CVE-2026-4788

IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.37 stores sensitive information in log files that could be read by a local user...

CVE-2026-4788

IBM Tivoli Netcool Impact contains a CVE-2026-4788 vulnerability where sensitive information is stored in log files. Affected product: IBM Tivoli Netcool Impact versions 7.1.0.0 through 7.1.0.37. The issue is addressed by upgrading to 7.1.0.38 Fix Pack 38 or later (7.1.0.38) per the IBM security ...

Infodraw Media Relay Service 安全漏洞

Infodraw Media Relay Service is a multimedia service from Infodraw. A security vulnerability exists in Infodraw Media Relay Service version 7.1.0.0, which originates from directory traversal and could lead to credential disclosure...

CVE-2023-38264

CVE-2023-38264 affects IBM SDK, Java Technology Edition ORB (7.1.0.0–7.1.5.21 and 8.0.0.0–8.0.8.21) due to improper enforcement of JEP 290 MaxRef and MaxDepth deserialization filters, enabling potential denial-of-service through unsafe deserialization. The Connected IBM advisories confirm multipl...

Security Bulletin: IBM UrbanCode Deploy (UCD) is vulnerable to cross-site scripting ( CVE-2022-46771 )

Summary IBM UrbanCode Deploy UCD is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. Vulnerability Details...

Security Bulletin: Potential DOS due to weak IPv4 and IPv6 sequence numbers in SAN Volume Controller and Storwize Family (CVE-2011-3188)

Summary Potential DOS due to weak IPv4 and IPv6 sequence numbers Vulnerability Details CVEID: CVE-2011-3188 DESCRIPTION: The 1 IPv4 and 2 IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes i...

CVE-2022-35716

IBM UrbanCode Deploy UCD 6.2.0.0 through 6.2.7.16, 7.0.0.0 through 7.0.5.11, 7.1.0.0 through 7.1.2.7, and 7.2.0.0 through 7.2.3.0 could allow an authenticated user to obtain sensitive information in some instances due to improper security checking. IBM X-Force ID: 231360...

Security Bulletin: IBM Db2 Big SQL is vulnerable to arbitrary code execution and denial of service due to Apache Log4j (CVE-2021-45046, CVE-2021-45105)

Summary Apache Log4j is used by IBM Db2 Big SQL as part of its logging infrastructure. IBM Db2 Big SQL is vulnerable to arbitrary code execution and denial of service due to Apache Log4j CVE-2021-45046, CVE-2021-45105. The fix includes Apache Log4j 2.17.1 Vulnerability Details CVEID: CVE-2021-451...

Security Bulletin: IBM Tivoli Netcool Impact is affected by an Apache HttpClient vulnerability (CVE-2020-13956)

Summary IBM Tivoli Netcool Impact has addressed the following Apache HttpClient vulnerability. Vulnerability Details CVEID: CVE-2020-13956 DESCRIPTION: Apache HttpClient could allow a remote attacker to bypass security restrictions, caused by the improper handling of malformed authority component...

CVE-2020-4849

CVE-2020-4849 affects IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.19 Interim Fix 7. The issue is a reverse tabnabbing flaw that could allow a remote attacker to bypass security restrictions and direct a victim to a phishing site. IBM references remediation: upgrade to 7.1.0.20 (FP20). Connect...

IBM Tivoli Netcool Impact Cross-Site Request Forgery Vulnerability (CNVD-2020-20673)

IBM Tivoli Netcool Impact is a suite of network management software from IBM in the United States. The software has the ability to automate business-critical functions and provide a platform that provides unified access to real-time data, events and indicators. A cross-site request forgery...

IBM Tivoli Netcool Impact Cross-Site Scripting Vulnerability (CNVD-2020-20671)

IBM Tivoli Netcool Impact is a suite of network management software from IBM in the United States. The software has the ability to automate business-critical functions and provide a platform that provides unified access to real-time data, events and indicators. A cross-site scripting vulnerabilit...

CVE-2020-4235

IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force I...

Cross site request forgery (csrf)

IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 175411...

CVE-2020-4239

IBM Tivoli Netcool Impact 7.1.0.0–7.1.0.17 is affected by CVE-2020-4239, a remote information-disclosure flaw where detailed browser error messages reveal sensitive data. Root cause: information leakage through verbose errors. Impact: potential exposure of confidential information. Remediation: u...

CVE-2020-4237

The CVE-2020-4237 issue affects IBM Tivoli Netcool Impact 7.1.0.0–7.1.0.17, where a cross-site request forgery (CSRF) vulnerability could allow an attacker to perform malicious, unauthorized actions on behalf of a trusted user. The IBM security bulletin notes the remediation is to upgrade to vers...

CVE-2020-4237

IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 175410...

CVE-2020-4236

IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 could allow an authenticated user to cause a denial of service due to improper content parsing in the project management module. IBM X-Force ID: 175409...

IBM Tivoli Netcool Impact Cross-Site Request Forgery Vulnerability

IBM Tivoli Netcool Impact is a suite of network management software from IBM in the United States. The software has the ability to automate business-critical functions and provide a platform that provides unified access to real-time data, events and indicators. A cross-site request forgery...

CVE-2019-4569

IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.16 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force I...