27 matches found
PT-2026-28114
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 IBM InfoSphere DataStage Flow Designer is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts...
EUVD-2015-2005
Malware in sbrugna...
EUVD-2016-9825
Malware in sbrugna...
EUVD-2023-27572
Malicious code in bioql PyPI...
EUVD-2022-44020
Malicious code in bioql PyPI...
CVE-2025-36034
IBM InfoSphere DataStage Flow Designer in IBM InfoSphere Information Server 11.7 discloses sensitive user information in API requests in clear text that could be intercepted using man in the middle techniques...
Security Bulletin: IBM InfoSphere DataStage Flow Designer is vulnerable due to cleartext transmission of sensitive information (CVE-2025-36034)
Summary A disclosure of sensitive information vulnerability in InfoSphere DataStage Flow Designer was addressed. Vulnerability Details CVEID:CVE-2025-36034 DESCRIPTION: IBM InfoSphere DataStage Flow Designer discloses sensitive user information in API requests in clear text that could be...
CVE-2025-36034
CVE-2025-36034 affects IBM InfoSphere DataStage Flow Designer within IBM InfoSphere Information Server 11.7. The issue causes cleartext transmission of sensitive user information in API requests, enabling potential disclosure via man-in-the-middle. The IBM security bulletin cites CWE-319 and list...
Security Bulletin: IBM InfoSphere DataStage is vulnerable due to cleartext storage of sensitive information (CVE-2025-1499)
Summary A vulnerability due to cleartext storage of sensitive information in IBM InfoSphere DataStage was addressed. Vulnerability Details CVEID:CVE-2025-1499 DESCRIPTION: IBM InfoSphere DataStage stores credential information for database authentication in a cleartext parameter file that could b...
Security Bulletin: IBM InfoSphere DataStage Flow Designer is vulnerable due to cleartext transmission of sensitive information (CVE-2025-25046)
Summary A sensitive information disclosure vulnerability in IBM InfoSphere DataStage Flow Designer was addressed. Vulnerability Details CVEID:CVE-2025-25046 DESCRIPTION: IBM InfoSphere DataStage Flow Designer transmits sensitive information via URL or query parameters that could be exposed to an...
Security Bulletin: IBM InfoSphere DataStage Flow Designer is affected by a path traversal vulnerability (CVE-2024-52363)
Summary A path traversal vulnerability in IBM InfoSphere DataStage Flow Designer was addressed. Vulnerability Details CVEID:CVE-2024-52363 DESCRIPTION: IBM InfoSphere Information Server could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted...
IBM InfoSphere Information Server and IBM InfoSphere DataStage Flow Designer Unspecified Vulnerability (CNVD-2025-05561)
IBM InfoSphere Information Server and IBM InfoSphere DataStage Flow Designer are both products of International Business Machines IBM.IBM InfoSphere Information Server is a data integration platform. The platform can be used to integrate data information obtained from various sources.IBM InfoSphe...
Security Bulletin: IBM InfoSphere DataStage Flow Designer is affected by an information disclosure vulnerability (CVE-2023-23472)
Summary An information disclosure vulnerability in InfoSphere DataStage Flow Designer was addressed. Vulnerability Details CVEID:CVE-2023-23472 DESCRIPTION: IBM InfoSphere DataStage Flow Designer could allow an authenticated user to obtain sensitive information that could aid in further attacks...
Security Bulletin: IBM InfoSphere DataStage Flow Designer is vulnerable to Server-Side Request Forgery
Summary A Server-Side Request Forgery vulnerability in IBM InfoSphere DataStage Flow Designer was addressed. Vulnerability Details CVEID:CVE-2021-29738 DESCRIPTION: IBM InfoSphere Data Flow Designer is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to sen...
IBM InfoSphere DataStage Flow Designer Trust Management Issue Vulnerability
Ibm InfoSphere DataStage Flow Designer is a Web-based data stage flow designer from Ibm, Inc. A security vulnerability exists in Ibm InfoSphere DataStage Flow Designer that stems from an error in the validation of REST API server credentials by the IBM InfoSphere DataStage Flow Designer engine...
Security Bulletin: IBM InfoSphere DataStage is affected by an Information disclosure vulnerability
Summary An Information disclosure vulnerability in IBM InfoSphere DataStage was addressed. Vulnerability Details CVEID: CVE-2021-29747 DESCRIPTION: IBM InfoSphere Information Server could allow a remote attacker to obtain highly sensitive information due to a vulnerability in the authentication...
Security Bulletin: Multiple vulnerabilities in Jackson-databind affect IBM InfoSphere Information Server
Summary Multiple vulnerabilities in Jackson-databind were addressed by IBM InfoSphere Information Server. Vulnerability Details CVEID: CVE-2018-5968 DESCRIPTION: FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by deserialization flaws. By...
Security Bulletin: Multiple vulnerabilities in Open Source Apache WSS4J affect IBM InfoSphere DataStage Web services pack (CVE-2015-0226 CVE-2015-0227)
Summary There are multiple vulnerabilities in Open Source Apache WSS4J that is used by IBM InfoSphere DataStage Web services pack. Vulnerability Details CVE-ID: CVE-2015-0226 DESCRIPTION : Apache WSS4J could allow a remote attacker to obtain sensitive information, caused by Bleichenbacher's attac...
Security Bulletin: IBM InfoSphere DataStage is vulnerable to Cross-Frame Scripting issue (CVE-2016-9000)
Summary IBM InfoSphere DataStage is vulnerable to cross-frame scripting, caused by insufficient HTML iframe protection. Vulnerability Details CVEID: CVE-2016-9000 DESCRIPTION: IBM InfoSphere DataStage is vulnerable to cross-frame scripting, caused by insufficient HTML iframe protection. A remote...
IBM Infosphere Information Server / Datastage 11.5 Command Execution / Bypass Vulnerabilities
IBM Infosphere Information Server / Datastage versions 9.1, 11.3, and 11.5 including Cloud version 11.5 suffer from bypass, XML external entity injection, DLL side loading, and various other vulnerabilities. title: Multiple Vulnerabilities product: IBM Infosphere Information Server / Datastage...