Security Bulletin: IBM InfoSphere Information Server is vulnerable due to sensitive information written to a log file (CVE-2026-1265)

Summary A vulnerability due to sensitive information written to a log file in IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2026-1265 DESCRIPTION: IBM InfoSphere Information Server is vulnerable to writing of sensitive Information in a log file. CWE:CWE-532:...

CVE-2026-1265

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to writing of sensitive Information in a log file...

CVE-2026-1265

IBM InfoSphere Information Server versions 11.7.0.0–11.7.1.6 are affected by CVE-2026-1265 due to sensitive information written to a log file (CWE-532). The IBM security bulletin (DT457493) and related postings confirm the vulnerability and provide remediation: upgrade to 11.7.1.0 or apply the se...

EUVD-2026-1265

The Responsive Pricing Table plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'tablecurrency' parameter in all versions up to, and including, 5.1.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2023-1265

An issue has been discovered in GitLab affecting all versions starting from 11.9 before 15.9.6, all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1. The condition allows for a privileged attacker, under certain conditions, to obtain session tokens from...

CVE-2020-1265

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1231, CVE-2020-1233, CVE-2020-1235, CVE-2020-1282, CVE-2020-1304, CVE-2020-1306,...

CVE-2025-1265

CVE-2025-1265 affects Vinci Protocol Analyzer. The vulnerability is an OS command injection in the analyzer that could allow an attacker to escalate privileges and execute code on the affected system. CVSS metrics in the CVE entry indicate a critical severity (CVSSv4.0 base score 9.4; CVSSv3.1 ba...

CVE-2025-1265

creationtimestamp| type| source ---|---|--- 2025-02-20 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-051-06 2025-02-20 20:56:32+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lin6hwoy3v2r 2025-02-20 21:17:54+00:00| seen|...

CVE-2013-1265

creationtimestamp| type| source ---|---|--- 2025-01-16 20:55:49+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/2034...

RHSA-2024:1265

creationtimestamp| type| source ---|---|--- 2024-03-20 03:16:33+00:00| seen| https://t.me/ctinow/212081...

CVE-2024-1265

creationtimestamp| type| source ---|---|--- 2024-02-07 01:26:42+00:00| seen| https://t.me/ctinow/180454 2024-02-14 21:16:37+00:00| seen| https://t.me/ctinow/185020 2024-03-01 09:11:19+00:00| seen| https://t.me/ctinow/197406...

CVE-2024-1265

CVE-2024-1265 affects CodeAstro University Management System 1.0, specifically the Attendance Management component. The vulnerability resides in the /att_add.php file where manipulating the “Student Name” argument triggers cross-site scripting. It can be exploited remotely and exploitation has be...

CVE-2023-1265

creationtimestamp| type| source ---|---|--- 2023-05-04 00:32:13+00:00| seen| https://t.me/cibsecurity/63251...

CVE-2023-1265

CVE-2023-1265 affects GitLab installations with the following vulnerable ranges: 11.9–15.9.6, 15.10–15.10.5, and 15.11–15.11.1. The issue enables a privileged attacker, under certain conditions, to obtain session tokens for all users on a GitLab instance. The provided documents do not specify the...

CVE-2023-1265

An issue has been discovered in GitLab affecting all versions starting from 11.9 before 15.9.6, all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1. The condition allows for a privileged attacker, under certain conditions, to obtain session tokens from...

SUSE CVE-2009-0795

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-0796, CVE-2009-1265. Reason: this candidate was intended for one issue, but a typo caused it to be associated with a different issue. Notes: All CVE users should consult CVE-2009-0796 and CVE-2009-1265 to determine which ID is appropriate. Al...

CVE-2022-1265 BulletProof Security < 6.1 - Admin+ Stored Cross-Site Scripting

The BulletProof Security WordPress plugin before 6.1 does not sanitize and escape some of its CAPTCHA settings, which could allow high-privileged users to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

CVE-2022-1265

CVE-2022-1265 affects the BulletProof Security WordPress plugin prior to 6.1. The vulnerability arises from insufficient sanitization/escaping of CAPTCHA settings, allowing high-privileged (Admin+) users to perform stored XSS even when unfiltered_html is disallowed. Impact is client-side JavaScri...

Mageia: Security Advisory (MGASA-2015-0235)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Vulnerabilities fixed in Nitro Pro PDF

Vulnerabilities have been fixed in Nitro Pro PDF. The vulnerabilities allow an unauthenticated remote malicious person to opportunity to execute arbitrary code under the privileges of the application. To do this, the malicious agent must trick the victim to open a malicious file. Nitro Software...