Skip to main content
CVE-2015-0545 CRITICAL Act Now

EMC Unisphere for VMAX 8.x before 8.0.3.4 sets up the Java Debugging Wire Protocol (JDWP) service, which allows remote attackers to execute arbitrary code via unspecified vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Java Unisphere
NVD
CVSS 2.0
10.0
EPSS
6.2%
CVE-2015-1900 HIGH PATCH This Week

IBM InfoSphere DataStage 8.1, 8.5, 8.7, 9.1, and 11.3 through 11.3.1.2 on UNIX allows local users to write to executable files, and consequently obtain root privileges, via unspecified vectors. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

IBM Privilege Escalation Infosphere Datastage
NVD
CVSS 2.0
7.2
EPSS
0.1%
CVE-2015-0196 MEDIUM PATCH This Month

CRLF injection vulnerability in IBM WebSphere Commerce 6.0 through 6.0.0.11 and 7.0 before 7.0.0.8 Cumulative iFix 2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

IBM Code Injection Websphere Commerce
NVD
CVSS 2.0
5.0
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy