Ibm: >> Spss Statistics Security Vulnerabilities
IBM SPSS StatisticsĀ 26.0, 27.0.1, 28.0.1, and 29.0.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
CVSS Score
5.9
EPSS Score
0.0
Published
2025-03-25
IBM SPSS Statistics 26.0, 27.0.1, and 28.0 IO Module could allow a local user to create multiple files that could exhaust the file handles capacity and cause a denial of service.
CVSS Score
6.2
EPSS Score
0.0
Published
2024-03-08
IBM SPSS Statistics for Windows 24.0, 25.0, 26.0, 27.0, 27.0.1, and 28.0 could allow a local user to cause a denial of service by writing arbitrary files to admin protected directories on the system. IBM X-Force ID: 212046.
CVSS Score
6.2
EPSS Score
0.0
Published
2021-11-17
Stack-based buffer overflow in the Initialize function in an ActiveX control in IBM SPSS Statistics 19 and 20 before 20.0.0.2-IF0008, 21 before 21.0.0.2-IF0010, 22 before 22.0.0.2-IF0011, 23 before 23.0.0.3-IF0001, and 24 before 24.0.0.0-IF0003 allows remote authenticated users to execute arbitrary code via a long argument.
CVSS Score
6.5
EPSS Score
0.013
Published
2016-05-14
IBM SPSS Statistics 22.0.0.2 before IF10 and 23.0.0.2 before IF7 uses weak permissions (Everyone: Write) for Python scripts, which allows local users to gain privileges by modifying a script.
CVSS Score
7.8
EPSS Score
0.0
Published
2016-01-01
An unspecified ActiveX control in IBM SPSS Statistics 22.0 through FP1 on 32-bit platforms allows remote attackers to execute arbitrary code via a crafted HTML document.
CVSS Score
6.8
EPSS Score
0.018
Published
2015-05-25