CVE-2025-66484 Multiple vulnerabilities have been addressed in IBM Aspera Shares

IBM Aspera Shares 1.9.9 through 1.11.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

EUVD-2025-36327

IBM QRadar SIEM 7.5 through 7.5.0 Update Pack 13 Independent Fix 02 is vulnerable to stored cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure...

EUVD-2025-25524

Malicious code in bioql PyPI...

CVE-2024-20301

A vulnerability in Cisco Duo Authentication for Windows Logon and RDP could allow an authenticated, physical attacker to bypass secondary authentication and access an affected Windows device. This vulnerability is due to a failure to invalidate locally created trusted sessions after a reboot of t...

CVE-2024-37528

IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, 22.0.2, 23.0.1, and 23.0.2 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web...

PT-2024-4810 · Ibm · Ibm Security Guardium

Name of the Vulnerable Software and Affected Versions: IBM Security Guardium versions 11.4 through 12.0 Description: The issue exists due to insufficient protection of the web page structure, allowing a remote attacker to exploit it and potentially disclose credentials within a trusted session...

CVE-2023-28517

IBM Sterling Partner Engagement Manager 6.1.2, 6.2.0, and 6.2.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

Cisco Duo Authentication Bypass Vulnerability

Cisco Duo is a fully managed solution from Cisco, Inc. Provides secure access to your applications and data. An authentication bypass vulnerability exists in Cisco Duo that stems from the inability to disable locally created trusted sessions after an affected device reboots, which can be exploite...

Cisco Duo Authentication for Windows Logon and RDP Authentication Bypass Vulnerability

A vulnerability in Cisco Duo Authentication for Windows Logon and RDP could allow an authenticated, physical attacker to bypass secondary authentication and access an affected Windows device. This vulnerability is due to a failure to invalidate locally created trusted sessions after a reboot of t...

Cisco Duo 安全漏洞

Cisco Duo is a fully managed solution from Cisco, Inc. Provides secure access to your applications and data. An authentication bypass vulnerability exists in Cisco Duo that stems from the inability to disable locally created trusted sessions after an affected device reboots, which can be exploite...

CVE-2023-22860

IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the...

IBM Aspera Faspex Cross-Site Scripting Vulnerability

IBM Aspera is an IBM FASP protocol-based fast file transfer and streaming solution from International Business Machines IBM. IBM Aspera Faspex version 4.4.1 contains a cross-site scripting vulnerability, which stems from a cross-site scripting vulnerability that could be exploited by an attacker ...

IBM InfoSphere Information Server Cross-Site Scripting Vulnerability (CNVD-2023-07922)

IBM InfoSphere Information Server is a data integration platform from International Business Machines Corporation IBM. IBM InfoSphere Information Server version 11.7 contains a cross-site scripting vulnerability that allows users to embed arbitrary JavaScript code in the Web UI via cross-site...

IBM Sterling B2B Integrator Cross-Site Scripting Vulnerability (CNVD-2023-05238)

IBM Sterling B2B Integrator is a suite of software from International Business Machines IBM that integrates critical B2B processes, transactions and relationships. The software supports secure integration of complex B2B processes with diverse partner communities. A cross-site scripting...

IBM Sterling B2B Integrator Standard Edition Cross-Site Scripting Vulnerability (CNVD-2023-05243)

IBM Sterling B2B Integrator is a suite of software from IBM USA that integrates essential B2B processes, transactions and relationships. A cross-site scripting vulnerability exists in IBM Sterling B2B Integrator Standard Edition versions 6.0.0.0 through 6.1.2.1. An attacker could exploit the...

IBM Security Verify Governance Identity Manager Cross-Site Scripting Vulnerability

IBM Security Verify Governance Identity Manager is an IBM network appliance-based integration that focuses on business-centric rules, activities, and processes. version 10.0.1 of IBM Security Verify Governance Identity Manager is vulnerable to A cross-site scripting vulnerability exists. An...

IBM DataPower Gateway 跨站脚本漏洞

IBM DataPower Gateway is a suite of security and integration platforms from IBM USA designed specifically for mobile, cloud, application programming interfaces APIs, web, service-oriented architecture SOA, B2B and cloud workloads. The platform protects, integrates and optimizes access across...

CVE-2021-39015

IBM Engineering Lifecycle Optimization - Publishing 7.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...

IBM Robotic Process Automation跨站脚本漏洞

IBM Robotic Process Automation is a robotic process automation product from IBM, Inc. It helps you automate more business and IT processes at scale with the ease and speed of traditional RPA. IBM Robotic Process Automation versions 21.0.1 and 21.0.2 contain a cross-site scripting vulnerability th...

IBM Maximo Asset Management 跨站脚本漏洞

IBM Maximo Asset Management is a comprehensive asset lifecycle and maintenance management solution from IBM USA. The solution enables the management of all types of assets, such as facilities, transportation, etc., on a single platform with a single point of control over those assets.IBM Maximo...