Lucene search
K

3131 matches found

EUVD
EUVD
added 2026/03/25 9:30 p.m.5 views

EUVD-2025-209016

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 could allow an attacker to obtain sensitive information from the query string of an HTTP GET method to process a request which could be obtained using man in the middle techniques...

3.1CVSS5.8AI score0.00225EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/25 9:30 p.m.5 views

EUVD-2025-209014

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or...

6.5CVSS5.6AI score0.00221EPSS
Exploits0References2
NVD
NVD
added 2026/03/25 9:16 p.m.6 views

CVE-2026-2485

IBM Infosphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a...

4.8CVSS0.00187EPSS
Exploits0References1
NVD
NVD
added 2026/03/25 9:16 p.m.5 views

CVE-2026-2483

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

5.4CVSS0.00208EPSS
Exploits0References1
NVD
NVD
added 2026/03/25 9:16 p.m.9 views

CVE-2026-1015

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks...

5.4CVSS0.00207EPSS
Exploits0References1
NVD
NVD
added 2026/03/25 9:16 p.m.10 views

CVE-2026-1014

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to exposure of sensitive information via JSON server response manipulation...

6.5CVSS0.00214EPSS
Exploits0References1
NVD
NVD
added 2026/03/25 9:16 p.m.3 views

CVE-2026-1262

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is affected by an information disclosure vulnerability...

4.3CVSS0.00242EPSS
Exploits0References1
NVD
NVD
added 2026/03/25 9:16 p.m.3 views

CVE-2025-36422

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 IBM InfoSphere DataStage Flow Designer is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts...

4.3CVSS0.00139EPSS
Exploits0References1
NVD
NVD
added 2026/03/25 9:16 p.m.5 views

CVE-2025-14912

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks...

5.4CVSS0.0022EPSS
Exploits0References1
NVD
NVD
added 2026/03/25 9:16 p.m.3 views

CVE-2025-14974

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable due to Insecure Direct Object Reference IDOR...

7.5CVSS0.00327EPSS
Exploits0References1
NVD
NVD
added 2026/03/25 9:16 p.m.5 views

CVE-2025-36258

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 product stores user credentials and other sensitive information in plain text which can be read by a local user...

7.1CVSS0.00155EPSS
Exploits0References1
NVD
NVD
added 2026/03/25 9:16 p.m.6 views

CVE-2025-14807

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or...

6.5CVSS0.00221EPSS
Exploits0References1
NVD
NVD
added 2026/03/25 9:16 p.m.4 views

CVE-2025-14810

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 does not invalidate a session after privileges have been modified which could allow an authenticated user to retain access to sensitive information. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L CWE: CWE-613: Insufficient Session Expirati...

6.5CVSS0.00242EPSS
Exploits0References1
NVD
NVD
added 2026/03/25 9:16 p.m.4 views

CVE-2025-14808

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 could allow an attacker to obtain sensitive information from the query string of an HTTP GET method to process a request which could be obtained using man in the middle techniques...

3.1CVSS0.00225EPSS
Exploits0References1
CVE
CVE
added 2026/03/25 8:46 p.m.15 views

CVE-2025-14807

IBM InfoSphere Information Server is affected by CVE-2025-14807 due to HTTP header injection from improper HOST header validation. Affected versions are InfoSphere Information Server 11.7.0.0 through 11.7.1.6. IBM lists remediation to upgrade to 11.7.1.0 or 11.7.1.6, including 11.7.1.6 Service Pa...

6.5CVSS5.6AI score0.00221EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/25 8:46 p.m.3 views

CVE-2025-14807

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or...

6.5CVSS5.6AI score0.00221EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/25 8:46 p.m.1 views

CVE-2025-14807 IBM InfoSphere Information Server is vulnerable to HTTP header injection

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or...

6.5CVSS5.8AI score0.00221EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/25 8:41 p.m.2 views

CVE-2026-1015

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks...

5.4CVSS5.8AI score0.00207EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/25 8:41 p.m.1 views

CVE-2026-1015 IBM InfoSphere Information Server is vulnerable to server-side request forgery

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks...

5.4CVSS5.8AI score0.00207EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/25 8:41 p.m.26 views

CVE-2026-1015 IBM InfoSphere Information Server is vulnerable to server-side request forgery

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks...

5.4CVSS0.00207EPSS
Exploits0References1
Rows per page
Query Builder