51 matches found
CVE-2024-39752
IBM Analytics Content Hub 2.0, 2.1, 2.2, and 2.3 could be vulnerable to malicious file upload by not validating the type of file uploaded to Explore Content. Attackers can make use of this weakness and upload malicious executable files into the system, and it can be sent to victim for performing...
EUVD-2024-38349
Malicious code in bioql PyPI...
EUVD-2024-35547
Malicious code in bioql PyPI...
EUVD-2024-54769
Malicious code in bioql PyPI...
EUVD-2024-54771
Malicious code in bioql PyPI...
EUVD-2024-54770
Malicious code in bioql PyPI...
Security Bulletin: Vulerability jetty-server affects IBM Integrated Analytics System
Summary The jetty-server component is used by IBM Integrated Analytics System for handling HTTP requests. A vulnerability was identified in the ThreadLimitHandler.getRemote method, where crafted requests can cause memory exhaustion and OutOfMemory errors. As this condition is unhandled, it may le...
Security Bulletin: Vulerability commons-io affects IBM Integrated Analytics System
Summary The commons-io library is used by IBM Integrated Analytics System for input/output processing. A vulnerability was identified in the org.apache.commons.io.input.XmlStreamReader class, where processing untrusted input could result in excessive CPU usage, potentially leading to a denial of...
The software’s vulnerability related to accessing analytics and planning tools in the IBM Analytics Content Hub allows unauthorized users to upload any type of files. This vulnerability enables attackers to upload arbitrary files.
The vulnerability of the software for accessing analytics and planning tools in the IBM Analytics Content Hub is related to the ability to download files of a malicious nature without limitation. Exploiting this vulnerability could allow a malicious actor to download any files as desired...
CVE-2024-37524
IBM Analytics Content Hub 2.0, 2.1, 2.2, and 2.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser...
CVE-2024-38327
IBM Analytics Content Hub 2.0, 2.1, 2.2, and 2.3 is vulnerable to information exposure and further attacks due to an exposed JavaScript source map which could assist an attacker to read and debug JavaScript used in the application's API...
CVE-2024-39752
IBM Analytics Content Hub 2.0, 2.1, 2.2, and 2.3 could be vulnerable to malicious file upload by not validating the type of file uploaded to Explore Content. Attackers can make use of this weakness and upload malicious executable files into the system, and it can be sent to victim for performing...
CVE-2025-36090
IBM Analytics Content Hub 2.0, 2.1, 2.2, and 2.3 could allow a remote attacker to obtain information about the application framework which could be used in reconnaissance to gather information for future attacks from a detailed technical error message...
CVE-2024-38327
IBM Analytics Content Hub 2.0, 2.1, 2.2, and 2.3 is vulnerable to information exposure and further attacks due to an exposed JavaScript source map which could assist an attacker to read and debug JavaScript used in the application's API...
CVE-2024-38327
IBM Analytics Content Hub 2.0, 2.1, 2.2, and 2.3 is vulnerable to information exposure and further attacks due to an exposed JavaScript source map which could assist an attacker to read and debug JavaScript used in the application's API...
CVE-2024-37524
IBM Analytics Content Hub 2.0, 2.1, 2.2, and 2.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser...
CVE-2024-37524
IBM Analytics Content Hub 2.0, 2.1, 2.2, and 2.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser...
CVE-2024-39752
IBM Analytics Content Hub 2.0–2.3 includes a vulnerability where uploaded files are not validated by type in Explore Content, enabling potential malicious executable uploads. The issue is documented with a high-severity CVSS indicating impact on confidentiality, integrity, and availability. Remed...
CVE-2024-39752 IBM Analytics Content Hub file upload
IBM Analytics Content Hub 2.0, 2.1, 2.2, and 2.3 could be vulnerable to malicious file upload by not validating the type of file uploaded to Explore Content. Attackers can make use of this weakness and upload malicious executable files into the system, and it can be sent to victim for performing...
CVE-2024-39752 IBM Analytics Content Hub file upload
IBM Analytics Content Hub 2.0, 2.1, 2.2, and 2.3 could be vulnerable to malicious file upload by not validating the type of file uploaded to Explore Content. Attackers can make use of this weakness and upload malicious executable files into the system, and it can be sent to victim for performing...