Latest high severity vulnerabilities for "ibm watson query with cloud pak for data as a service"

IBM Data Virtualization on Cloud Pak for DataAuthorization Bypass Through User-Controlled Key in unshiftio/url-parse

high

8.8

First published (updated )

CVE-2022-0512

redhat/rh-sso7-keycloakA flaw was found in the json5 package. The affected version of the json5 package could allow an atta…

high

8.8

First published (updated )

CVE-2022-46175

IBM Data Virtualization on Cloud Pak for DataUse After Free

high

8.8

First published (updated )

CVE-2018-19827

IBM Data Virtualization on Cloud Pak for DataNull Pointer Dereference

high

8.8

First published (updated )

CVE-2018-11694

IBM Data Virtualization on Cloud Pak for DataLinkedIn dustjs prototype pollution

high

8.8

First published (updated )

CVE-2021-4264

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

IBM Data Virtualization on Cloud Pak for DataSnowflake JDBC vulnerable to command injection via SSO URL authentication

high

8.8

First published (updated )

CVE-2023-30535

IBM Data Virtualization on Cloud Pak for DataInefficient Regular Expression Complexity in get-func-name

high

8.6

First published (updated )

CVE-2023-43646

Oracle Communications EAGLE local number portability Application ProcessorInteger Overflow

high

8.6

First published (updated )

CVE-2020-10878

IBM Data Virtualization on Cloud Pak for DataAn unspecified vulnerability in Oracle MySQL related to the Connectors Connector/J component could a…

high

8.5

First published (updated )

CVE-2017-3523

IBM Data Virtualization on Cloud Pak for DataAn unspecified vulnerability in Oracle MySQL Connectors related to the Connector/J component could a…

high

8.3

First published (updated )

CVE-2023-22102

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

Oracle Communications EAGLE local number portability Application ProcessorInteger Overflow, Buffer Overflow

high

8.2

First published (updated )

CVE-2020-10543

IBM Data Virtualization on Cloud Pak for DataCritical vulnerability found in cron-utils

high

8.1

First published (updated )

CVE-2020-26238

IBM Data Virtualization on Cloud Pak for DataAn unspecified vulnerability in Oracle E-Business Suite related to the Oracle Payables component cou…

high

8.1

First published (updated )

CVE-2021-2259

IBM Data Virtualization on Cloud Pak for DataAn issue was discovered in LibSass through 3.5.4. An out-of-bounds read of a memory region was found…

high

8.1

First published (updated )

CVE-2018-11698

IBM Data Virtualization on Cloud Pak for DataA vulnerability was found in the async package. This flaw allows a malicious user to obtain privileg…

high

7.8

First published (updated )

CVE-2021-43138

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

redhat/kernelBuffer Overflow

high

7.8

First published (updated )

CVE-2022-2964

Apple iOS, iPadOS, and watchOSDouble Free, Input Validation, Race Condition, Integer Overflow

high

7.8

First published (updated )

CVE-2022-40304

Linux kernelLast updated 18 February 2025

high

7.8

First published (updated )

CVE-2022-4139

IBM Data Virtualization on Cloud Pak for DataIBM Db2 denial of service

high

7.5

First published (updated )

CVE-2023-45193

IBM Data Virtualization on Cloud Pak for DataIBM Db2 information disclosure

high

7.5

First published (updated )

CVE-2023-47152

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

IBM Data Virtualization on Cloud Pak for DataInfinite loop in JSON unmarshaling in google.golang.org/protobuf

high

7.5

EPSS

0.04%

First published (updated )

CVE-2024-24786

NetApp Baseboard Management Controller FirmwareApache OpenOffice: "Use after free" fixed in libexpat

high

7.5

First published (updated )

CVE-2022-43680

IBM Data Virtualization on Cloud Pak for DataAsync <= 2.6.4 and <= 3.2.5 are vulnerable to ReDoS (Regular Expression Denial of Service) whi…

high

7.5

First published (updated )

