%
Published-24 Nov, 2013 | 18:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The com.ibm.rmi.io.SunSerializableFactory class in IBM Java SDK 7.0.0 before SR6 allows remote attackers to bypass a sandbox protection mechanism and execute arbitrary code via vectors related to deserialization inside the AccessController doPrivileged block.

Action-Not Available
Vendor-n/aIBM Corporation
Product-javan/a
CVE-2013-5458
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-9.3||HIGH
EPSS-5.61% / 90.36%
||
7 Day CHG~0.00%
Published-24 Nov, 2013 | 18:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6 allows remote attackers to execute arbitrary code via unspecified vectors.

Action-Not Available
Vendor-n/aIBM Corporation
Product-javan/a
CVE-2013-5457
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-9.3||HIGH
EPSS-6.26% / 90.97%
||
7 Day CHG~0.00%
Published-24 Nov, 2013 | 18:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6, 6.0.1 before SR7, and 6.0.0 before SR15 allows remote attackers to execute arbitrary code via unspecified vectors.

Action-Not Available
Vendor-n/aIBM Corporation
Product-javan/a
CVE-2013-5369
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-9.3||HIGH
EPSS-8.92% / 92.61%
||
7 Day CHG~0.00%
Published-16 Sep, 2013 | 16:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM SPSS Analytical Decision Management 6.1 before IF1, 6.2 before IF1, and 7.0 before FP1 IF6 might allow remote attackers to execute arbitrary code by deploying and accessing a service.

Action-Not Available
Vendor-n/aIBM Corporation
Product-spss_analytical_decision_managementn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2013-3008
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-9.3||HIGH
EPSS-3.54% / 87.72%
||
7 Day CHG~0.00%
Published-23 Jul, 2013 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3006.

Action-Not Available
Vendor-n/aIBM Corporation
Product-javan/a
CVE-2013-3012
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-9.3||HIGH
EPSS-7.45% / 91.79%
||
7 Day CHG~0.00%
Published-23 Jul, 2013 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 1.4.2 before 1.4.2 SR13-FP18, 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3009 and CVE-2013-3011.

Action-Not Available
Vendor-n/aIBM Corporation
Product-javan/a
CVE-2013-3027
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-9.3||HIGH
EPSS-3.46% / 87.58%
||
7 Day CHG-0.94%
Published-09 Aug, 2013 | 19:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the DWA9W ActiveX control in iNotes in IBM Domino 9.0 before IF3 allows remote attackers to execute arbitrary code via a crafted web page, aka SPR PTHN97XHFW.

Action-Not Available
Vendor-n/aIBM Corporation
Product-lotus_dominon/a
CVE-2013-3009
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-9.3||HIGH
EPSS-4.35% / 88.98%
||
7 Day CHG~0.00%
Published-23 Jul, 2013 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The com.ibm.CORBA.iiop.ClientDelegate class in IBM Java 1.4.2 before 1.4.2 SR13-FP18, 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 improperly exposes the invoke method of the java.lang.reflect.Method class, which allows remote attackers to call setSecurityManager and bypass a sandbox protection mechanism via vectors related to the AccessController doPrivileged block.

Action-Not Available
Vendor-n/aIBM Corporation
Product-javan/a
CVE-2013-3010
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-9.3||HIGH
EPSS-3.54% / 87.72%
||
7 Day CHG~0.00%
Published-23 Jul, 2013 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 6.0.1 before 6.0.1 SR6 and 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3007.

Action-Not Available
Vendor-n/aIBM Corporation
Product-javan/a
CVE-2013-0600
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-9.3||HIGH
EPSS-0.21% / 42.96%
||
7 Day CHG~0.00%
Published-09 May, 2013 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability on IBM WebSphere DataPower XC10 Appliance devices 2.0 and 2.1 through 2.1 FP3 allows remote attackers to bypass authentication and perform administrative actions via unknown vectors.

Action-Not Available
Vendor-n/aIBM Corporation
Product-websphere_datapower_xc10_appliancewebsphere_datapower_xc10_appliance_firmwaren/a
CVE-2013-0501
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-9.3||HIGH
EPSS-0.77% / 73.67%
||
7 Day CHG~0.00%
Published-12 Apr, 2013 | 19:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The EdrawSoft EDOFFICE.EDOfficeCtrl.1 ActiveX control, as used in Edraw Office Viewer Component, the client in IBM Cognos Disclosure Management (CDM) 10.2.0, and other products, allows remote attackers to read arbitrary files, or download an arbitrary program onto a client machine and execute this program, via a crafted web site.

