3124 matches found
CVE-2026-2484 IBM InfoSphere Information Server Information Disclosure
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is affected by an information exposure vulnerability caused by overly verbose error messages...
CVE-2026-2484
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is affected by an information exposure vulnerability caused by overly verbose error messages...
CVE-2026-2484 IBM InfoSphere Information Server Information Disclosure
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is affected by an information exposure vulnerability caused by overly verbose error messages...
CVE-2025-36422
The connected IBM advisory clarifies CVE-2025-36422 as a cross-site request forgery (CSRF) vulnerability in IBM InfoSphere DataStage Flow Designer within IBM InfoSphere Information Server. Affected products include InfoSphere Information Server versions 11.7.0.0 through 11.7.1.6. Successful explo...
CVE-2025-36422 IBM InfoSphere Information Server is vulnerable to cross-site request forgery
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 IBM InfoSphere DataStage Flow Designer is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts...
CVE-2025-36422
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 IBM InfoSphere DataStage Flow Designer is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts...
CVE-2025-36258
CVE-2025-36258 affects IBM InfoSphere Information Server; vulnerability arises from plaintext storage of credentials/readable sensitive data by a local user (CWE-256). Affected versions: 11.7.0.0–11.7.1.6. Remediation: upgrade to 11.7.1.0 or 11.7.1.6, or 11.7.1.6 SP2. Workarounds include changing...
CVE-2025-36258 IBM InfoSphere Information Server is vulnerable due to plaintext storage of a password
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 product stores user credentials and other sensitive information in plain text which can be read by a local user...
CVE-2025-36258
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 product stores user credentials and other sensitive information in plain text which can be read by a local user...
CVE-2025-36258 IBM InfoSphere Information Server is vulnerable due to plaintext storage of a password
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 product stores user credentials and other sensitive information in plain text which can be read by a local user...
CVE-2026-2485
CVE-2026-2485 is confirmed in IBM InfoSphere Information Server as a stored cross-site scripting (XSS) vulnerability. A privileged user can embed arbitrary JavaScript in the Web UI, potentially exposing credentials within a trusted session. Affected products/versions: InfoSphere Information Serve...
CVE-2026-2485 IBM InfoSphere Information Server Cross-Site Scripting
IBM Infosphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a...
CVE-2026-2485
IBM Infosphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a...
CVE-2025-14974
IBM InfoSphere Information Server is vulnerable to Insecure Direct Object Reference (IDOR) via CVE-2025-14974 (CWE-639). Affected are InfoSphere Information Server versions 11.7.0.0 through 11.7.1.6. Remediation: upgrade to 11.7.1.0 or 11.7.1.6, or 11.7.1.6 Service Pack 2. Base score 5.7 (CVSS v3...
CVE-2025-14974 IBM InfoSphere Information Server is vulnerable due to Insecure Direct Object Reference
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable due to Insecure Direct Object Reference IDOR...
CVE-2025-14974
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable due to Insecure Direct Object Reference IDOR...
CVE-2025-14974 IBM InfoSphere Information Server is vulnerable due to Insecure Direct Object Reference
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable due to Insecure Direct Object Reference IDOR...
CVE-2026-1262
CVE-2026-1262 affects IBM InfoSphere Information Server (versions 11.7.0.0–11.7.1.6). The issue is an information-disclosure vulnerability (CWE-209) caused by generation of sensitive information in error messages. IBM lists affected versions and provides remediation paths: upgrade to 11.7.1.0 or ...
CVE-2026-1262 IBM InfoSphere Information Server Information Disclosure
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is affected by an information disclosure vulnerability...
CVE-2025-14912 IBM InfoSphere Information Server is vulnerable to server-side request forgery
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks...