Lucene search
+L

288 matches found

Cvelist
Cvelist
added 2025/01/27 1:45 a.m.30 views

CVE-2023-46187 IBM InfoSphere Master Data Management cross-site scripting

IBM InfoSphere Master Data Management 11.6, 12.0, and 14.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

5.4CVSS0.00268EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/27 12:0 a.m.6 views

IBM InfoSphere Master Data Management 跨站脚本漏洞

IBM InfoSphere Master Data Management is a product information management software from International Business Machines IBM. A cross-site scripting vulnerability exists in IBM InfoSphere Master Data Management versions 11.6, 12.0, and 14.0 that originates from stored cross-site scripting and coul...

5.4CVSS5.5AI score0.00268EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2024/11/19 2:5 p.m.31 views

Security Bulletin: IBM Master Data Management is vulnerable to prototype pollution from vulnerability found in Dojo (CVE-2021-23450)

Summary IBM Master Data Management v11.6, v12.0, and v14.0 are vulnerable to prototype pollution from vulnerability found in Dojo. Dojo could allow a remote attacker to cause a denial of service, caused by a prototype pollution in the setObject function. By sending a specially-crafted request, an...

9.8CVSS6.8AI score0.30367EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/11/13 2:19 p.m.18 views

Security Bulletin: IBM Master Data Management vulnerable to denial of service in IBM Business Automation Workflow using Logback

Summary IBM Master Data Management version 14.0 is impacted by vulnerability in IBM Business Automation Workflow. QOS.ch Sarl Logback is vulnerable to a denial of service, caused by a serialization flaw in the logback receiver component. By sending a specially crafted data, a local attacker could...

7.5CVSS6.2AI score0.00682EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/11/13 2:15 p.m.13 views

Security Bulletin: IBM Master Data Management vulnerable to a denial of Service vulnerability from jose4j in IBM Business Automation Workflow

Summary IBM Master Data Management v14.0 is vulnerable to a denial of Service vulnerability from jose4j in IBM Business Automation Workflow. jose4j is vulnerable to a denial of service, caused by improper input validation. By sending a specially crafted p2c value, a remote attacker could exploit...

6.5CVSS6.7AI score0.00879EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/11/13 2:12 p.m.15 views

Security Bulletin: IBM Master Data Management Server vulnerable to a denial of service from IBM Business Workflow Automation Event Emitters using snappy

Summary IBM Master Data Management version 14.0 is vulnerable to a denial of service from a package of snappy being used in IBM Business Workflow Automation Event Emitters. snappy-java is vulnerable to a denial of service, caused by missing upper bound check on chunk length. By sending a speciall...

7.5CVSS6.6AI score0.0104EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/11/12 6:47 p.m.18 views

Security Bulletin: IBM Master Data Management has identfied a cross-site scripting vulnerability affecting Inspector application and supporting API's (CVE-2023-46187)

Summary InfoSphere Master Data Management v11.6, v12.0, and v14.0 were found to be vulnerable to cross-site scripting in Inspector application. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to...

5.4CVSS5.7AI score0.00268EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/11/11 10:21 p.m.23 views

Security Bulletin: IBM Master Data Management vulnerable to information disclosure due to IBM WebSphere Application Server

Summary IBM Master Data Management version 11.6, 12.0, and 14.0 are impacted by vulnerability in IBM WebSphere Application Server that can lead to information disclosure. IBM WebSphere Application Server 8.5 and 9.0 could allow an attacker with access to the network to conduct spoofing attacks. A...

5.9CVSS5.8AI score0.00268EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/10/29 4:33 p.m.26 views

Security Bulletin: IBM Master Data Management is vulnerable to denial of service through OpenSSL by a specially crafted request (CVE-2023-2650)

Summary IBM Master Data Management v11.6, and v12.0 are vulnerable to denial of service through OpenSSL by a specially crafted request from no message size limit. OpenSSL is vulnerable to a denial of service, caused by a flaw when using OBJobj2txt directly, or use any of the OpenSSL subsystems...

6.5CVSS6.9AI score0.75116EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/10/28 4:51 p.m.31 views

Security Bulletin: IBM Master Data Management vulnerable to remote attack and denial of service from vulnerabilites in OpenSSL (CVE-2022-4304, CVE-2023-0215, CVE-2023-0286)

Summary IBM Master Data Management v11.6, and v12.0 are vulnerable to remote attack and denial of service from vulnerabilites found in OpenSSL. OpenSSL could allow a remote attacker to obtain sensitive information, caused by a timing-based side channel in the RSA Decryption implementation. By...

7.5CVSS7.5AI score0.59501EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/10/28 4:46 p.m.14 views

Security Bulletin: IBM Master Data Management vulnerable to denial of service from Apache Commons FileUpload (CVE-2023-24998)

Summary IBM Master Data Management v11.6, v12.0, and v14.0 are vulnerable to a denial of service caused by not limiting the number of requests processed in the file upload function in Apache Commons FileUpload. Apache Commons FileUpload and Tomcat are vulnerable to a denial of service, caused by...

