Lucene search
K

3131 matches found

ATTACKERKB
ATTACKERKB
added 2026/03/25 8:22 p.m.3 views

CVE-2026-2485

IBM Infosphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a...

4.8CVSS5.5AI score0.00187EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/25 8:20 p.m.4 views

CVE-2025-14974 IBM InfoSphere Information Server is vulnerable due to Insecure Direct Object Reference

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable due to Insecure Direct Object Reference IDOR...

5.7CVSS5.9AI score0.00327EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/25 8:20 p.m.23 views

CVE-2025-14974 IBM InfoSphere Information Server is vulnerable due to Insecure Direct Object Reference

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable due to Insecure Direct Object Reference IDOR...

5.7CVSS0.00327EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/25 8:20 p.m.9 views

CVE-2025-14974

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable due to Insecure Direct Object Reference IDOR...

5.7CVSS5.8AI score0.00327EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/03/25 8:20 p.m.12 views

CVE-2025-14974

CVE-2025-14974 affects IBM InfoSphere Information Server 11.7.0.0–11.7.1.6 and is caused by insecure direct object reference (IDOR). Potential impact: unauthorized access to protected objects with high confidentiality impact as per sources. Affected versions and remediation are documented in IBM’...

7.5CVSS5.8AI score0.00327EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/03/25 8:19 p.m.20 views

CVE-2026-1262 IBM InfoSphere Information Server Information Disclosure

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is affected by an information disclosure vulnerability...

4.3CVSS0.00242EPSS
Exploits0References1
CVE
CVE
added 2026/03/25 8:19 p.m.13 views

CVE-2026-1262

IBM InfoSphere Information Server versions 11.7.0.0–11.7.1.6 are affected by an information disclosure vulnerability (CVE-2026-1262). The IBM bulletin attributes the issue to CWE-209 (generation of error messages containing sensitive information) and lists a CVSS v3.1 base score of 4.3 (AV:N/AC:L...

4.3CVSS5.8AI score0.00242EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/25 8:13 p.m.1 views

CVE-2025-14912 IBM InfoSphere Information Server is vulnerable to server-side request forgery

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks...

5.4CVSS5.8AI score0.0022EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/25 8:13 p.m.3 views

CVE-2025-14912

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks...

5.4CVSS5.8AI score0.0022EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/03/25 8:13 p.m.22 views

CVE-2025-14912 IBM InfoSphere Information Server is vulnerable to server-side request forgery

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks...

5.4CVSS0.0022EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/25 8:11 p.m.2 views

CVE-2025-14810

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 does not invalidate a session after privileges have been modified which could allow an authenticated user to retain access to sensitive information. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L CWE: CWE-613: Insufficient Session Expirati...

6.3CVSS5.8AI score0.00242EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/03/25 8:11 p.m.10 views

CVE-2025-14810

The CVE-2025-14810 issue affects IBM InfoSphere Information Server versions 11.7.0.0 through 11.7.1.6. The root cause is that the product does not invalidate a user session after privileges are modified, which could allow an authenticated user to retain access to sensitive information. Multiple c...

6.5CVSS5.8AI score0.00242EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/03/25 8:11 p.m.21 views

CVE-2025-14810 IBM InfoSphere Information Server is vulnerable due to insufficient session expiration

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 does not invalidate a session after privileges have been modified which could allow an authenticated user to retain access to sensitive information. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L CWE: CWE-613: Insufficient Session Expirati...

6.3CVSS0.00242EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/25 8:9 p.m.22 views

CVE-2025-14808 IBM InfoSphere Information Server is vulnerable due to disclosure of sensitive information

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 could allow an attacker to obtain sensitive information from the query string of an HTTP GET method to process a request which could be obtained using man in the middle techniques...

3.1CVSS0.00225EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/25 8:9 p.m.3 views

CVE-2025-14808

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 could allow an attacker to obtain sensitive information from the query string of an HTTP GET method to process a request which could be obtained using man in the middle techniques...

3.1CVSS5.8AI score0.00225EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/25 8:6 p.m.2 views

CVE-2025-14790

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 could allow an attacker to obtain sensitive information due to insufficiently protected credentials...

6.5CVSS5.8AI score0.00204EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/25 8:6 p.m.2 views

CVE-2025-14790 IBM InfoSphere Information Server is vulnerable to disclosure of sensitive information

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 could allow an attacker to obtain sensitive information due to insufficiently protected credentials...

6.5CVSS5.8AI score0.00204EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/25 8:6 p.m.22 views

CVE-2025-14790 IBM InfoSphere Information Server is vulnerable to disclosure of sensitive information

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 could allow an attacker to obtain sensitive information due to insufficiently protected credentials...

6.5CVSS0.00204EPSS
Exploits0References1
CVE
CVE
added 2026/03/25 8:6 p.m.9 views

CVE-2025-14790

CVE-2025-14790 affects IBM InfoSphere Information Server 11.7.0.0–11.7.1.6, with information disclosure caused by insufficiently protected credentials. The CVSS v3.1 base score is 6.5 (Network attack, low attack complexity, user interaction none, privileges required low). Connected sources corrob...

6.5CVSS5.8AI score0.00204EPSS
Exploits0References1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/25 5:41 p.m.6 views

Security Bulletin: IBM InfoSphere Information Server is vulnerable to HTTP header injection (CVE-2025-14807)

Summary A HTTP header injection vulnerability in IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2025-14807 DESCRIPTION: IBM InfoSphere Information Server is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This coul...

6.5CVSS5.7AI score0.00221EPSS
Exploits0Affected Software1
Rows per page
Query Builder