643 matches found
Security Bulletin: Multiple vulnerabilities in IBM Java SDK (April 2026) affect IBM InfoSphere Information Server
Summary There are multiple vulnerabilities in the IBM® SDK Java™ Technology Edition, Version 8 that is used by IBM InfoSphere Information Server. These issues were disclosed as part of the IBM Java SDK updates in April 2026. Vulnerability Details CVEID:CVE-2026-22016 DESCRIPTION: Easily exploitab...
IBM InfoSphere Information Server Information Disclosure Vulnerability (CNVD-2026-16130)
IBM InfoSphere Information Server is IBM's enterprise-class data integration platform for integrating, cleansing and transforming data from disparate sources. An information disclosure vulnerability exists in IBM InfoSphere Information Server that stems from insufficient credential protection and...
IBM InfoSphere Information Server Information Disclosure Vulnerability (CNVD-2026-16131)
IBM InfoSphere Information Server is IBM's data integration platform for integrating, cleansing, transforming and managing enterprise data. An information disclosure vulnerability exists in IBM InfoSphere Information Server that stems from the system returning overly detailed error messages. An...
IBM InfoSphere Information Server Information Disclosure Vulnerability (CNVD-2026-16129)
IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. An information disclosure vulnerability exists in IBM InfoSphere Information Server. The...
IBM InfoSphere Information Server Encryption Issues Vulnerability
IBM InfoSphere Information Server is IBM's enterprise-class data integration platform for data quality management and information integration. A security vulnerability exists in IBM InfoSphere Information Server that stems from the manipulability of JSON server responses. An attacker can exploit...
IBM InfoSphere Information Server Code Issue Vulnerability (CNVD-2026-16137)
IBM InfoSphere Information Server is IBM's enterprise-class data integration platform for integrating, cleansing, and managing data from disparate sources. A security vulnerability exists in IBM InfoSphere Information Server that stems from the system failing to adequately validate the target of ...
IBM InfoSphere Information Server Server Side Request Forgery Vulnerability
IBM InfoSphere Information Server is IBM's enterprise-class data integration platform for data quality management and information integration. IBM InfoSphere Information Server suffers from a server-side request forgery SSRF vulnerability that stems from the system failing to adequately validate...
IBM InfoSphere Information Server Information Disclosure Vulnerability (CNVD-2026-16742)
IBM InfoSphere Information Server is IBM's enterprise-class data integration platform for data quality management and ETL processing. An information disclosure vulnerability exists in IBM InfoSphere Information Server that stems from a query string of an HTTP GET request that could expose sensiti...
IBM InfoSphere Information Server Cross-Site Scripting Vulnerability (CNVD-2026-16879)
IBM InfoSphere Information Server is IBM's enterprise-class data integration platform for data quality governance, data integration and master data management. A security vulnerability exists in IBM InfoSphere Information Server that stems from improper validation of HOST header input. An attacke...
CVE-2025-14974
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable due to Insecure Direct Object Reference IDOR...
CVE-2025-14808
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 could allow an attacker to obtain sensitive information from the query string of an HTTP GET method to process a request which could be obtained using man in the middle techniques...
CVE-2025-14810
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 does not invalidate a session after privileges have been modified which could allow an authenticated user to retain access to sensitive information. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L CWE: CWE-613: Insufficient Session Expirati...
CVE-2026-2484
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is affected by an information exposure vulnerability caused by overly verbose error messages...
CVE-2025-36258
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 product stores user credentials and other sensitive information in plain text which can be read by a local user...
EUVD-2025-209025
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 IBM InfoSphere DataStage Flow Designer is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts...
EUVD-2026-15980
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is affected by an information disclosure vulnerability...
EUVD-2025-209010
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 could allow an attacker to obtain sensitive information due to insufficiently protected credentials...
CVE-2026-2485
IBM Infosphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a...
CVE-2025-36422
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 IBM InfoSphere DataStage Flow Designer is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts...
CVE-2025-36258
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 product stores user credentials and other sensitive information in plain text which can be read by a local user...