cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-38264,https://securityvulnerability.io/vulnerability/CVE-2023-38264,IBM SDK Vulnerable to Denial of Service Attack,"The IBM SDK, Java Technology Edition, specifically in its Object Request Broker (ORB) components across various versions, is susceptible to denial of service attacks under certain conditions. This vulnerability arises from improper enforcement of the JEP 290 MaxRef and MaxDepth deserialization filters, potentially allowing attackers to exploit this flaw and disrupt service availability. Immediate attention and remediation are recommended to mitigate risks associated with this vulnerability.",IBM,"Sdk, Java Technology Edition",5.9,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-05-14T13:21:00.000Z,0
CVE-2022-40609,https://securityvulnerability.io/vulnerability/CVE-2022-40609,"IBM SDK, Java Technology Edition code execution","The IBM SDK, Java Technology Edition versions 7.1.5.18 and 8.0.8.0 are vulnerable due to an unsafe deserialization flaw that could enable a remote attacker to execute arbitrary code on the affected system. By sending specifically crafted data to the application, the attacker can manipulate the deserialization process, potentially leading to unauthorized access and control over the system. Organizations using these versions should take immediate action to apply the necessary patches to mitigate the risks associated with this vulnerability.",IBM,"Sdk, Java Technology Edition",8.1,HIGH,0.004679999779909849,false,,false,false,false,,,false,false,,2023-08-02T14:21:51.701Z,0
CVE-2018-1517,https://securityvulnerability.io/vulnerability/CVE-2018-1517,,"A flaw in the java.math component in IBM SDK, Java Technology Edition 6.0, 7.0, and 8.0 may allow an attacker to inflict a denial-of-service attack with specially crafted String data. IBM X-Force ID: 141681.",IBM,"Sdk, Java Technology Edition",5.9,MEDIUM,0.023499999195337296,false,,false,false,false,,,false,false,,2018-08-20T21:29:00.000Z,0
CVE-2018-1656,https://securityvulnerability.io/vulnerability/CVE-2018-1656,,"The IBM Java Runtime Environment's Diagnostic Tooling Framework for Java (DTFJ) (IBM SDK, Java Technology Edition 6.0 , 7.0, and 8.0) does not protect against path traversal attacks when extracting compressed dump files. IBM X-Force ID: 144882.",IBM,"Sdk, Java Technology Edition",7.4,HIGH,0.014030000194907188,false,,false,false,false,,,false,false,,2018-08-20T21:29:00.000Z,0
CVE-2018-1417,https://securityvulnerability.io/vulnerability/CVE-2018-1417,,"Under certain circumstances, a flaw in the J9 JVM (IBM SDK, Java Technology Edition 7.1 and 8.0) allows untrusted code running under a security manager to elevate its privileges. IBM X-Force ID: 138823.",IBM,"Sdk, Java Technology Edition",8.1,HIGH,0.021150000393390656,false,,false,false,false,,,false,false,,2018-02-22T19:29:00.000Z,0