Security Bulletin: IBM InfoSphere Information Server is affected by multiple vulnerabilities in OpenSSL

Summary Multiple vulnerabilities in OpenSSL that is used by IBM InfoSphere Information Server were addressed. Vulnerability Details CVEID:CVE-2026-22796 DESCRIPTION: Issue summary: A type confusion vulnerability exists in the signature verification of signed PKCS7 data where an ASN1TYPE union...

CVE-2025-36422 IBM InfoSphere Information Server is vulnerable to cross-site request forgery

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 IBM InfoSphere DataStage Flow Designer is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts...

CVE-2026-1262 IBM InfoSphere Information Server Information Disclosure

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is affected by an information disclosure vulnerability...

EUVD-2012-0732

Malware in sbrugna...

EUVD-2016-0315

Malware in sbrugna...

Security Bulletin: IBM Information Server is affected by an Information Disclosure vulnerability (CVE-2025-1138)

Summary An Information Disclosure vulnerability in IBM Information Server was addressed. Vulnerability Details CVEID:CVE-2025-1138 DESCRIPTION: IBM InfoSphere Information Server could disclose sensitive information to an authenticated user that could aid in further attacks against the system...

CVE-2025-1138

CVE-2025-1138 affects IBM InfoSphere Information Server 11.7. An Information Disclosure vulnerability allows an authenticated user to obtain sensitive information via a directory listing, enabling potential follow-on attacks. The issue is addressed in IBM’s Security Bulletin for CVE-2025-1138, wh...

CVE-2024-51459

IBM InfoSphere Information Server 11.7 could allow a local user to execute privileged commands due to the improper handling of permissions...

PT-2024-4816 · Ibm · Ibm Infosphere Information Server

Name of the Vulnerable Software and Affected Versions: IBM InfoSphere Information Server version 11.7 Description: The issue allows users to embed arbitrary JavaScript code in the Web UI, potentially altering the intended functionality and leading to credentials disclosure within a trusted sessio...

IBM InfoSphere Information Server 安全漏洞

IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. A CSV injection vulnerability exists in IBM InfoSphere Information Server version 11.7, which...

Security Bulletin: IBM InfoSphere Information Server is vulnerable to privilege escalation

Summary A privilege escalation vulnerability was addressed by IBM InfoSphere Information Server. Vulnerability Details CVEID: CVE-2017-1350 DESCRIPTION: IBM InfoSphere Information Server could allow a user to escalate their privileges to administrator due to improper access controls. CVSS Base...

Security Bulletin: IBM Information Server on Cloud is affected by the vulnerabilities known as Spectre and Meltdown.

Summary IBM Information Server on Cloud is affected by the vulnerabilities known as Spectre and Meltdown, which can enable CPU data cache timing to be abused to bypass conventional memory security restrictions to gain access to privileged memory that should be inaccessible. Vulnerability Details...

IBM Information Server Framework and InfoSphere Information Server on Cloud Cross-Site Scripting Vulnerability

IBM Information Server Framework and InfoSphere Information Server on Cloud are both products of the U.S. company IBM. The former is a set of data integration platform framework; the latter is a set of cloud-based data integration platform. A cross-site scripting vulnerability exists in IBM...

Cross site scripting

Cross-site scripting XSS vulnerability in IBM Information Server Framework 8.5, Information Server Framework and InfoSphere Information Server Business Glossary 8.7 before FP2, Information Server Framework and InfoSphere Information Server Business Glossary 9.1 before 9.1.2.0, Information Server...

CVE-2016-0280

CVE-2016-0280 is an XSS vulnerability affecting IBM InfoSphere Information Server Framework, Information Governance Catalog, and Business Glossary across multiple versions (ISF 8.5, IGC 11.3/11.5, BI Glossary 8.7/9.1, Framework 8.7/9.1/11.3/11.5). The root cause is improper validation of user-sup...