Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Ibm Subscribe
Filtered by product Sdk
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-3956 3 Ibm, Nodejs, Npmjs 3 Sdk, Node.js, Npm 2021-06-15 5.0 MEDIUM 7.5 HIGH
The CLI in npm before 2.15.1 and 3.x before 3.8.3, as used in Node.js 0.10 before 0.10.44, 0.12 before 0.12.13, 4 before 4.4.2, and 5 before 5.10.0, includes bearer tokens with arbitrary requests, which allows remote HTTP servers to obtain sensitive information by reading Authorization headers.
CVE-2019-4732 2 Ibm, Microsoft 3 Sdk, Websphere Application Server, Windows 2020-02-06 6.9 MEDIUM 6.5 MEDIUM
IBM SDK, Java Technology Edition Version 7.0.0.0 through 7.0.10.55, 7.1.0.0 through 7.1.4.55, and 8.0.0.0 through 8.0.6.0 could allow a local authenticated attacker to execute arbitrary code on the system, caused by DLL search order hijacking vulnerability in Microsoft Windows client. By placing a specially-crafted file in a compromised folder, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 172618.
CVE-2018-1890 1 Ibm 1 Sdk 2019-10-09 4.6 MEDIUM 7.8 HIGH
IBM SDK, Java Technology Edition Version 8 on the AIX platform uses absolute RPATHs which may facilitate code injection and privilege elevation by local users. IBM X-Force ID: 152081.
CVE-2018-1656 3 Ibm, Oracle, Redhat 6 Sdk, Enterprise Manager Base Platform, Enterprise Linux Desktop and 3 more 2019-10-09 4.3 MEDIUM 6.5 MEDIUM
The IBM Java Runtime Environment's Diagnostic Tooling Framework for Java (DTFJ) (IBM SDK, Java Technology Edition 6.0 , 7.0, and 8.0) does not protect against path traversal attacks when extracting compressed dump files. IBM X-Force ID: 144882.
CVE-2017-1289 1 Ibm 1 Sdk 2018-01-04 6.4 MEDIUM 8.2 HIGH
IBM SDK, Java Technology Edition is vulnerable XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume memory resources. IBM X-Force ID: 125150.