cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-27267,https://securityvulnerability.io/vulnerability/CVE-2024-27267,Remote Denial of Service in IBM SDK Java Technology Edition,"The Object Request Broker (ORB) within IBM SDK, Java Technology Edition versions 7.1.0.0 through 7.1.5.18 and 8.0.0.0 through 8.0.8.26 is susceptible to a remote denial of service attack. This vulnerability arises from a race condition in the management of ORB listener threads, which may allow an attacker to disrupt service availability remotely. Organizations using the affected versions should implement appropriate mitigations and consider upgrading to secure versions.",IBM,Java Sdk,5.9,MEDIUM,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-08-14T16:15:00.000Z,0
CVE-2023-38264,https://securityvulnerability.io/vulnerability/CVE-2023-38264,IBM SDK Vulnerable to Denial of Service Attack,"The IBM SDK, Java Technology Edition, specifically in its Object Request Broker (ORB) components across various versions, is susceptible to denial of service attacks under certain conditions. This vulnerability arises from improper enforcement of the JEP 290 MaxRef and MaxDepth deserialization filters, potentially allowing attackers to exploit this flaw and disrupt service availability. Immediate attention and remediation are recommended to mitigate risks associated with this vulnerability.",IBM,"Sdk, Java Technology Edition",5.9,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-05-14T13:21:00.000Z,0
CVE-2022-40609,https://securityvulnerability.io/vulnerability/CVE-2022-40609,"IBM SDK, Java Technology Edition code execution","The IBM SDK, Java Technology Edition versions 7.1.5.18 and 8.0.8.0 are vulnerable due to an unsafe deserialization flaw that could enable a remote attacker to execute arbitrary code on the affected system. By sending specifically crafted data to the application, the attacker can manipulate the deserialization process, potentially leading to unauthorized access and control over the system. Organizations using these versions should take immediate action to apply the necessary patches to mitigate the risks associated with this vulnerability.",IBM,"Sdk, Java Technology Edition",8.1,HIGH,0.004679999779909849,false,,false,false,false,,,false,false,,2023-08-02T14:21:51.701Z,0
CVE-2015-1931,https://securityvulnerability.io/vulnerability/CVE-2015-1931,Information Disclosure in IBM Java SDK Versions,"The IBM SDK, Java Technology Edition prior to specific service releases contains a vulnerability where it stores sensitive information as plaintext in memory dumps. This could potentially allow local users to access confidential data by reading files that should be protected. Affected versions include IBM Java SDK 8 (before SR1 FP10), 7 R1 (before SR3 FP10), 7 (before SR9 FP10), 6 R1 (before SR8 FP7), 6 (before SR16 FP7), and 5.0 (before SR16 FP13). Users are advised to update to the latest versions to mitigate risks associated with unauthorized information disclosure.",IBM,Java Sdk,5.5,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2022-09-29T03:15:00.000Z,0
CVE-2018-1517,https://securityvulnerability.io/vulnerability/CVE-2018-1517,,"A flaw in the java.math component in IBM SDK, Java Technology Edition 6.0, 7.0, and 8.0 may allow an attacker to inflict a denial-of-service attack with specially crafted String data. IBM X-Force ID: 141681.",IBM,"Sdk, Java Technology Edition",5.9,MEDIUM,0.023499999195337296,false,,false,false,false,,,false,false,,2018-08-20T21:29:00.000Z,0
CVE-2018-1656,https://securityvulnerability.io/vulnerability/CVE-2018-1656,,"The IBM Java Runtime Environment's Diagnostic Tooling Framework for Java (DTFJ) (IBM SDK, Java Technology Edition 6.0 , 7.0, and 8.0) does not protect against path traversal attacks when extracting compressed dump files. IBM X-Force ID: 144882.",IBM,"Sdk, Java Technology Edition",7.4,HIGH,0.014030000194907188,false,,false,false,false,,,false,false,,2018-08-20T21:29:00.000Z,0
CVE-2018-1417,https://securityvulnerability.io/vulnerability/CVE-2018-1417,,"Under certain circumstances, a flaw in the J9 JVM (IBM SDK, Java Technology Edition 7.1 and 8.0) allows untrusted code running under a security manager to elevate its privileges. IBM X-Force ID: 138823.",IBM,"Sdk, Java Technology Edition",8.1,HIGH,0.021150000393390656,false,,false,false,false,,,false,false,,2018-02-22T19:29:00.000Z,0
CVE-2015-5041,https://securityvulnerability.io/vulnerability/CVE-2015-5041,,"The J9 JVM in IBM SDK, Java Technology Edition 6 before SR16 FP20, 6 R1 before SR8 FP20, 7 before SR9 FP30, and 7 R1 before SR3 FP30 allows remote attackers to obtain sensitive information or inject data by invoking non-public interface methods.",IBM,Java Sdk,9.1,CRITICAL,0.01013999991118908,false,,false,false,false,,,false,false,,2016-06-06T17:00:00.000Z,0
CVE-2015-5006,https://securityvulnerability.io/vulnerability/CVE-2015-5006,,"IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR2, 7 R1 before SR3 FP20, 7 before SR9 FP20, 6 R1 before SR8 FP15, and 6 before SR16 FP15 allow physically proximate attackers to obtain sensitive information by reading the Kerberos Credential Cache.",IBM,"Java 2 Sdk,Java Sdk",,,0.0006099999882280827,false,,false,false,false,,,false,false,,2015-12-07T20:00:00.000Z,0
CVE-2014-8892,https://securityvulnerability.io/vulnerability/CVE-2014-8892,,"Unspecified vulnerability in the Java Virtual Machine (JVM) in IBM SDK, Java Technology Edition 5.0 before SR16-FP9, 6 before SR16-FP3, 6R1 before SR8-FP3, 7 before SR8-FP10, and 7R1 before SR2-FP10 allows remote attackers to bypass intended access permissions and obtain sensitive information via unspecified vectors related to the security manager.",IBM,Java Sdk,,,0.008829999715089798,false,,false,false,false,,,false,false,,2015-03-06T23:00:00.000Z,0
CVE-2014-8891,https://securityvulnerability.io/vulnerability/CVE-2014-8891,,"Unspecified vulnerability in the Java Virtual Machine (JVM) in IBM SDK, Java Technology Edition 5.0 before SR16-FP9, 6 before SR16-FP3, 6R1 before SR8-FP3, 7 before SR8-FP10, and 7R1 before SR2-FP10 allows remote attackers to escape the Java sandbox and execute arbitrary code via unspecified vectors related to the security manager.",IBM,Java Sdk,,,0.06615000218153,false,,false,false,false,,,false,false,,2015-03-06T23:00:00.000Z,0
CVE-2014-0878,https://securityvulnerability.io/vulnerability/CVE-2014-0878,,"The IBMSecureRandom component in the IBMJCE and IBMSecureRandom cryptographic providers in IBM SDK Java Technology Edition 5.0 before Service Refresh 16 FP6, 6 before Service Refresh 16, 6.0.1 before Service Refresh 8, 7 before Service Refresh 7, and 7R1 before Service Refresh 1 makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms by predicting the random number generator's output.",IBM,Java Sdk,,,0.003969999961555004,false,,false,false,false,,,false,false,,2014-05-26T19:00:00.000Z,0