Filter
AND

IBM Cognos Analytics9 vulnerabilities

First published (updated )
IBM-7149874

IBM Cognos Analytics log injection

high
8.6
First published (updated )
CVE-2024-25047

DoS Vulnerability in JSON-Java

high
7.5
First published (updated )
CVE-2023-5072

Apache ZooKeeper: Authorization bypass in SASL Quorum Peer Authentication

critical
9.1
First published (updated )
CVE-2023-44981

netty-handler SniHandler 16MB allocation

medium
6.5
First published (updated )
CVE-2023-34462

CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS.

high
8.1
First published (updated )
CVE-2023-31484

jsonwebtoken unrestricted key type could lead to legacy keys usage

high
8.1
First published (updated )
CVE-2022-23539

jsonwebtoken's insecure implementation of key retrieval function could lead to Forgeable Public/Private Tokens from RSA to HMAC

medium
6.3
First published (updated )
CVE-2022-23541

jsonwebtoken vulnerable to signature validation bypass due to insecure default algorithm in jwt.verify()

high
7.6
First published (updated )
CVE-2022-23540

urllib3 for python is vulnerable to a man-in-the-middle attack, caused by improper certificate valid…

medium
6.5
First published (updated )
CVE-2021-28363

IBM Cognos Analytics13 vulnerabilities

First published (updated )
IBM-7123154

IBM Cognos Analytics cross-site scripting

medium
5.4
First published (updated )
CVE-2023-43051

IBM Cognos Analytics Mobile Server denial of service

medium
6.5
First published (updated )
CVE-2022-34357

IBM Cognos Analytics cross-origin resource sharing

medium
5.3
First published (updated )
CVE-2023-30996

IBM Cognos Analytics cross-site scripting

medium
6.1
First published (updated )
CVE-2023-38359

IBM Cognos Analytics cross-site request forgery

medium
4.3
First published (updated )
CVE-2023-32344

Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK

critical
9.8
First published (updated )
CVE-2023-39410

Versions of the package tough-cookie before 4.1.3 are vulnerable to Prototype Pollution due to impro…

critical
9.8
First published (updated )
CVE-2023-26136

Excessive Resource Usage Verifying X.509 Policy Constraints

high
7.5
First published (updated )
CVE-2023-0464

Stack Overflow in Snakeyaml

medium
6.5
First published (updated )
CVE-2022-41854

AES OCB fails to encrypt some bytes

high
7.5
First published (updated )
CVE-2022-2097

An unspecified vulnerability in Java SE related to the JNDI component could allow an unauthenticated…

medium
5.3
First published (updated )
CVE-2022-21496

An unspecified vulnerability in Java SE related to the JAXP component could allow an unauthenticated…

medium
5.3
First published (updated )
CVE-2022-21299

Eclipse Openj9 could allow a remote attacker to bypass security restrictions, caused by a flaw in th…

medium
6.5
First published (updated )
CVE-2021-28167

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203