CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-31896 – IBM SPSS Statistics information disclosure
https://notcve.org/view.php?id=CVE-2024-31896
25 Mar 2025 — IBM SPSS Statistics 26.0, 27.0.1, 28.0.1, and 29.0.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM SPSS Statistics 26.0, 27.0.1, 28.0.1, and 29.0.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. • https://www.ibm.com/support/pages/node/7228971 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 6.2EPSS: 0%CPEs: 7EXPL: 0CVE-2021-38959
https://notcve.org/view.php?id=CVE-2021-38959
17 Nov 2021 — IBM SPSS Statistics for Windows 24.0, 25.0, 26.0, 27.0, 27.0.1, and 28.0 could allow a local user to cause a denial of service by writing arbitrary files to admin protected directories on the system. IBM X-Force ID: 212046. IBM SPSS Statistics para Windows versiones 24.0, 25.0, 26.0, 27.0, 27.0.1 y 28.0, podría permitir a un usuario local causar una denegación de servicio escribiendo archivos arbitrarios en directorios protegidos por el administrador del sistema. IBM X-Force ID: 212046 • https://exchange.xforce.ibmcloud.com/vulnerabilities/212046 • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 1%CPEs: 6EXPL: 0CVE-2015-8530
https://notcve.org/view.php?id=CVE-2015-8530
14 May 2016 — Stack-based buffer overflow in the Initialize function in an ActiveX control in IBM SPSS Statistics 19 and 20 before 20.0.0.2-IF0008, 21 before 21.0.0.2-IF0010, 22 before 22.0.0.2-IF0011, 23 before 23.0.0.3-IF0001, and 24 before 24.0.0.0-IF0003 allows remote authenticated users to execute arbitrary code via a long argument. Desbordamiento de buffer basado en pila en la función Initialize en un control ActiveX en IBM SPSS Statistics 19 y 20 en versiones anteriores a 20.0.0.2-IF0008, 21 en versiones anteriore... • http://www-01.ibm.com/support/docview.wss?uid=swg21982035 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2015-7489
https://notcve.org/view.php?id=CVE-2015-7489
01 Jan 2016 — IBM SPSS Statistics 22.0.0.2 before IF10 and 23.0.0.2 before IF7 uses weak permissions (Everyone: Write) for Python scripts, which allows local users to gain privileges by modifying a script. IBM SPSS Statistics 22.0.0.2 en versiones anteriores a IF10 y 23.0.0.2 en versiones anteriores a IF7 utiliza permisos débiles (Todos: Escribir) para secuencias de comandos Python, lo que permite a usuarios locales obtener privilegios modificando una secuencia de comandos. • http://www-01.ibm.com/support/docview.wss?uid=swg21973502 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2015-0140
https://notcve.org/view.php?id=CVE-2015-0140
25 May 2015 — An unspecified ActiveX control in IBM SPSS Statistics 22.0 through FP1 on 32-bit platforms allows remote attackers to execute arbitrary code via a crafted HTML document. Un control ActiveX no especificado en IBM SPSS Statistics 22.0 hasta FP1 en las plataformas de 32 bits permite a atacantes remotos ejecutar código arbitrario a través de un documento HTML manipulado. • http://www-01.ibm.com/support/docview.wss?uid=swg21697746 •