7.5CVSS6.8AI score0.46836EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/10/26 11:28 p.m.33 views

Security Bulletin: IBM Master Data Management vulnerable to a denial of service from OpenSSL generate key function (CVE-2023-5678)

Summary IBM Master Data Management v11.6, and v12.0 are vulnerable to a denial of service from OpenSSL and an exploit found in using the DHgeneratekey function. Openssl is vulnerable to a denial of service, caused by a flaw when using DHgeneratekey function to generate an X9.42 DH key. By sending...

5.3CVSS6.8AI score0.04459EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/10/25 10:6 p.m.20 views

Security Bulletin: IBM Master Data Management is vulnerable to denial of service from a vulnerability found in OpenSSL (CVE-2022-0778)

Summary IBM Master Data Management v11.6, and v12.0 are vulnerable to a denial of service from a vulnerability found in OpenSSL. OpenSSL is vulnerable to a denial of service, caused by a flaw in the BNmodsqrt function when parsing certificates. By using a specially-crafted certificate with invali...

7.5CVSS7.1AI score0.70561EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/10/25 10:3 p.m.18 views

Security Bulletin: IBM Master Data Management has vulnerabilites from use of vulnerable Dojo 1.3.2 in WebReports (CVE-2010-2276, CVE-2018-15494, CVE-2010-2274, CVE-2010-2275, CVE-2010-2273, CVE-2018-1000665)

Summary IBM Master Data Management v11.6, v,12.0, and v14.0 are vulnerable to exploits and vulnerabilites found in Dojo 1.3.2. Dojo has an unspecified vulnerability in the default configuration of the build process and is vulnerable to cross-site scripting, caused by improper validation of...

10CVSS6.8AI score0.04545EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/10/25 9:6 p.m.41 views

Security Bulletin: IBM Master Data Management is vulnerable to a denial of service from a flaw in DH keys or parameters in OpenSSL (CVE-2023-3446)

Summary IBM Master Data Management v11.6, and v12.0 are vulnerable to a denial of service from a flaw in DH keys or parameters in OpenSSL. OpenSSL is vulnerable to a denial of service, caused by a flaw when using the DHcheck, DHcheckex or EVPPKEYparamcheck functions to check a DH key or DH...

5.3CVSS6.8AI score0.05533EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/10/25 8:59 p.m.53 views

Security Bulletin: IBM Master Data Management is vulnerable to a denial of service from a flaw in DH keys or parameters in OpenSSL (CVE-2023-3817)

Summary IBM Master Data Management v11.6, and v12.0 are vulnerable to a denial of service from a flaw in DH keys or parameters in OpenSSL. OpenSSL is vulnerable to a denial of service, caused by a flaw when using the DHcheck, DHcheckex or EVPPKEYparamcheck functions to check a DH key or DH...

5.3CVSS6.8AI score0.02577EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/10/25 8:48 p.m.33 views

Security Bulletin: IBM Master Data Management vulnerable to remote attacker due to flaws found in OpenSSL (CVE-2023-0466, CVE-2023-0465)

Summary IBM Master Data Management v11.6, and v12.0 are vulnerable to remote attackers due to flaws found in OpenSSL. OpenSSL could allow a remote attacker to bypass security restrictions, caused by a flaw in the X509VERIFYPARAMadd0policy function. By using invalid certificate policies, an attack...

5.3CVSS6.8AI score0.01625EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/10/25 8:40 p.m.36 views

Security Bulletin: IBM Master Data Management is vulnerable to specially crafted certificate chains in OpenSSL leading to a denial of service (CVE-2023-0464)

Summary IBM Master Data Management v11.6, and v12.0 are vulnerable to denial of service from specially crafted certificate chains in OpenSSL leading to a denial of service. OpenSSL is vulnerable to a denial of service, caused by an error related to the verification of X.509 certificate chains tha...

7.5CVSS6.8AI score0.03658EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/10/25 2:45 p.m.27 views

Security Bulletin: IBM Master Data Management may provide weaker than expected security due to OpenSSL through a carry propogation flaw (CVE-2021-4160)

Summary IBM Master Data Management v11.6, and v12.0 are vulnerable to a carry propogation flaw found in OpenSSL. OpenSSL could provide weaker than expected security, caused by a carry propagation flaw in the MIPS32 and MIPS64 squaring procedure. An attacker could exploit this vulnerability to...

5.9CVSS6.2AI score0.03803EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2024/10/23 12:0 a.m.16 views

PT-2025-1504 · Ibm · Ibm Infosphere Master Data Management

Name of the Vulnerable Software and Affected Versions: IBM InfoSphere Master Data Management versions 11.6, 12.0, and 14.0 Description: The issue allows users to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure...

5.5CVSS6.1AI score0.00268EPSS
Exploits0References7
Rows per page
Query Builder