Lucene search
K

22 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2014-3030

Malware in sbrugna...

3.5CVSS6.4AI score0.00649EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2016-10518

Malware in sbrugna...

6.5CVSS6.6AI score0.01117EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-3085

Malware in sbrugna...

6.3CVSS6.4AI score0.01114EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/09 12:57 p.m.27 views

Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere Application Server used by IBM Master Data Management

Summary IBM InfoSphere Master Data Management is affected by IBM WebSphere Application Server vulnerability to HTTP header injection when processing web requests. This has been addressed. Vulnerability Details CVEID:CVE-2022-34165 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9...

5.4CVSS5.6AI score0.00458EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/25 11:9 p.m.19 views

Security Bulletin: Session Fixation Vulnerability in IBM InfoSphere Master Data Management - Collaborative Edition (CVE-2013-5426)

Abstract An unspecified vulnerability in IBM InfoSphere Master Data Management – Collaborative Edition might allow an attacker to gain unauthorized access to a user's session. An attacker with access to a user's open browser before the user authenticates with the IBM InfoSphere Master Data...

4.9CVSS6AI score0.00495EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2022/04/27 10:23 a.m.20 views

Security Bulletin: 3RD PARTY IBM InfoSphere MDM Inspector - Cross Site Request Forgery

Summary In the MDM Inspector web application, CSRF protection is implemented by validating that the referer header is set to a allowlisted domain. It is possible to include the allowlisted domain as a subdomain of an attacker-controlled domain to bypass this validation, allowing for a CSRF attack...

4.3CVSS0.4AI score0.00459EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/04/27 10:23 a.m.18 views

Security Bulletin: IBM InfoSphere Master Data Management Server is vulnerable to HTTP Parameter Override discovered in MDM User Interface (CVE-2016-9717)

Summary IBM InfoSphere Master Data Management is vulnerable to a HTTP Parameter Override which may produce an anomalous behavior in the application that can be potentially exploited . Vulnerability Details CVEID: CVE-2016-9717 DESCRIPTION: HTTP Parameter Override is identified in IBM Infosphere...

4CVSS0.8AI score0.01117EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/04/27 10:23 a.m.40 views

Security Bulletin: IBM InfoSphere Master Data Management is vulnerable to multiple OpenSSL vulnerabilities (CVE-2016-7055, CVE-2017-3730, CVE-2017-3731, CVE-2017-3732)

Summary IBM InfoSphere Master Data Management is vulnerable to multiple OpenSSL vulnerabilities that could cause the application to crash, an attacker to obtain information about the private key, or cause a denial of service. Vulnerability Details CVEID: CVE-2017-3730 DESCRIPTION: OpenSSL is...

5CVSS1AI score0.57595EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/04/27 9:58 a.m.20 views

Security Bulletin: IBM InfoSphere MDM Reference Data Management affected by Cross Site Scripting vulnerabilities(CVE-2015-1910)

Summary IBM InfoSphere MDM Reference Data Management is vulnerable to Cross Site Scripting attack caused by improper validation of user-supplied input. Vulnerability Details CVEID: CVE-2015-1910 DESCRIPTION: IBM InfoSphere Master Data Management Server is vulnerable to cross-site scripting, cause...

3.5CVSS6.1AI score0.00783EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/04/27 9:58 a.m.11 views

Security Bulletin: Cross-Site Request Forgery vulnerability in IBM InfoSphere Master Data Management Server (CVE-2014-0873)

Summary The IBM InfoSphere Master Data Management Server User Interfaces are vulnerable to Cross-Site Request Forgery attacks. Vulnerability Details CVE ID: CVE-2014-0873 DESCRIPTION: Due to insufficient safeguards against cross-site request forgery in the IBM InfoSphere Master Data Management...

6.8CVSS5.9AI score0.0057EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2022/04/27 9:58 a.m.49 views

Security Bulletin: Denial of service vulnerability in OpenSSL affects IBM InfoSphere Master Data Management (CVE-2016-8610)

Summary IBM Initiate Master Data Service and IBM InfoSphere Master Data Management are vulnerable to a OpenSSL denial of service attack and could cause the application to stop responding. Vulnerability Details CVEID: CVE-2016-8610 DESCRIPTION: SSL/TLS protocol is vulnerable to a denial of service...

