Ibm Pureapplication System — known CVE vulnerabilities
Every CVE whose affected-product data names Ibm Pureapplication System, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2015-0235 — CVSS 10.0 (critical): Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows…
CVE-2014-6158 — CVSS 9.0 (critical): Multiple directory traversal vulnerabilities in the file-upload feature in IBM PureApplication System 1.0 before 1.0.0.4 iFix 10, 1.1…
CVE-2019-4224 — CVSS 8.8 (high): IBM PureApplication System 2.2.3.0 through 2.2.5.3 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL…
CVE-2019-4241 — CVSS 7.8 (high): IBM PureApplication System 2.2.3.0 through 2.2.5.3 could allow an authenticated user with local access to bypass authentication and obtain…
CVE-2019-4235 — CVSS 7.5 (high): IBM PureApplication System 2.2.3.0 through 2.2.5.3 does not require that users should have strong passwords by default, which makes it…
CVE-2014-0960 — CVSS 6.6 (medium): IBM PureApplication System 1.0 before 1.0.0.4 cfix8 and 1.1 before 1.1.0.4 IF1 allows remote authenticated users to bypass intended access…
CVE-2019-4225 — CVSS 4.4 (medium): IBM PureApplication System 2.2.3.0 through 2.2.5.3 stores potentially sensitive information in log files that could be read by a local…
CVE-2019-4234 — CVSS 4.3 (medium): IBM PureApplication System 2.2.3.0 through 2.2.5.3 weakness in the implementation of locking feature in pattern editor. An attacker by…