Lucene search
K

243 matches found

EUVD
EUVD
added 2026/04/02 3:31 a.m.7 views

EUVD-2026-18112

IBM Content Navigator 3.0.15, 3.1.0, and 3.2.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

5.4CVSS5.5AI score0.00207EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/02 12:14 a.m.3 views

CVE-2026-1243 IBM Content Navigator is affected by , a Cross-Site Scripting (XSS) vulnerability

IBM Content Navigator 3.0.15, 3.1.0, and 3.2.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

5.4CVSS5.5AI score0.00207EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/02 12:14 a.m.25 views

CVE-2026-1243 IBM Content Navigator is affected by , a Cross-Site Scripting (XSS) vulnerability

IBM Content Navigator 3.0.15, 3.1.0, and 3.2.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

5.4CVSS0.00207EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.8 views

PT-2026-29656

IBM Content Navigator 3.0.15, 3.1.0, and 3.2.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

5.4CVSS5.5AI score0.00207EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/30 9:12 a.m.4 views

Security Bulletin: IBM Content Navigator is affected by CVE-2026-1243, a Cross-Site Scripting (XSS) vulnerability

Summary IBM Content Navigator is affected by CVE-2026-1243, a Cross-Site Scripting XSS vulnerability that allows an authenticated user to embed arbitrary JavaScript into the Web UI. This could alter intended application behaviour and potentially lead to credentials disclosure within a trusted...

5.4CVSS5.5AI score0.00207EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/30 9:10 a.m.13 views

Security Bulletin: IBM Content Navigator is affected by Log4J

Summary IBM Content Navigator is affected by multiple vulnerabilities in Apache Log4j 1.x, a logging library that reached end of life in August 2015. These include multiple Deserialization of Untrusted Data flaws CVE-2019-17571, CVE-2021-4104, CVE-2022-23302, CVE-2022-23307, CVE-2023-26464 in...

9.8CVSS7.2AI score0.66537EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/30 9:4 a.m.6 views

Security Bulletin: IBM Content Navigator is affected by JDOM

Summary IBM Content Navigator is affected by CVE-2021-33813, an XML External Entity XXE injection vulnerability CWE-611 in the SAXBuilder component of the JDOM library through version 2.0.6. A remote attacker could exploit this via a crafted HTTP request to cause a denial of service condition. Th...

7.5CVSS6.8AI score0.19442EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/30 9:1 a.m.5 views

Security Bulletin: IBM Content Navigator is affect my Apache Xalan

Summary IBM Content Navigator is affected by CVE-2022-34169, a remote code execution vulnerability CWE-681 in the Apache Xalan Java XSLT library. An integer truncation flaw in the processing of XSLT stylesheets allows a remote attacker to supply a specially crafted stylesheet and execute arbitrar...

7.5CVSS7.7AI score0.17673EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/29 11:41 p.m.10 views

Security Bulletin: IBM Content Navigator is affected by Apache Xerces2

Summary IBM Content Navigator is affected by multiple vulnerabilities in the Apache Xerces2 Java XML parser library. CVE-2009-2625 and CVE-2022-23437 describe infinite loop conditions triggered by malformed XML input, leading to application hang or denial of service. CVE-2012-0881 allows CPU...

7.8CVSS6.7AI score0.3038EPSS
Exploits2Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/09 9:24 a.m.7 views

CVE-2023-40684

IBM Content Navigator 3.0.11, 3.0.13, and 3.0.14 with IBM Daeja ViewOne Virtual is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a...

5.4CVSS6AI score0.00368EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/23 3:50 p.m.10 views

Security Bulletin: IBM Content Navigator consumes vulnerable spring framework library

Summary Spring Framework versions 5.3.0 - 5.3.18, 5.2.0 - 5.2.20, and older unsupported versions. A vulnerability where the fix for CVE-2022-22968 made disallowedFields patterns in DataBinder case insensitive, but String.toLowerCase has Locale-dependent exceptions that could potentially result in...

5.3CVSS6.2AI score0.05666EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/23 11:13 a.m.10 views

Security Bulletin: IBM Content Navigator consumes vulnerable spring framework library

Summary Spring Framework versions 5.3.0 - 5.3.18, 5.2.0 - 5.2.20, and older unsupported versions. The vulnerability involves another data bypass issue relaed to data binding field protection Vulnerability Details CVEID:CVE-2025-22233 DESCRIPTION: CVE-2024-38820 ensured Locale-independent, lowerca...

5.3CVSS6.6AI score0.00631EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/21 10:25 p.m.9 views

Security Bulletin: Local File Inclusion (LFI) vulnerability in IBM Content Navigator

Summary A Local File Inclusion LFI vulnerability has been identified in IBM Content Navigator ICN, where an authenticated attacker can exploit an HTTPS request URL in a way that it will return content of any file from the server where ICN is running. Vulnerability Details CVEID:CVE-2025-27906...

5.3CVSS6.3AI score0.00279EPSS
Exploits0Affected Software1
NVD
NVD
added 2025/10/14 3:16 p.m.5 views

CVE-2025-27906

IBM Content Navigator 3.0.11, 3.0.15, 3.1.0, and 3.2.0 could expose the directory listing of the application upon using an application URL. Application files and folders are visible in the browser to a user; however, the contents of the files cannot be read obtained or modified...

5.3CVSS0.00279EPSS
Exploits0References1
CVE
CVE
added 2025/10/14 2:8 p.m.19 views

CVE-2025-27906

Summary: CVE-2025-27906 affects IBM Content Navigator 3.0.11, 3.0.15, 3.1.0, and 3.2.0, exposing a directory listing via an application URL. The IBM bulletin confirms an LFI-style exposure where an authenticated attacker can view file and folder names in the server’s browser, but cannot read or m...

5.3CVSS6.1AI score0.00279EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/10/14 2:8 p.m.8 views

CVE-2025-27906 IBM Content Navigator information disclosure

IBM Content Navigator 3.0.11, 3.0.15, 3.1.0, and 3.2.0 could expose the directory listing of the application upon using an application URL. Application files and folders are visible in the browser to a user; however, the contents of the files cannot be read obtained or modified...

5.3CVSS0.00279EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/14 2:8 p.m.3 views

CVE-2025-27906 IBM Content Navigator information disclosure

IBM Content Navigator 3.0.11, 3.0.15, 3.1.0, and 3.2.0 could expose the directory listing of the application upon using an application URL. Application files and folders are visible in the browser to a user; however, the contents of the files cannot be read obtained or modified...

5.3CVSS6.1AI score0.00279EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-0904

Malware in sbrugna...

3.5CVSS6.4AI score0.01429EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2015-1993

Malware in sbrugna...

3.5CVSS6.4AI score0.00783EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-25934

Malware in sbrugna...

4.3CVSS4.9AI score0.01046EPSS
Exploits0References3
Rows per page
Query Builder