VYPR

Spss Statistics

by IBM

CVEs (6)

  • CVE-2015-7489HigJan 1, 2016
    risk 0.51cvss 7.8epss 0.00

    IBM SPSS Statistics 22.0.0.2 before IF10 and 23.0.0.2 before IF7 uses weak permissions (Everyone: Write) for Python scripts, which allows local users to gain privileges by modifying a script.

  • CVE-2015-8530MedMay 14, 2016
    risk 0.42cvss 6.5epss 0.02

    Stack-based buffer overflow in the Initialize function in an ActiveX control in IBM SPSS Statistics 19 and 20 before 20.0.0.2-IF0008, 21 before 21.0.0.2-IF0010, 22 before 22.0.0.2-IF0011, 23 before 23.0.0.3-IF0001, and 24 before 24.0.0.0-IF0003 allows remote authenticated users…

  • CVE-2022-43855MedMar 8, 2024
    risk 0.40cvss 6.2epss 0.00

    IBM SPSS Statistics 26.0, 27.0.1, and 28.0 IO Module could allow a local user to create multiple files that could exhaust the file handles capacity and cause a denial of service.

  • CVE-2024-31896MedMar 25, 2025
    risk 0.38cvss 5.9epss 0.00

    IBM SPSS Statistics 26.0, 27.0.1, 28.0.1, and 29.0.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

  • CVE-2021-38959MedNov 17, 2021
    risk 0.36cvss 5.5epss 0.00

    IBM SPSS Statistics for Windows 24.0, 25.0, 26.0, 27.0, 27.0.1, and 28.0 could allow a local user to cause a denial of service by writing arbitrary files to admin protected directories on the system. IBM X-Force ID: 212046.

  • CVE-2015-0140May 25, 2015
    risk 0.00cvss epss 0.02

    An unspecified ActiveX control in IBM SPSS Statistics 22.0 through FP1 on 32-bit platforms allows remote attackers to execute arbitrary code via a crafted HTML document.