2454 matches found
CVE-2025-13213
IBM Aspera Orchestrator 3.0.0 through 4.1.2 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacki...
CVE-2025-13213 Multiple vulnerabilities in IBM Aspera Orchestrator
IBM Aspera Orchestrator 3.0.0 through 4.1.2 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacki...
CVE-2025-13213 Multiple vulnerabilities in IBM Aspera Orchestrator
IBM Aspera Orchestrator 3.0.0 through 4.1.2 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacki...
CVE-2025-13219 Multiple vulnerabilities in IBM Aspera Orchestrator
IBM Aspera Orchestrator 3.0.0 through 4.1.2 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history...
CVE-2025-13219
CVE-2025-13219 affects IBM Aspera Orchestrator versions 3.0.0–4.1.2. The vulnerability stems from storing sensitive data in URL parameters, potentially exposing confidential information via server logs, referrer headers, or browser history. The Red Hat/IBM advisories and IBM security bulletin con...
CVE-2025-13219 Multiple vulnerabilities in IBM Aspera Orchestrator
IBM Aspera Orchestrator 3.0.0 through 4.1.2 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history...
CVE-2025-13219
IBM Aspera Orchestrator 3.0.0 through 4.1.2 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history...
Security Bulletin: Multiple vulnerabilities in IBM Aspera Orchestrator
Summary Multiple vulnerabilities were addressed in IBM Aspera Orchestrator 4.1.3 Vulnerability Details CVEID:CVE-2025-13213 DESCRIPTION: IBM Aspera Orchestrator is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to...
PT-2026-24404
IBM Aspera Orchestrator 3.0.0 through 4.1.2 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacki...
IBM Aspera Orchestrator 安全漏洞
IBM Aspera Orchestrator is a web-based application developed by IBM. It provides efficient file processing pipelines for data-driven businesses. There were security vulnerabilities in the version 3.0.0 to 4.1.2 of IBM Aspera Orchestrator. These vulnerabilities stemmed from the storage of sensitiv...
PT-2026-24405
IBM Aspera Orchestrator 3.0.0 through 4.1.2 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history...
IBM Aspera Orchestrator 安全漏洞
IBM Aspera Orchestrator is a web-based application developed by IBM. It provides efficient file processing pipelines for data-driven businesses. Versions 3.0.0 to 4.1.2 of IBM Aspera Orchestrator have security vulnerabilities. These vulnerabilities stem from improper input validation of the HOST...
Microsoft Payment Orchestrator Service Access Control Error Vulnerability
Microsoft Payment Orchestrator Service is a Microsoft feature that provides cloud-native payment process automation and orchestration for the financial services industry. An Access Control Error vulnerability exists in Microsoft Payment Orchestrator Service, which stems from improper authenticati...
CVE-2026-26125
Payment Orchestrator Service Elevation of Privilege Vulnerability...
EUVD-2026-9890
Payment Orchestrator Service Elevation of Privilege Vulnerability...
CVE-2026-26125
Payment Orchestrator Service Elevation of Privilege Vulnerability...
CVE-2026-26125 Payment Orchestrator Service Elevation of Privilege Vulnerability
...
CVE-2026-26125
CVE-2026-26125 describes an elevation of privilege vulnerability affecting the Payment Orchestrator Service. The PT-2026-23573 entry confirms a privilege-escalation issue with Payment Orchestrator Service but does not specify affected versions. Multiple sources label this as a Microsoft product i...
CVE-2026-26125
Payment Orchestrator Service Elevation of Privilege Vulnerability...
CVE-2026-26125 Payment Orchestrator Service Elevation of Privilege Vulnerability
...