EUVD-2016-0285

Malware in sbrugna...

Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in VMware Tanzu Spring Framework (CVE-2024-38808)

Summary A vulnerability in VMware Tanzu Spring Framework that is used by InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2024-38808 DESCRIPTION: VMware Tanzu Spring Framework is vulnerable to a denial of service, caused by improper input validation. By sending a...

Security Bulletin: IBM Information Governance Catalog is vulnerable to unrestricted file upload (CVE-2024-40705)

Summary An unrestricted file upload vulnerability in Information Governance Catalog was addressed. Vulnerability Details CVEID:CVE-2024-40705 DESCRIPTION: IBM Information Governance Catalog could allow an authenticated user to consume file space resources due to unrestricted file uploads. CVSS Ba...

Security Bulletin: IBM InfoSphere Information Governance Dashboard is affected by an Information Disclosure vulnerability

Summary An Information Disclosure vulnerability was addressed by IBM InfoSphere Information Governance Dashboard. Vulnerability Details CVEID: CVE-2019-4453 DESCRIPTION: IBM InfoSphere Information Server could disclose sensitive information to an unauthorized user that could be used in further...

Security Bulletin: IBM InfoSphere Information Governance Catalog is affected by a privilege escalation vulnerability

Summary A privilege escalation vulnerability was addressed in InfoSphere Information Governance Catalog. Vulnerability Details CVEID: CVE-2019-4607 DESCRIPTION: IBM InfoSphere Information Governance Catalog could allow an authorized user to access details of both governance and information assets...

IBM InfoSphere Information Governance Dashboard and InfoSphere Information Server on Cloud Information Disclosure Vulnerability

IBM InfoSphere Information Server on Cloud and IBM InfoSphere Information Server are both products of IBM Corporation, U.S.A. IBM InfoSphere Information Server on Cloud is a set of cloud-based data consolidation IBM InfoSphere Information Server is a data integration platform. IBM InfoSphere...

Security Bulletin: IBM InfoSphere Information Analyzer and Information Governance Catalog is affected by an Information Disclosure vulnerability

Summary An Information Disclosure vulnerability was addressed by IBM InfoSphere Information Analyzer and Information Governance Catalog. Vulnerability Details CVEID: CVE-2019-4257 DESCRIPTION: IBM InfoSphere Information Analyzer is affected by an information disclosure vulnerability. Sensitive...

CVE-2018-1875

IBM InfoSphere Information Governance Catalog 11.3, 11.5, and 11.7 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed ...

Open redirect

IBM InfoSphere Information Governance Catalog 11.3, 11.5, and 11.7 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed ...

CVE-2018-1875

CVE-2018-1875 affects IBM InfoSphere Information Governance Catalog (IGC) versions 11.3, 11.5, and 11.7, and IBM InfoSphere Information Server on Cloud (11.5 and 11.7). The vulnerability is an open redirect that could let a remote attacker lure a user to a crafted site to spoof the displayed URL ...

CVE-2018-1875

IBM InfoSphere Information Governance Catalog 11.3, 11.5, and 11.7 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed ...

IBM InfoSphere Information Governance Catalog and InfoSphere Information Server on Cloud Open Redirect Vulnerability

IBM InfoSphere Information Server on Cloud and IBM InfoSphere Information Governance Catalog IGC, InfoSphere Business Information Exchange are both products of IBM Corporation. IBM InfoSphere Information Server on Cloud is a cloud-based data integration platform. IBM InfoSphere Information...

Security Bulletin: Multiple IBM InfoSphere Information Server components are vulnerable due to the following Castor Library vulnerability (CVE-2014-3004)

Summary Castor Library could allow a remote attacker to obtain sensitive information in various IBM Information Server components. This is caused by an XML External Entity Injection XXE error when processing XML data. By sending specially-crafted XML data, an attacker could exploit this...

Security Bulletin: IBM InfoSphere Information Governance Catalog is vulnerable to XXE Injection Attack (CVE-2016-0250)

Summary IBM InfoSphere Information Governance Catalog could allow a remote authenticated attacker to obtain sensitive information, caused by a XML external entity XXE error when processing XML data by the XML parser. A remote attacker could exploit this vulnerability to read arbitrary files on th...

Security Bulletin: A vulnerability in XStream affects IBM InfoSphere Information Governance components

Summary A vulnerability in XStream was addressed by IBM InfoSphere Information Governance Catalog, IBM InfoSphere Information Server Business Glossary, and IBM InfoSphere Information Server Business Glossary Client for Eclipse. Vulnerability Details CVEID: CVE-2017-7957 DESCRIPTION: XStream is...

Security Bulletin: Vulnerability in Apache Commons affects IBM InfoSphere Information Server (CVE-2015-7450)

Summary An Apache Commons Collections vulnerability for handling Java object deserialization was addressed by IBM InfoSphere Information Server. Information about this security vulnerability has been published in a WebSphere Application Server security bulletin. Vulnerability Details CVEID:...

IBM InfoSphere Information Governance Catalog Detection

Binary data ibmigcremotedetect.nbin...

Ahead of GDPR, Information Governance Comes into Its Own

LAS VEGAS – In sharp contrast to a year ago, a full 98 percent of US enterprises in a survey from the Information Governance Institute have embarked on information governance IG projects. That’s dramatically up to say the least: Just 10 percent last year had projects in place. Why the staggering...

GDPR Is Here: Achieve Superior Data Breach Prevention and Detection with Qualys

Turned into law in 2016, the EU’s General Data Protection Regulation GDPR finally goes into effect this week, slapping strict requirements on millions of businesses and subjecting violators to severe penalties. The complex regulation applies to any organization worldwide -- not just in Europe --...

CVE-2016-0250

XML external entity XXE vulnerability in IBM InfoSphere Information Governance Catalog 11.3 before 11.3.1.2 and 11.5 before 11.5.0.1 allows remote authenticated users to read arbitrary files or cause a denial of service via crafted XML data. IBM X-Force ID: 110510...