5CVSS0.9AI score0.39657EPSS
Exploits1Affected Software1
Prion
Prion
added 2017/07/31 9:29 p.m.9 views

Cross site request forgery (csrf)

IBM InfoSphere Master Data Management Server 11.0, 11.3, 11.4, 11.5, and 11.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 119729...

6.8CVSS6.8AI score0.00668EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2016/01/17 5:59 a.m.18 views

Code injection

IBM InfoSphere Master Data Management - Collaborative Edition 9.1, 10.1, 11.0 before 11.0.0.0 IF11, 11.3 before 11.3.0.0 IF7, and 11.4 before 11.4.0.4 IF1 allows remote authenticated users to conduct clickjacking attacks via a crafted web site...

3.5CVSS6.5AI score0.00602EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2015/05/25 12:59 a.m.21 views

CVE-2015-1909

The XML parser in the Reference Data Management component in the server in IBM InfoSphere Master Data Management MDM 10.1 before IF1, 11.0 before FP3, 11.3, and 11.4 before FP2 allows remote attackers to read arbitrary files, and consequently obtain administrative access, via an external entity...

5CVSS6.6AI score0.01302EPSS
Exploits0References1
Prion
Prion
added 2015/05/25 12:59 a.m.15 views

Xxe

The XML parser in the Reference Data Management component in the server in IBM InfoSphere Master Data Management MDM 10.1 before IF1, 11.0 before FP3, 11.3, and 11.4 before FP2 allows remote attackers to read arbitrary files, and consequently obtain administrative access, via an external entity...

5CVSS7.1AI score0.01302EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2015/05/25 12:0 a.m.49 views

CVE-2015-1910

CVE-2015-1910 is an XSS vulnerability in IBM InfoSphere MDM Reference Data Management. The flaw affects IBM InfoSphere MDM Reference Data Management on the server side in versions 10.1 (before IF1), 11.0 (before FP3), and 11.3, allowing remote authenticated users to inject arbitrary script via a ...

3.5CVSS5.2AI score0.00783EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2015/04/16 12:0 a.m.5 views

Unspecified Cross-Site Scripting Vulnerability in IBM InfoSphere MDM Reference Data Management

IBM InfoSphere MDM Reference Data Management provides a range of capabilities essential for seamlessly managing reference data in the information world across different business domains, including comprehensive authoring and lifecycle management capabilities, a version control model, role-based...

3.5CVSS6AI score0.00783EPSS
Exploits0References1
NVD
NVD
added 2014/12/22 4:59 p.m.25 views

CVE-2014-8899

Cross-site scripting XSS vulnerability in the Collaboration Server in IBM InfoSphere Master Data Management Server for Product Information Management 9.x through 9.1 and InfoSphere Master Data Management - Collaborative Edition 10.x through 10.1, 11.0 before FP7, and 11.3 and 11.4 before 11.4 FP1...

3.5CVSS5AI score0.00759EPSS
Exploits0References2
NVD
NVD
added 2014/08/17 11:55 p.m.18 views

CVE-2014-0966

SQL injection vulnerability in the GDS component in IBM InfoSphere Master Data Management - Collaborative Edition 10.x and 11.x before 11.0-FP5 and InfoSphere Master Data Management Server for Product Information Management 9.x through 11.x before 11.3-IF2 allows remote authenticated users to...

6.5CVSS7.7AI score0.0104EPSS
Exploits0References5
Prion
Prion
added 2014/08/01 5:12 a.m.16 views

Design/Logic Flaw

The GDS component in IBM InfoSphere Master Data Management - Collaborative Edition 10.0 through 11.0 and InfoSphere Master Data Management Server for Product Information Management 9.0 and 9.1 does not properly handle FRAME elements, which makes it easier for remote authenticated users to conduct...

3.5CVSS6.4AI score0.00649EPSS
Exploits0References2Affected Software2
Rows per page
Query Builder