Action-Not Available
Vendor-n/aIBM Corporation
Product-cognos_disclosure_managementn/a
CVE-2012-5937
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-9.3||HIGH
EPSS-1.53% / 81.41%
||
7 Day CHG~0.00%
Published-12 Apr, 2013 | 19:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the CLA2 server in IBM Gentran Integration Suite 4.3, Sterling Integrator 5.0 and 5.1, and Sterling B2B Integrator 5.2, as used in IBM Sterling File Gateway 1.1 through 2.2 and other products, allows remote attackers to execute arbitrary commands via unknown vectors.

Action-Not Available
Vendor-n/aIBM Corporation
Product-sterling_b2b_integratorsterling_integratorsterling_file_gatewaygentran_integration_suiten/a
CVE-2012-6349
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-9.3||HIGH
EPSS-6.33% / 91.03%
||
7 Day CHG~0.00%
Published-18 Jul, 2013 | 16:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the .mdb parser in Autonomy KeyView IDOL, as used in IBM Notes 8.5.x before 8.5.3 FP4, allows remote attackers to execute arbitrary code via a crafted file, aka SPR KLYH92XL3W.

Action-Not Available
Vendor-autonomyn/aIBM Corporation
Product-keyview_idollotus_notesn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2008-1217
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-3.42% / 87.50%
||
7 Day CHG~0.00%
Published-09 Mar, 2008 | 02:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in nlnotes.dll in the client in IBM Lotus Notes 6.5, 7.0.x before 7.0.2 CCH, and 8.0.x before 8.0.1 allows remote attackers to execute arbitrary code via a crafted attachment in an e-mail message sent over SMTP, a variant of CVE-2007-6706.

Action-Not Available
Vendor-n/aIBM Corporation
Product-lotus_notesn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2021-38873
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.30% / 53.61%
||
7 Day CHG~0.00%
Published-24 Nov, 2021 | 16:15
Updated-17 Sep, 2024 | 02:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Planning Analytics 2.0 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 208396.

Action-Not Available
Vendor-IBM Corporation
Product-planning_analyticsPlanning Analytics
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2008-1101
Matching Score-8
Assigner-Flexera Software LLC
ShareView Details
Matching Score-8
Assigner-Flexera Software LLC
CVSS Score-9.3||HIGH
EPSS-23.46% / 96.00%
||
7 Day CHG~0.00%
Published-10 Apr, 2008 | 18:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in kvdocve.dll in the KeyView document viewing engine in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes 7.0.2 and 7.0.3, allows remote attackers to execute arbitrary code via a long pathname, as demonstrated by a long SRC attribute of an IMG element in an HTML document.

Action-Not Available
Vendor-autonomyn/aIBM Corporation
Product-keyviewlotus_notesn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2008-0066
Matching Score-8
Assigner-Flexera Software LLC
ShareView Details
Matching Score-8
Assigner-Flexera Software LLC
CVSS Score-9.3||HIGH
EPSS-27.08% / 96.40%
||
7 Day CHG~0.00%
Published-10 Apr, 2008 | 18:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in htmsr.dll in the HTML speed reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes 7.0.2 and 7.0.3, allow remote attackers to execute arbitrary code via an HTML document with (1) "large chunks of data," or a long URL in the (2) BACKGROUND attribute of a BODY element or (3) SRC attribute of an IMG element.

Action-Not Available
Vendor-autonomyn/aIBM Corporation
Product-keyviewlotus_notesn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2007-5406
Matching Score-8
Assigner-Flexera Software LLC
ShareView Details
Matching Score-8
Assigner-Flexera Software LLC
CVSS Score-9.3||HIGH
EPSS-25.81% / 96.29%
||
7 Day CHG~0.00%
Published-10 Apr, 2008 | 18:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, does not properly parse long tokens, which allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted .ag file.

Action-Not Available
Vendor-autonomyn/aSymantec CorporationIBM Corporation
Product-mail_securitykeyviewlotus_notesn/a
CVE-2007-5910
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-30.96% / 96.77%
||
7 Day CHG~0.00%
Published-10 Nov, 2007 | 02:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, wp6sr.dll in IBM Lotus Notes 8.0 and before 7.0.3, Symantec Mail Security, and other products, allows remote attackers to execute arbitrary code via a crafted WordPerfect (WPD) file.

