Lucene search
K

27 matches found

Positive Technologies
Positive Technologies
•added 2026/03/25 12:0 a.m.•12 views

PT-2026-28114

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 IBM InfoSphere DataStage Flow Designer is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts...

4.3CVSS5.7AI score0.00139EPSS
Exploits0References2
EUVD
EUVD
•added 2025/10/07 12:30 a.m.•5 views

EUVD-2015-2005

Malware in sbrugna...

7.2CVSS6.4AI score0.0036EPSS
Exploits0References4
EUVD
EUVD
•added 2025/10/07 12:30 a.m.•5 views

EUVD-2016-9825

Malware in sbrugna...

6.1CVSS6.3AI score0.01146EPSS
Exploits0References4
EUVD
EUVD
•added 2025/10/03 8:7 p.m.•12 views

EUVD-2023-27572

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00336EPSS
Exploits0References1
EUVD
EUVD
•added 2025/10/03 8:7 p.m.•4 views

EUVD-2022-44020

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.0181EPSS
Exploits0References2
RedhatCVE
RedhatCVE
•added 2025/06/28 3:17 p.m.•8 views

CVE-2025-36034

IBM InfoSphere DataStage Flow Designer in IBM InfoSphere Information Server 11.7 discloses sensitive user information in API requests in clear text that could be intercepted using man in the middle techniques...

5.9CVSS6.6AI score0.00141EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
•added 2025/06/26 3:42 p.m.•7 views

Security Bulletin: IBM InfoSphere DataStage Flow Designer is vulnerable due to cleartext transmission of sensitive information (CVE-2025-36034)

Summary A disclosure of sensitive information vulnerability in InfoSphere DataStage Flow Designer was addressed. Vulnerability Details CVEID:CVE-2025-36034 DESCRIPTION: IBM InfoSphere DataStage Flow Designer discloses sensitive user information in API requests in clear text that could be...

5.9CVSS6.4AI score0.00141EPSS
Exploits0Affected Software1
CVE
CVE
•added 2025/06/26 3:14 p.m.•28 views

CVE-2025-36034

CVE-2025-36034 affects IBM InfoSphere DataStage Flow Designer within IBM InfoSphere Information Server 11.7. The issue causes cleartext transmission of sensitive user information in API requests, enabling potential disclosure via man-in-the-middle. The IBM security bulletin cites CWE-319 and list...

5.9CVSS6.5AI score0.00141EPSS
Exploits0References1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2025/06/01 12:19 a.m.•18 views

Security Bulletin: IBM InfoSphere DataStage is vulnerable due to cleartext storage of sensitive information (CVE-2025-1499)

Summary A vulnerability due to cleartext storage of sensitive information in IBM InfoSphere DataStage was addressed. Vulnerability Details CVEID:CVE-2025-1499 DESCRIPTION: IBM InfoSphere DataStage stores credential information for database authentication in a cleartext parameter file that could b...

6.5CVSS6.6AI score0.00182EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2025/04/23 6:48 p.m.•16 views

Security Bulletin: IBM InfoSphere DataStage Flow Designer is vulnerable due to cleartext transmission of sensitive information (CVE-2025-25046)

Summary A sensitive information disclosure vulnerability in IBM InfoSphere DataStage Flow Designer was addressed. Vulnerability Details CVEID:CVE-2025-25046 DESCRIPTION: IBM InfoSphere DataStage Flow Designer transmits sensitive information via URL or query parameters that could be exposed to an...

3.7CVSS6.3AI score0.00144EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2025/04/15 3:14 a.m.•34 views

Security Bulletin: IBM InfoSphere DataStage Flow Designer is affected by a path traversal vulnerability (CVE-2024-52363)

Summary A path traversal vulnerability in IBM InfoSphere DataStage Flow Designer was addressed. Vulnerability Details CVEID:CVE-2024-52363 DESCRIPTION: IBM InfoSphere Information Server could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted...

7.5CVSS6.6AI score0.0059EPSS
Exploits0Affected Software1
CNVD
CNVD
•added 2025/03/19 12:0 a.m.•6 views

IBM InfoSphere Information Server and IBM InfoSphere DataStage Flow Designer Unspecified Vulnerability (CNVD-2025-05561)

IBM InfoSphere Information Server and IBM InfoSphere DataStage Flow Designer are both products of International Business Machines IBM.IBM InfoSphere Information Server is a data integration platform. The platform can be used to integrate data information obtained from various sources.IBM InfoSphe...

6.5CVSS6.3AI score0.00336EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
•added 2023/05/17 7:9 p.m.•40 views

Security Bulletin: IBM InfoSphere DataStage Flow Designer is affected by an information disclosure vulnerability (CVE-2023-23472)

Summary An information disclosure vulnerability in InfoSphere DataStage Flow Designer was addressed. Vulnerability Details CVEID:CVE-2023-23472 DESCRIPTION: IBM InfoSphere DataStage Flow Designer could allow an authenticated user to obtain sensitive information that could aid in further attacks...

6.5CVSS5.5AI score0.00336EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2023/04/20 5:49 p.m.•42 views

Security Bulletin: IBM InfoSphere DataStage Flow Designer is vulnerable to Server-Side Request Forgery

Summary A Server-Side Request Forgery vulnerability in IBM InfoSphere DataStage Flow Designer was addressed. Vulnerability Details CVEID:CVE-2021-29738 DESCRIPTION: IBM InfoSphere Data Flow Designer is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to sen...

5.5CVSS5.3AI score0.00467EPSS
Exploits0Affected Software1
CNVD
CNVD
•added 2021/11/02 12:0 a.m.•8 views

IBM InfoSphere DataStage Flow Designer Trust Management Issue Vulnerability

Ibm InfoSphere DataStage Flow Designer is a Web-based data stage flow designer from Ibm, Inc. A security vulnerability exists in Ibm InfoSphere DataStage Flow Designer that stems from an error in the validation of REST API server credentials by the IBM InfoSphere DataStage Flow Designer engine...

7.5CVSS6.6AI score0.00671EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
•added 2021/05/14 7:56 p.m.•28 views

Security Bulletin: IBM InfoSphere DataStage is affected by an Information disclosure vulnerability

Summary An Information disclosure vulnerability in IBM InfoSphere DataStage was addressed. Vulnerability Details CVEID: CVE-2021-29747 DESCRIPTION: IBM InfoSphere Information Server could allow a remote attacker to obtain highly sensitive information due to a vulnerability in the authentication...

7.5CVSS0.2AI score0.01918EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2018/07/12 12:16 a.m.•65 views

Security Bulletin: Multiple vulnerabilities in Jackson-databind affect IBM InfoSphere Information Server

Summary Multiple vulnerabilities in Jackson-databind were addressed by IBM InfoSphere Information Server. Vulnerability Details CVEID: CVE-2018-5968 DESCRIPTION: FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by deserialization flaws. By...

9.8CVSS2AI score0.49727EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2018/06/16 2:7 p.m.•33 views

Security Bulletin: Multiple vulnerabilities in Open Source Apache WSS4J affect IBM InfoSphere DataStage Web services pack (CVE-2015-0226 CVE-2015-0227)

Summary There are multiple vulnerabilities in Open Source Apache WSS4J that is used by IBM InfoSphere DataStage Web services pack. Vulnerability Details CVE-ID: CVE-2015-0226 DESCRIPTION : Apache WSS4J could allow a remote attacker to obtain sensitive information, caused by Bleichenbacher's attac...

7.5CVSS6.6AI score0.07543EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2018/06/16 1:44 p.m.•20 views

Security Bulletin: IBM InfoSphere DataStage is vulnerable to Cross-Frame Scripting issue (CVE-2016-9000)

Summary IBM InfoSphere DataStage is vulnerable to cross-frame scripting, caused by insufficient HTML iframe protection. Vulnerability Details CVEID: CVE-2016-9000 DESCRIPTION: IBM InfoSphere DataStage is vulnerable to cross-frame scripting, caused by insufficient HTML iframe protection. A remote...

6.1CVSS0.9AI score0.01146EPSS
Exploits0Affected Software1
0day.today
0day.today
•added 2017/09/15 12:0 a.m.•140 views

IBM Infosphere Information Server / Datastage 11.5 Command Execution / Bypass Vulnerabilities

IBM Infosphere Information Server / Datastage versions 9.1, 11.3, and 11.5 including Cloud version 11.5 suffer from bypass, XML external entity injection, DLL side loading, and various other vulnerabilities. title: Multiple Vulnerabilities product: IBM Infosphere Information Server / Datastage...

6.8CVSS6.2AI score0.02718EPSS
Exploits2
Rows per page
Query Builder