Sdk

sdk

Vendor: Ibm • 6 CVEs

CVEs (6)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-40609 1Ibm 1Sdk Nov 21, 2024 Aug 2, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 IBM SDK, Java Technology Edition 7.1.5.18 and 8.0.8.0 could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw. By sending specially-crafted data, an attacker could...Show more IBM SDK, Java Technology Edition 7.1.5.18 and 8.0.8.0 could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw. By sending specially-crafted data, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 236069.Show less
CVE-2019-4732 1Ibm 2Sdk Websphere Application Server Nov 21, 2024 Feb 3, 2020 N/A· v4 6.5 MEDIUM· v3 6.9 MEDIUM· v2 IBM SDK, Java Technology Edition Version 7.0.0.0 through 7.0.10.55, 7.1.0.0 through 7.1.4.55, and 8.0.0.0 through 8.0.6.0 could allow a local authenticated attacker to execute arbitrary code on the system, caused by DLL...Show more IBM SDK, Java Technology Edition Version 7.0.0.0 through 7.0.10.55, 7.1.0.0 through 7.1.4.55, and 8.0.0.0 through 8.0.6.0 could allow a local authenticated attacker to execute arbitrary code on the system, caused by DLL search order hijacking vulnerability in Microsoft Windows client. By placing a specially-crafted file in a compromised folder, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 172618.Show less
CVE-2018-1890 1Ibm 1Sdk Nov 21, 2024 Mar 11, 2019 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 IBM SDK, Java Technology Edition Version 8 on the AIX platform uses absolute RPATHs which may facilitate code injection and privilege elevation by local users. IBM X-Force ID: 152081.
CVE-2018-1656 3Ibm OracleRedhat 6Enterprise Linux Desktop Enterprise Linux ServerEnterprise Linux Workstation+3 more Nov 21, 2024 Aug 20, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 The IBM Java Runtime Environment's Diagnostic Tooling Framework for Java (DTFJ) (IBM SDK, Java Technology Edition 6.0 , 7.0, and 8.0) does not protect against path traversal attacks when extracting compressed dump files....Show more The IBM Java Runtime Environment's Diagnostic Tooling Framework for Java (DTFJ) (IBM SDK, Java Technology Edition 6.0 , 7.0, and 8.0) does not protect against path traversal attacks when extracting compressed dump files. IBM X-Force ID: 144882.Show less
CVE-2017-1289 1Ibm 1Sdk May 13, 2026 May 22, 2017 N/A· v4 8.2 HIGH· v3 6.4 MEDIUM· v2 IBM SDK, Java Technology Edition is vulnerable XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume memo...Show more IBM SDK, Java Technology Edition is vulnerable XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume memory resources. IBM X-Force ID: 125150.Show less
CVE-2016-3956 3Ibm NodejsNpmjs 3Node.js NpmSdk May 6, 2026 Jul 2, 2016 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The CLI in npm before 2.15.1 and 3.x before 3.8.3, as used in Node.js 0.10 before 0.10.44, 0.12 before 0.12.13, 4 before 4.4.2, and 5 before 5.10.0, includes bearer tokens with arbitrary requests, which allows remote HTT...Show more The CLI in npm before 2.15.1 and 3.x before 3.8.3, as used in Node.js 0.10 before 0.10.44, 0.12 before 0.12.13, 4 before 4.4.2, and 5 before 5.10.0, includes bearer tokens with arbitrary requests, which allows remote HTTP servers to obtain sensitive information by reading Authorization headers.Show less