3131 matches found
CVE-2026-1015
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks...
CVE-2026-1014 IBM InfoSphere Information Server is vulnerable due to disclosure of sensitive information
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to exposure of sensitive information via JSON server response manipulation...
CVE-2026-1014
CVE-2026-1014 affects IBM InfoSphere Information Server 11.7.0.0–11.7.1.6, where sensitive information can be exposed through manipulation of JSON server responses. The underlying issue is the manipulability of JSON server responses, enabling disclosure of sensitive data (CVSS v3.1 base score 6.5...
CVE-2026-1014
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to exposure of sensitive information via JSON server response manipulation...
CVE-2026-1014 IBM InfoSphere Information Server is vulnerable due to disclosure of sensitive information
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to exposure of sensitive information via JSON server response manipulation...
CVE-2026-2483
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...
CVE-2026-2483 IBM InfoSphere Information Server Cross-Site Scripting
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...
CVE-2026-2483
IBM InfoSphere Information Server versions 11.7.0.0–11.7.1.6 are vulnerable to a cross-site scripting flaw in the Web UI (CVE-2026-2483), potentially allowing an attacker to inject arbitrary JavaScript and disclose credentials in a trusted session. Root cause is improper handling of input in the ...
CVE-2026-2484 IBM InfoSphere Information Server Information Disclosure
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is affected by an information exposure vulnerability caused by overly verbose error messages...
CVE-2026-2484
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is affected by an information exposure vulnerability caused by overly verbose error messages...
CVE-2026-2484 IBM InfoSphere Information Server Information Disclosure
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is affected by an information exposure vulnerability caused by overly verbose error messages...
CVE-2025-36422
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 IBM InfoSphere DataStage Flow Designer is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts...
CVE-2025-36422 IBM InfoSphere Information Server is vulnerable to cross-site request forgery
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 IBM InfoSphere DataStage Flow Designer is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts...
CVE-2025-36422
IBM InfoSphere Information Server (11.7.0.0–11.7.1.6), specifically DataStage Flow Designer, is affected by CVE-2025-36422: Cross-Site Request Forgery that could allow an attacker to perform malicious actions via a trusted user session. The vulnerability has a CVSS v3.1 base score of 4.3 (Medium)...
CVE-2025-36258 IBM InfoSphere Information Server is vulnerable due to plaintext storage of a password
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 product stores user credentials and other sensitive information in plain text which can be read by a local user...
CVE-2025-36258
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 product stores user credentials and other sensitive information in plain text which can be read by a local user...
CVE-2025-36258 IBM InfoSphere Information Server is vulnerable due to plaintext storage of a password
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 product stores user credentials and other sensitive information in plain text which can be read by a local user...
CVE-2025-36258
CVE-2025-36258 affects IBM InfoSphere Information Server 11.7.0.0–11.7.1.6. The root cause is plaintext storage of user credentials and other sensitive information, allowing a local user to read them. IBM’s security bulletin notes a CVSSv3.1 base score of 7.1 (vector: AV:L/AC:L/PR:N/UI:N/S:C/C:H/...
CVE-2026-2485
IBM Infosphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a...
CVE-2026-2485 IBM InfoSphere Information Server Cross-Site Scripting
IBM Infosphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a...