CVE-2025-36100

IBM MQ LTS 9.1.0.0 through 9.1.0.29, 9.2.0.0 through 9.2.0.36, 9.3.0.0 through 9.3.0.30 and 9.4.0.0 through 9.4.0.12 and IBM MQ CD 9.3.0.0 through 9.3.5.1 and 9.4.0.0 through 9.4.3.0 Java and JMS stores a password in client configuration files when trace is enabled which can be read by a local...

Security Bulletin: IBM Tivoli Composite Application Manager for Application Diagnostics installed IBM WebSphere Application Server is vulnerable to server-side request forgery (CVE-2025-27907)

Summary The security issue described in CVE-2025-27907 has been identified in the WebSphere Application Server included as part of IBM Tivoli Composite Application Manager for Application Diagnostics. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

Security Bulletin: IBM TRIRIGA Application Platform discloses server-side request forgery (CVE-2020-11988)

Summary CV-2020-11988 Apache XML Graphis Commons is vulerable to server-side request forgery. Vulnerability Details CVEID: CVE-2020-11988 DESCRIPTION: Apache XML Graphics Commons is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a...

CVE-2017-1292

IBM Maximo Asset Management 7.5 and 7.6 generates error messages that could reveal sensitive information that could be used in further attacks against the system. IBM X-Force ID: 125153...