Action-Not Available
Vendor-activepdfautonomyn/aSymantec CorporationIBM Corporation
Product-mail_securitykeyview_viewer_sdkdocconverterkeyview_export_sdklotus_noteskeyview_filter_sdkn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2007-5909
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-25.87% / 96.29%
||
7 Day CHG~0.00%
Published-10 Nov, 2007 | 02:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple stack-based buffer overflows in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, IBM Lotus Notes before 7.0.3, Symantec Mail Security, and other products, allow remote attackers to execute arbitrary code via a crafted (1) AG file to kpagrdr.dll, (2) AW file to awsr.dll, (3) DLL or (4) EXE file to exesr.dll, (5) DOC file to mwsr.dll, (6) MIF file to mifsr.dll, (7) SAM file to lasr.dll, or (8) RTF file to rtfsr.dll. NOTE: the WPD (wp6sr.dll) vector is covered by CVE-2007-5910.

Action-Not Available
Vendor-activepdfautonomyn/aSymantec CorporationIBM Corporation
Product-mail_securitykeyview_viewer_sdkdocconverterkeyview_export_sdklotus_noteskeyview_filter_sdkn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2007-5399
Matching Score-8
Assigner-Flexera Software LLC
ShareView Details
Matching Score-8
Assigner-Flexera Software LLC
CVSS Score-9.3||HIGH
EPSS-27.46% / 96.44%
||
7 Day CHG~0.00%
Published-10 Apr, 2008 | 18:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple heap-based buffer overflows in emlsr.dll in the EML reader in Autonomy (formerly Verity) KeyView 10.3.0.0, as used by IBM Lotus Notes, allow remote attackers to execute arbitrary code via a long (1) To, (2) Cc, (3) Bcc, (4) From, (5) Date, (6) Subject, (7) Priority, (8) Importance, or (9) X-MSMail-Priority header; (10) a long string at the beginning of an RFC2047 encoded-word in a header; (11) a long text string in an RFC2047 encoded-word in a header; or (12) a long Subject header, related to creation of an associated filename.

Action-Not Available
Vendor-autonomyn/aIBM Corporation
Product-keyviewlotus_notesn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2007-4474
Matching Score-8
Assigner-CERT/CC
ShareView Details
Matching Score-8
Assigner-CERT/CC
CVSS Score-9.3||HIGH
EPSS-87.30% / 99.46%
||
7 Day CHG~0.00%
Published-27 Dec, 2007 | 22:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple stack-based buffer overflows in the IBM Lotus Domino Web Access ActiveX control, as provided by inotes6.dll, inotes6w.dll, dwa7.dll, and dwa7w.dll, in Domino 6.x and 7.x allow remote attackers to execute arbitrary code, as demonstrated by an overflow from a long General_ServerName property value when calling the InstallBrowserHelperDll function in the Upload Module in the dwa7.dwa7.1 control in dwa7w.dll 7.0.34.1.

Action-Not Available
Vendor-n/aIBM Corporation
Product-domino_web_accesslotus_domino_web_accessn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2012-5945
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-9.3||HIGH
EPSS-18.99% / 95.35%
||
7 Day CHG~0.00%
Published-30 Apr, 2013 | 01:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in the Vsflex8l ActiveX control in IBM SPSS SamplePower 3.0 before FP1 allow remote attackers to execute arbitrary code via a long (1) ComboList or (2) ColComboList property value.

Action-Not Available
Vendor-n/aIBM Corporation
Product-spss_samplepowern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2012-5946
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-9.3||HIGH
EPSS-66.17% / 98.54%
||
7 Day CHG~0.00%
Published-30 Apr, 2013 | 01:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the c1sizer ActiveX control in C1sizer.ocx in IBM SPSS SamplePower 3.0 before FP1 allows remote attackers to execute arbitrary code via a long TabCaption string.

Action-Not Available
Vendor-n/aIBM Corporation
Product-spss_samplepowern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-3062
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-9.3||HIGH
EPSS-7.35% / 91.73%
||
7 Day CHG~0.00%
Published-27 Sep, 2014 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in IBM Security QRadar SIEM 7.1 MR2 and 7.2 MR2 allows remote attackers to execute arbitrary code via unknown vectors.

Action-Not Available
Vendor-n/aIBM Corporation
Product-qradar_security_information_and_event_managern/a
CVE-2012-4858
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-9.3||HIGH
EPSS-2.00% / 83.75%
||
7 Day CHG~0.00%
Published-02 Mar, 2013 | 21:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Cognos Business Intelligence (BI) 8.4.1 before IF1, 10.1 before IF2, 10.1.1 before IF2, and 10.2 before IF1 does not properly validate Java serialized input, which allows remote attackers to execute arbitrary commands via unspecified vectors.

Action-Not Available
Vendor-n/aIBM Corporation
Product-cognos_business_intelligencen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2012-4822
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-9.3||HIGH
EPSS-12.00% / 93.81%
||
7 Day CHG+0.72%
Published-11 Jan, 2013 | 00:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allow remote attackers to execute arbitrary code via vectors related to "insecure use [of] multiple methods in the java.lang.class class."

Action-Not Available
Vendor-tivoli_storage_productivity_centern/aIBM Corporation
Product-rational_change5.0lotus_dominolotus_notes_sametime5.1.15.1websphere_real_timetivoli_remote_controlrational_host_on-demandsmart_analytics_system_5600_softwaretivoli_monitoringsmart_analytics_system_5600javalotus_notesservice_delivery_managerlotus_notes_travelern/a
CVE-2007-3960
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-0.77% / 73.66%
||
7 Day CHG~0.00%
Published-24 Jul, 2007 | 18:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple unspecified vulnerabilities in IBM WebSphere Application Server (WAS) before Fix Pack 21 (6.0.2.21) have unknown impact and attack vectors, aka (1) PK33799, or (2) a "Potential security exposure" in the Samples component (PK40213).

Action-Not Available
Vendor-n/aIBM Corporation
Product-websphere_application_servern/a
CVE-2014-6140
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-9.3||HIGH
EPSS-9.34% / 92.79%
||
7 Day CHG~0.00%
Published-06 Dec, 2014 | 15:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Tivoli Endpoint Manager Mobile Device Management (MDM) before 9.0.60100 uses the same secret HMAC token across different customers' installations, which allows remote attackers to execute arbitrary code via crafted marshalled Ruby objects in cookies to (1) Enrollment and Apple iOS Management Extender, (2) Self-service portal, (3) Trusted Services provider, or (4) Admin Portal.

Action-Not Available
Vendor-n/aIBM Corporation
Product-tivoli_endpoint_manager_mobile_device_managementn/a
CVE-2007-3831
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-5.27% / 90.04%
||
7 Day CHG~0.00%
Published-17 Jul, 2007 | 21:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

PHP remote file inclusion in main.php in ISS Proventia Network IPS GX5108 1.3 and GX5008 1.5 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter.

Action-Not Available
Vendor-n/aIBM Corporation
Product-proventia_network_ips_gx5008proventia_network_ips_gx5108n/a
CVE-2014-6119
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-9.3||HIGH
EPSS-9.94% / 93.05%
||
7 Day CHG~0.00%
Published-23 Dec, 2014 | 02:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Security AppScan Enterprise 8.5 before 8.5 IFix 002, 8.6 before 8.6 IFix 004, 8.7 before 8.7 IFix 004, 8.8 before 8.8 iFix 003, 9.0 before 9.0.0.1 iFix 003, and 9.0.1 before 9.0.1 iFix 001 allows remote attackers to execute arbitrary code via a crafted executable file in an archive.

Action-Not Available
Vendor-n/aIBM Corporation
Product-security_appscansecurity_appscan_sourcen/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2007-6706
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-3.91% / 88.34%
||
7 Day CHG~0.00%
Published-09 Mar, 2008 | 02:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in nlnotes.dll in the client in IBM Lotus Notes 6.5, 7.0.x before 7.0.2 CCH or 7.0.3, and possibly 8.0 allows remote attackers to execute arbitrary code via crafted text in an e-mail message sent over SMTP.

Action-Not Available
Vendor-n/aIBM Corporation
Product-lotus_notesn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2007-0068
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-1.84% / 83.05%
||
7 Day CHG~0.00%
Published-06 Jun, 2007 | 21:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Lotus Domino 7.0.x before 7.0.3 does not revalidate the signature on a signed scheduled agent after the agent is modified, which allows remote authenticated users to gain privileges via a modified agent in a server database.

Action-Not Available
Vendor-n/aIBM Corporation
Product-lotus_dominon/a
CVE-2007-6020
Matching Score-8
Assigner-Flexera Software LLC
ShareView Details
Matching Score-8
Assigner-Flexera Software LLC
CVSS Score-9.3||HIGH
EPSS-34.74% / 97.04%
||
7 Day CHG~0.00%
Published-10 Apr, 2008 | 18:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple stack-based buffer overflows in foliosr.dll in the Folio Flat File speed reader in Autonomy (formerly Verity) KeyView 10.3.0.0, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a long attribute value in a (1) DI, (2) FD, (3) FT, (4) JD, (5) JL, (6) LE, (7) OB, (8) OD, (9) OL, (10) PN, (11) PS, (12) PW, (13) RD, (14) QL, or (15) TS tag in a .fff file.

Action-Not Available
Vendor-activepdfautonomyn/aSymantec CorporationIBM Corporation
Product-mail_securitykeyviewdocconvertermail_security_appliancelotus_notesn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
  • Previous
  • 1
  • 2
  • 3
  • Next
Details not found