CVE-2024-31896
- EPSS 0.01%
- Veröffentlicht 25.03.2025 18:58:38
- Zuletzt bearbeitet 18.08.2025 19:49:58
IBM SPSS Statistics 26.0, 27.0.1, 28.0.1, and 29.0.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
CVE-2022-43855
- EPSS 0.02%
- Veröffentlicht 08.03.2024 18:15:48
- Zuletzt bearbeitet 10.06.2025 20:15:21
IBM SPSS Statistics 26.0, 27.0.1, and 28.0 IO Module could allow a local user to create multiple files that could exhaust the file handles capacity and cause a denial of service.
CVE-2021-38959
- EPSS 0.04%
- Veröffentlicht 17.11.2021 14:15:08
- Zuletzt bearbeitet 21.11.2024 06:18:18
IBM SPSS Statistics for Windows 24.0, 25.0, 26.0, 27.0, 27.0.1, and 28.0 could allow a local user to cause a denial of service by writing arbitrary files to admin protected directories on the system. IBM X-Force ID: 212046.
CVE-2015-8530
- EPSS 1.27%
- Veröffentlicht 14.05.2016 15:59:00
- Zuletzt bearbeitet 12.04.2025 10:46:40
Stack-based buffer overflow in the Initialize function in an ActiveX control in IBM SPSS Statistics 19 and 20 before 20.0.0.2-IF0008, 21 before 21.0.0.2-IF0010, 22 before 22.0.0.2-IF0011, 23 before 23.0.0.3-IF0001, and 24 before 24.0.0.0-IF0003 allow...
CVE-2015-7489
- EPSS 0.03%
- Veröffentlicht 01.01.2016 00:59:01
- Zuletzt bearbeitet 12.04.2025 10:46:40
IBM SPSS Statistics 22.0.0.2 before IF10 and 23.0.0.2 before IF7 uses weak permissions (Everyone: Write) for Python scripts, which allows local users to gain privileges by modifying a script.
CVE-2015-0140
- EPSS 1.83%
- Veröffentlicht 25.05.2015 14:59:08
- Zuletzt bearbeitet 12.04.2025 10:46:40
An unspecified ActiveX control in IBM SPSS Statistics 22.0 through FP1 on 32-bit platforms allows remote attackers to execute arbitrary code via a crafted HTML document.