Lucene search
+L

2454 matches found

ATTACKERKB
ATTACKERKB
added 2026/03/10 8:15 p.m.4 views

CVE-2025-13213

IBM Aspera Orchestrator 3.0.0 through 4.1.2 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacki...

5.4CVSS5.7AI score0.00165EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/10 8:15 p.m.2 views

CVE-2025-13213 Multiple vulnerabilities in IBM Aspera Orchestrator

IBM Aspera Orchestrator 3.0.0 through 4.1.2 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacki...

5.4CVSS5.7AI score0.00165EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/10 8:15 p.m.31 views

CVE-2025-13213 Multiple vulnerabilities in IBM Aspera Orchestrator

IBM Aspera Orchestrator 3.0.0 through 4.1.2 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacki...

5.4CVSS0.00165EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/10 8:8 p.m.30 views

CVE-2025-13219 Multiple vulnerabilities in IBM Aspera Orchestrator

IBM Aspera Orchestrator 3.0.0 through 4.1.2 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history...

5.9CVSS0.00334EPSS
Exploits0References1
CVE
CVE
added 2026/03/10 8:8 p.m.15 views

CVE-2025-13219

CVE-2025-13219 affects IBM Aspera Orchestrator versions 3.0.0–4.1.2. The vulnerability stems from storing sensitive data in URL parameters, potentially exposing confidential information via server logs, referrer headers, or browser history. The Red Hat/IBM advisories and IBM security bulletin con...

7.5CVSS5.8AI score0.00334EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/10 8:8 p.m.5 views

CVE-2025-13219 Multiple vulnerabilities in IBM Aspera Orchestrator

IBM Aspera Orchestrator 3.0.0 through 4.1.2 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history...

5.9CVSS5.8AI score0.00334EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/10 8:8 p.m.6 views

CVE-2025-13219

IBM Aspera Orchestrator 3.0.0 through 4.1.2 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history...

5.9CVSS5.8AI score0.00334EPSS
Exploits0References2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/10 3:29 p.m.10 views

Security Bulletin: Multiple vulnerabilities in IBM Aspera Orchestrator

Summary Multiple vulnerabilities were addressed in IBM Aspera Orchestrator 4.1.3 Vulnerability Details CVEID:CVE-2025-13213 DESCRIPTION: IBM Aspera Orchestrator is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to...

7.5CVSS5.8AI score0.00351EPSS
Exploits0Affected Software5
Positive Technologies
Positive Technologies
added 2026/03/10 12:0 a.m.15 views

PT-2026-24404

IBM Aspera Orchestrator 3.0.0 through 4.1.2 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacki...

5.4CVSS5.7AI score0.00165EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/10 12:0 a.m.7 views

IBM Aspera Orchestrator 安全漏洞

IBM Aspera Orchestrator is a web-based application developed by IBM. It provides efficient file processing pipelines for data-driven businesses. There were security vulnerabilities in the version 3.0.0 to 4.1.2 of IBM Aspera Orchestrator. These vulnerabilities stemmed from the storage of sensitiv...

7.5CVSS5.8AI score0.00334EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/10 12:0 a.m.9 views

PT-2026-24405

IBM Aspera Orchestrator 3.0.0 through 4.1.2 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history...

5.9CVSS5.8AI score0.00334EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/10 12:0 a.m.9 views

IBM Aspera Orchestrator 安全漏洞

IBM Aspera Orchestrator is a web-based application developed by IBM. It provides efficient file processing pipelines for data-driven businesses. Versions 3.0.0 to 4.1.2 of IBM Aspera Orchestrator have security vulnerabilities. These vulnerabilities stem from improper input validation of the HOST...

5.4CVSS5.7AI score0.00165EPSS
Exploits0References1
CNVD
CNVD
added 2026/03/09 12:0 a.m.5 views

Microsoft Payment Orchestrator Service Access Control Error Vulnerability

Microsoft Payment Orchestrator Service is a Microsoft feature that provides cloud-native payment process automation and orchestration for the financial services industry. An Access Control Error vulnerability exists in Microsoft Payment Orchestrator Service, which stems from improper authenticati...

9.8CVSS5.9AI score0.01171EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/07 1:43 a.m.3 views

CVE-2026-26125

Payment Orchestrator Service Elevation of Privilege Vulnerability...

9.8CVSS5.8AI score0.01171EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/06 12:31 a.m.7 views

EUVD-2026-9890

Payment Orchestrator Service Elevation of Privilege Vulnerability...

8.6CVSS5.9AI score0.01171EPSS
Exploits0References2
NVD
NVD
added 2026/03/05 11:16 p.m.4 views

CVE-2026-26125

Payment Orchestrator Service Elevation of Privilege Vulnerability...

9.8CVSS0.01171EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/05 10:18 p.m.0 views

CVE-2026-26125 Payment Orchestrator Service Elevation of Privilege Vulnerability

...

8.6CVSS5.8AI score0.01171EPSS
Exploits0References1
CVE
CVE
added 2026/03/05 10:18 p.m.27 views

CVE-2026-26125

CVE-2026-26125 describes an elevation of privilege vulnerability affecting the Payment Orchestrator Service. The PT-2026-23573 entry confirms a privilege-escalation issue with Payment Orchestrator Service but does not specify affected versions. Multiple sources label this as a Microsoft product i...

9.8CVSS5.9AI score0.01171EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/05 10:18 p.m.5 views

CVE-2026-26125

Payment Orchestrator Service Elevation of Privilege Vulnerability...

8.6CVSS5.9AI score0.01171EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/05 10:18 p.m.21 views

CVE-2026-26125 Payment Orchestrator Service Elevation of Privilege Vulnerability

...

8.6CVSS0.01171EPSS
Exploits0References1
Rows per page
Query Builder