CVE-2024-39249

IBM Data Virtualization on Cloud Pak for DataLimited directory traversal vulnerability on Windows in golang.org/x/crypto

high

7.5

First published (updated )

CVE-2022-30636

IBM Data Virtualization on Cloud Pak for DataCertifi removes GLOBALTRUST root certificate

high

7.5

First published (updated )

CVE-2024-39689

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

IBM Data Virtualization on Cloud Pak for DataCross-site Scripting in Prism

high

7.5

First published (updated )

CVE-2022-23647

RubyFailure to strip relative path components in net/url

high

7.5

First published (updated )

CVE-2022-32190

redhat/golangLast updated 24 July 2024

high

7.5

First published (updated )

CVE-2022-27664

IBM Data Virtualization on Cloud Pak for DataBuffer Overflow

high

7.5

First published (updated )

CVE-2022-40153

IBM Data Virtualization on Cloud Pak for DataGo through 1.15.12 and 1.16.x through 1.16.4 has a golang.org/x/net/html infinite loop via crafted P…

high

7.5

First published (updated )

CVE-2021-33194

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

Versions

IBM Data Virtualization on Cloud Pak for DataAuthorization Bypass Through User-Controlled Key in unshiftio/url-parse

redhat/rh-sso7-keycloakA flaw was found in the json5 package. The affected version of the json5 package could allow an atta…

IBM Data Virtualization on Cloud Pak for DataUse After Free

IBM Data Virtualization on Cloud Pak for DataNull Pointer Dereference

IBM Data Virtualization on Cloud Pak for DataLinkedIn dustjs prototype pollution

Never miss a vulnerability like this again

IBM Data Virtualization on Cloud Pak for DataSnowflake JDBC vulnerable to command injection via SSO URL authentication

IBM Data Virtualization on Cloud Pak for DataInefficient Regular Expression Complexity in get-func-name

Oracle Communications EAGLE local number portability Application ProcessorInteger Overflow

IBM Data Virtualization on Cloud Pak for DataAn unspecified vulnerability in Oracle MySQL related to the Connectors Connector/J component could a…

IBM Data Virtualization on Cloud Pak for DataAn unspecified vulnerability in Oracle MySQL Connectors related to the Connector/J component could a…

Never miss a vulnerability like this again

Oracle Communications EAGLE local number portability Application ProcessorInteger Overflow, Buffer Overflow

IBM Data Virtualization on Cloud Pak for DataCritical vulnerability found in cron-utils

IBM Data Virtualization on Cloud Pak for DataAn unspecified vulnerability in Oracle E-Business Suite related to the Oracle Payables component cou…

IBM Data Virtualization on Cloud Pak for DataAn issue was discovered in LibSass through 3.5.4. An out-of-bounds read of a memory region was found…

IBM Data Virtualization on Cloud Pak for DataA vulnerability was found in the async package. This flaw allows a malicious user to obtain privileg…

Never miss a vulnerability like this again

redhat/kernelBuffer Overflow

Apple iOS, iPadOS, and watchOSDouble Free, Input Validation, Race Condition, Integer Overflow

Linux kernelLast updated 18 February 2025

IBM Data Virtualization on Cloud Pak for DataIBM Db2 denial of service

IBM Data Virtualization on Cloud Pak for DataIBM Db2 information disclosure

Never miss a vulnerability like this again

IBM Data Virtualization on Cloud Pak for DataInfinite loop in JSON unmarshaling in google.golang.org/protobuf

NetApp Baseboard Management Controller FirmwareApache OpenOffice: "Use after free" fixed in libexpat

IBM Data Virtualization on Cloud Pak for DataAsync <= 2.6.4 and <= 3.2.5 are vulnerable to ReDoS (Regular Expression Denial of Service) whi…

IBM Data Virtualization on Cloud Pak for DataLimited directory traversal vulnerability on Windows in golang.org/x/crypto

IBM Data Virtualization on Cloud Pak for DataCertifi removes GLOBALTRUST root certificate

Never miss a vulnerability like this again

IBM Data Virtualization on Cloud Pak for DataCross-site Scripting in Prism

RubyFailure to strip relative path components in net/url

redhat/golangLast updated 24 July 2024

IBM Data Virtualization on Cloud Pak for DataBuffer Overflow

IBM Data Virtualization on Cloud Pak for DataGo through 1.15.12 and 1.16.x through 1.16.4 has a golang.org/x/net/html infinite loop via crafted P…

Never miss a vulnerability like this again

Company

Resources

Contact

Versions

IBM Data Virtualization on Cloud Pak for DataAuthorization Bypass Through User-Controlled Key in unshiftio/url-parse

redhat/rh-sso7-keycloakA flaw was found in the json5 package. The affected version of the json5 package could allow an atta…

IBM Data Virtualization on Cloud Pak for DataUse After Free

IBM Data Virtualization on Cloud Pak for DataNull Pointer Dereference

IBM Data Virtualization on Cloud Pak for DataLinkedIn dustjs prototype pollution

Never miss a vulnerability like this again

IBM Data Virtualization on Cloud Pak for DataSnowflake JDBC vulnerable to command injection via SSO URL authentication

IBM Data Virtualization on Cloud Pak for DataInefficient Regular Expression Complexity in get-func-name

Oracle Communications EAGLE local number portability Application ProcessorInteger Overflow

IBM Data Virtualization on Cloud Pak for DataAn unspecified vulnerability in Oracle MySQL related to the Connectors Connector/J component could a…

IBM Data Virtualization on Cloud Pak for DataAn unspecified vulnerability in Oracle MySQL Connectors related to the Connector/J component could a…

Never miss a vulnerability like this again

Oracle Communications EAGLE local number portability Application ProcessorInteger Overflow, Buffer Overflow

IBM Data Virtualization on Cloud Pak for DataCritical vulnerability found in cron-utils

IBM Data Virtualization on Cloud Pak for DataAn unspecified vulnerability in Oracle E-Business Suite related to the Oracle Payables component cou…

IBM Data Virtualization on Cloud Pak for DataAn issue was discovered in LibSass through 3.5.4. An out-of-bounds read of a memory region was found…

IBM Data Virtualization on Cloud Pak for DataA vulnerability was found in the async package. This flaw allows a malicious user to obtain privileg…

Never miss a vulnerability like this again

redhat/kernelBuffer Overflow

Apple iOS, iPadOS, and watchOSDouble Free, Input Validation, Race Condition, Integer Overflow

Linux kernelLast updated 18 February 2025

IBM Data Virtualization on Cloud Pak for DataIBM Db2 denial of service

IBM Data Virtualization on Cloud Pak for DataIBM Db2 information disclosure

Never miss a vulnerability like this again

IBM Data Virtualization on Cloud Pak for DataInfinite loop in JSON unmarshaling in google.golang.org/protobuf

NetApp Baseboard Management Controller FirmwareApache OpenOffice: "Use after free" fixed in libexpat

IBM Data Virtualization on Cloud Pak for DataAsync &lt;= 2.6.4 and &lt;= 3.2.5 are vulnerable to ReDoS (Regular Expression Denial of Service) whi…

IBM Data Virtualization on Cloud Pak for DataLimited directory traversal vulnerability on Windows in golang.org/x/crypto

IBM Data Virtualization on Cloud Pak for DataCertifi removes GLOBALTRUST root certificate

Never miss a vulnerability like this again

IBM Data Virtualization on Cloud Pak for DataCross-site Scripting in Prism

RubyFailure to strip relative path components in net/url

redhat/golangLast updated 24 July 2024

IBM Data Virtualization on Cloud Pak for DataBuffer Overflow

IBM Data Virtualization on Cloud Pak for DataGo through 1.15.12 and 1.16.x through 1.16.4 has a golang.org/x/net/html infinite loop via crafted P…

Never miss a vulnerability like this again

Company

Resources

Contact

IBM Data Virtualization on Cloud Pak for DataAsync <= 2.6.4 and <= 3.2.5 are vulnerable to ReDoS (Regular Expression Denial of Service) whi…