Latest vulnerabilities for "ibm cognos analytics" 12.0.0-12.0.2

5.4

First published (updated )

CVE-2024-25041

IBM Cognos Analytics improper certificate validation

5.9

First published (updated )

CVE-2024-25053

In Clojure before 1.9.0, classes can be used to construct a serialized object that executes arbitrar…

9.8

First published (updated )

CVE-2017-20189

Apache Shiro before 1.13.0 or 2.0.0-alpha-4, may be susceptible to a path traversal attack that results in an authentication bypass when used together with path rewriting

6.6

First published (updated )

CVE-2023-46749

Last updated 11 November 2024

5.1

EPSS

0.04%

First published (updated )

CVE-2024-20945

Last updated 11 November 2024

5.9

EPSS

0.09%

First published (updated )

CVE-2024-20921

Last updated 11 November 2024

5.9

EPSS

0.05%

First published (updated )

CVE-2024-20919

Last updated 11 November 2024

5.9

EPSS

0.07%

First published (updated )

CVE-2024-20926

Use After Free

7.4

EPSS

0.08%

First published (updated )

CVE-2024-20952

Last updated 11 November 2024

7.4

EPSS

0.08%

First published (updated )

CVE-2024-20918

Ion Java StackOverflow vulnerability

7.5

EPSS

0.05%

First published (updated )

CVE-2024-21634

Input Validation

7.3

First published (updated )

CVE-2023-26159

Apache Shiro: URL Redirection to Untrusted Site ('Open Redirect') vulnerability in FORM authentication feature Apache Shiro.

7.4

First published (updated )

CVE-2023-46750

Eclipse OpenJ9 possible infinite busy hang

5.9

EPSS

0.04%

First published (updated )

CVE-2023-5676

Apache Santuario: Private Key disclosure in debug-log output

6.5

First published (updated )

CVE-2023-44483

Code Injection

5.3

First published (updated )

CVE-2023-39333

Node.js could allow a remote attacker to bypass security restrictions, caused by the circumvention o…

7.5

First published (updated )

CVE-2023-38552

Path Traversal

9.8

First published (updated )

CVE-2023-39332

Path Traversal, Input Validation

7.7

First published (updated )

CVE-2023-39331

Incorrect cipher key & IV length processing

7.5

EPSS

0.11%

First published (updated )

CVE-2023-5363

An unspecified vulnerability in Java SE related to the CORBA component could allow a remote attacker…

5.3

First published (updated )

CVE-2023-22067

An unspecified vulnerability in Java SE related to the JSSE component could allow a remote attacker …

5.3

First published (updated )

CVE-2023-22081

vm2 Sandbox Escape vulnerability

First published (updated )

CVE-2023-37466

Sandbox Escape in vm2

First published (updated )

CVE-2023-37903

vercel ms index.js parse redos

5.3

First published (updated )

CVE-2017-20162

Buffer Overflow

7.8

First published (updated )

CVE-2022-3715

Inefficient Regular Expression Complexity in moment

7.5

First published (updated )

CVE-2022-31129

Encode could allow a local authenticated attacker to gain elevated privileges on the system, caused …

7.8

First published (updated )

CVE-2021-36770

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in jquery-…

9.8

First published (updated )

CVE-2021-20086

Arbitrary Code Injection

9.8

First published (updated )

CVE-2021-23358

XSS

6.5

First published (updated )

CVE-2021-3377

In the xmlSnprintfElementContent function of valid.c, there is a possible out of bounds write. This …

8.8

First published (updated )

CVE-2018-9466

GNU C Library is vulnerable to a denial of service, caused by an error in the glob implementation. A…