CVE-2010-0557

IBM Cognos Express 9.0 allows attackers to obtain unspecified access to the Tomcat Manager component, and cause a denial of service, by leveraging hardcoded credentials...

EUVD-2013-5283

Malware in sbrugna...

EUVD-2013-5284

Malware in sbrugna...

EUVD-2013-5285

Malware in sbrugna...

Security Bulletin: Multiple Security Vulnerabilities exist in IBM Cognos Express.

Summary There are multiple vulnerabilities in IBM SDK, Java Technology Edition Quarterly CPU - Oct 2015 - Includes Oracle Oct 2015 CPU + CVE-2015-5006; IBM SDK, Java Technology Edition Quarterly CPU - Jan 2016 - Includes Oracle Jan 2016 CPU + 3 IBM CVEs; IBM SDK, Java Technology Edition Quarterly...

Security Bulletin: Multiple Security Vulnerabilities exist in IBM Cognos Express.

Summary There is a vulnerability in IBM® Runtime Environment Java™ Technology Edition Version 7 that is used by IBM Cognos Express. This issue was disclosed as part of the IBM Java SDK updates in July 2016. OpenSSL vulnerabilities were disclosed by the OpenSSL Project. OpenSSL is used by IBM Cogn...

Security Bulletin: Multiple vulnerabilities in IBM Cognos Express (CVE-2013-5443, CVE-2013-5445, CVE-2013-5444, CVE-2013-2407, CVE-2013-2450, CVE-2013-0169, CVE-2013-1478, CVE-2013-1480)

Summary A number of security vulnerabilities in IBM Cognos Express have been identified and addressed in a software update. Vulnerability Details CVE ID: CVE-2013-5443 DESCRIPTION: A Cross Site Request Forgery CSRF vulnerability in IBM Cognos Express allows an attacker that is able to trick an...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Cognos Express (CVE-2014-4244, CVE-2014-4263)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is used by IBM Cognos Express. These issues were disclosed as part of the IBM Java SDK updates in July 2014. Vulnerability Details CVEID: CVE-2014-4263 DESCRIPTION: An unspecified vulnerability related to the...

Security Bulletin: The Java version bundled with IBM Cognos Express is susceptible to unspecified vulnerabilities in the Java Runtime Environment (JRE) (CVE-2012-0498 and CVE-2012-5081)

Summary The version of Java included with IBM Cognos Express has a reported vulnerability that allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D CVE-2012-0498 and allows remote attackers to affect availability CVE-2012-5081...

Security Bulletin: IBM Cognos Express is affected by vulnerabilities in Installshield and InstallAnywhere

Summary IBM Cognos Express is affected by these vulnerabilities. InstallShield and InstallAnywhere generate installation executables which are vulnerable to DLL-planting vulnerability. Vulnerability Details CVEID: CVE-2016-2542 DESCRIPTION: Flexera InstallShield could allow a local attacker to ga...

Security Bulletin: Multiple security exposures in IBM Cognos Express (CVE-2013-5802, CVE-2013-5825)

Summary IBM Cognos Express is affected by multiple security exposures. Vulnerability Details CVE ID : CVE-2013-5802 DESCRIPTION : If an attacker is able to upload malformed or extremely large streams of XML data to the IBM Cognos BI Server, they may be able to cause the application to crash,...

Security Bulletin: Multiple Security Vulnerabilities exist in IBM Cognos Express.

Summary There are multiple vulnerabilities in Open Source Apache Tomcat that is used by IBM Cognos Express. Additionally, there are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 6 that is used by IBM Cognos Express. This bulletin also addresses LOGJAM: The...

Security Bulletin: Multiple Security Vulnerabilities exist in IBM Planning Analytics Express and IBM Cognos Express.

Summary There are vulnerabilities in IBM® Runtime Environment Java™ Technology Edition Version 7 that is used by IBM Planning Analytics Express and IBM Cognos Express. These issues were disclosed as part of the IBM Java SDK updates in Oct 2016 and Jan 2017. OpenSSL vulnerabilities were disclosed ...

Security vulnerabilities have been identified in products shipped with IBM Planning Analytics Express and IBM Cognos Express

Summary IBM Planning Analytics and IBM Cognos Analytics are shipped with IBM Planning Analytics Express. Information about security vulnerabilities affecting IBM Planning Analytics and IBM Cognos Analytics has been published in security bulletins. IBM Cognos Business Intelligence and IBM Cognos T...

CVE-2013-5445

IBM Cognos Express 9.0 before IFIX 2, 9.5 before IFIX 2, 10.1 before IFIX 2, and 10.2.1 before FP1 allows local users to obtain sensitive cleartext information by leveraging knowledge of a static decryption key...

CVE-2013-5443

Cross-site request forgery CSRF vulnerability in IBM Cognos Express 9.0 before IFIX 2, 9.5 before IFIX 2, 10.1 before IFIX 2, and 10.2.1 before FP1 allows remote attackers to hijack the authentication of arbitrary users...

CVE-2013-5444

The server in IBM Cognos Express 9.0 before IFIX 2, 9.5 before IFIX 2, 10.1 before IFIX 2, and 10.2.1 before FP1 allows remote attackers to read encrypted credentials via unspecified vectors...

Code injection

The server in IBM Cognos Express 9.0 before IFIX 2, 9.5 before IFIX 2, 10.1 before IFIX 2, and 10.2.1 before FP1 allows remote attackers to read encrypted credentials via unspecified vectors...

Code injection

IBM Cognos Express 9.0 before IFIX 2, 9.5 before IFIX 2, 10.1 before IFIX 2, and 10.2.1 before FP1 allows local users to obtain sensitive cleartext information by leveraging knowledge of a static decryption key...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in IBM Cognos Express 9.0 before IFIX 2, 9.5 before IFIX 2, 10.1 before IFIX 2, and 10.2.1 before FP1 allows remote attackers to hijack the authentication of arbitrary users...