17 matches found
EUVD-2013-3987
Malware in sbrugna...
Security Bulletin: IBM InfoSphere Information Server is vulnerable to SQL injection (CVE-2024-40689)
Summary A SQL injection vulnerability in IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2024-40689 DESCRIPTION: IBM InfoSphere Server is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to...
Security Bulletin: Lack of path restriction may allow access to sensitive data stored on Information Server Engine (CVE-2012-4818)
Abstract Security Bulletin: Lack of path restriction may allow access to sensitive data stored on Information Server Engine CVE-2012-4818 Content VULNERABILITY DETAILS: CVE ID: CVE-2012-4818 DESCRIPTION: Whenever an Information Server client application such as InfoSphere DataStage and QualitySta...
Security Bulletin: IBM InfoSphere Information Analyzer is affected by a cross-site scripting vulnerability in jQuery-UI(CVE-2021-41184)
Summary A cross-site scripting vulnerability in jQuery-UI used by IBM InfoSphere Information Analyzer was addressed. Vulnerability Details CVEID:CVE-2021-41184 DESCRIPTION: jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the .positio...
Security Bulletin: IBM InfoSphere Information Analyzer is vulnerable to cross-site scripting.
Summary A cross-site scripting vulnerability in IBM InfoSphere Information Analyzer was addressed. Vulnerability Details CVEID: CVE-2021-29712 DESCRIPTION: IBM InfoSphere Information Server is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code i...
IBM InfoSphere Information Server 跨站脚本漏洞
IBM InfoSphere Information Server is a set of data integration platforms from IBM in the United States. The platform can be used to integrate data information obtained from various sources. A cross-site scripting vulnerability exists in IBM InfoSphere Information Analyzer that allows a user to...
Security Bulletin: A vulnerability in Apache Solr (lucene) affects IBM InfoSphere Information Server
Summary A vulnerability in Apache Solr lucene was addressed by IBM InfoSphere Information Server. Vulnerability Details CVEID: CVE-2017-3164 DESCRIPTION: Apache Solr is vulnerable to server-side request forgery, caused by not having corresponding allowlist mechanism in the shards parameter. By...
Security Bulletin: IBM InfoSphere Information Analyzer is affected by an AngularJS client-side template injection vulnerability
Summary An AngularJS client-side template injection vulnerability was addressed by IBM InfoSphere Information Analyzer. Vulnerability Details CVEID: CVE-2019-4660DESCRIPTION: It is possible to inject AngularJS template syntax in an internal page request within Information Analyzer, which is...
IBM InfoSphere Information Server on Cloud and IBM InfoSphere Information Analyzer Template Injection Vulnerability
IBM InfoSphere Information Server on Cloud and IBM InfoSphere Information Analyzer are both products of IBM Corporation, U.S.A. IBM InfoSphere Information Server on Cloud is a cloud-based data IBM InfoSphere Information Analyzer is a data analysis component. IBM InfoSphere Information Analyzer is...
Security Bulletin: A vulnerability in Apache Solr affects IBM InfoSphere Information Server
Summary A vulnerability in Apache Solr was addressed by IBM InfoSphere Information Server. Vulnerability Details CVE-ID: CVE-2019-0192 Description: Apache Solr could allow a remote attacker to execute arbitrary code on the system, caused by a deserialization of untrusted data flaw in...
Security Bulletin: IBM InfoSphere Information Analyzer and Information Governance Catalog is affected by an Information Disclosure vulnerability
Summary An Information Disclosure vulnerability was addressed by IBM InfoSphere Information Analyzer and Information Governance Catalog. Vulnerability Details CVEID: CVE-2019-4257 DESCRIPTION: IBM InfoSphere Information Analyzer is affected by an information disclosure vulnerability. Sensitive...
Security Bulletin: A vulnerability in Apache Solr affects IBM InfoSphere Information Server
Summary A vulnerability in Apache Solr was addressed by IBM InfoSphere Information Server. Vulnerability Details CVEID: CVE-2017-12629 DESCRIPTION: Apache Lucene could allow a remote attacker to execute arbitrary code on the system, caused by improper handling of XML External Entity XXE entries...
Security Bulletin: Multiple vulnerabilities in Jackson-databind affect IBM InfoSphere Information Server
Summary Multiple vulnerabilities in Jackson-databind were addressed by IBM InfoSphere Information Server. Vulnerability Details CVEID: CVE-2018-5968 DESCRIPTION: FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by deserialization flaws. By...
Security Bulletin: Vulnerability in Apache Xerces-C XML parser, including XML4C affects IBM InfoSphere Information Server (CVE-2016-0729)
Summary Open Source Xerces-C XML parser vulnerability affects IBM InfoSphere Information Server. Vulnerability Details CVEID: CVE-2016-0729 DESCRIPTION: Apache Xerces-C XML Parser library is vulnerable to a denial of service, caused by improper bounds checking during processing and error reportin...
CVE-2013-4056
Cross-site request forgery CSRF vulnerability in the Data Quality Console and Information Analyzer components in IBM InfoSphere Information Server 8.7 through FP2 and 9.1 through 9.1.2.0 allows remote attackers to hijack the authentication of arbitrary users...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in the Data Quality Console and Information Analyzer components in IBM InfoSphere Information Server 8.7 through FP2 and 9.1 through 9.1.2.0 allows remote attackers to hijack the authentication of arbitrary users...
CVE-2013-4056
Cross-site request forgery CSRF vulnerability in the Data Quality Console and Information Analyzer components in IBM InfoSphere Information Server 8.7 through FP2 and 9.1 through 9.1.2.0 allows remote attackers to hijack the authentication of arbitrary users...