Lucene search
+L

1652 matches found

vulnrichment
vulnrichment
added 2026/03/25 8:22 p.m.3 views

CVE-2026-2485 IBM InfoSphere Information Server Cross-Site Scripting

IBM Infosphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a...

4.8CVSS5.6AI score0.00187EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/03/25 8:22 p.m.6 views

CVE-2026-2485

IBM Infosphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a...

4.8CVSS5.5AI score0.00187EPSS
Exploits0References2Affected Software1
vulnrichment
vulnrichment
added 2026/03/25 8:20 p.m.4 views

CVE-2025-14974 IBM InfoSphere Information Server is vulnerable due to Insecure Direct Object Reference

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable due to Insecure Direct Object Reference IDOR...

5.7CVSS5.9AI score0.00327EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/03/25 8:20 p.m.10 views

CVE-2025-14974

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable due to Insecure Direct Object Reference IDOR...

5.7CVSS5.8AI score0.00327EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2026/03/25 8:20 p.m.25 views

CVE-2025-14974 IBM InfoSphere Information Server is vulnerable due to Insecure Direct Object Reference

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable due to Insecure Direct Object Reference IDOR...

5.7CVSS0.00327EPSS
Exploits0References1
cve
cve
added 2026/03/25 8:20 p.m.13 views

CVE-2025-14974

CVE-2025-14974 affects IBM InfoSphere Information Server 11.7.0.0–11.7.1.6 and is caused by insecure direct object reference (IDOR). Potential impact: unauthorized access to protected objects with high confidentiality impact as per sources. Affected versions and remediation are documented in IBM’...

7.5CVSS5.8AI score0.00327EPSS
Exploits0References1Affected Software1
attackerkb
attackerkb
added 2026/03/25 8:19 p.m.6 views

CVE-2026-1262

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is affected by an information disclosure vulnerability...

4.3CVSS5.8AI score0.00242EPSS
Exploits0References2Affected Software1
vulnrichment
vulnrichment
added 2026/03/25 8:19 p.m.1 views

CVE-2026-1262 IBM InfoSphere Information Server Information Disclosure

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is affected by an information disclosure vulnerability...

4.3CVSS5.8AI score0.00242EPSS
Exploits0References1
cve
cve
added 2026/03/25 8:19 p.m.20 views

CVE-2026-1262

IBM InfoSphere Information Server versions 11.7.0.0–11.7.1.6 are affected by an information disclosure vulnerability (CVE-2026-1262). The IBM bulletin attributes the issue to CWE-209 (generation of error messages containing sensitive information) and lists a CVSS v3.1 base score of 4.3 (AV:N/AC:L...

4.3CVSS5.8AI score0.00242EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2026/03/25 8:19 p.m.26 views

CVE-2026-1262 IBM InfoSphere Information Server Information Disclosure

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is affected by an information disclosure vulnerability...

4.3CVSS0.00242EPSS
Exploits0References1
nvd
nvd
added 2026/03/25 8:16 p.m.4 views

CVE-2025-14790

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 could allow an attacker to obtain sensitive information due to insufficiently protected credentials...

6.5CVSS0.00204EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/03/25 8:13 p.m.1 views

CVE-2025-14912 IBM InfoSphere Information Server is vulnerable to server-side request forgery

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks...

5.4CVSS5.8AI score0.0022EPSS
Exploits0References1
cve
cve
added 2026/03/25 8:13 p.m.8 views

CVE-2025-14912

IBM InfoSphere Information Server (versions 11.7.0.0–11.7.1.6) is affected by CVE-2025-14912, a server-side request forgery (SSRF) vulnerability. An authenticated attacker could cause the server to send unauthorized outbound requests, enabling network enumeration or related attacks. Remediation i...

5.4CVSS5.8AI score0.0022EPSS
Exploits0References1Affected Software1
attackerkb
attackerkb
added 2026/03/25 8:13 p.m.3 views

CVE-2025-14912

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks...

5.4CVSS5.8AI score0.0022EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2026/03/25 8:13 p.m.26 views

CVE-2025-14912 IBM InfoSphere Information Server is vulnerable to server-side request forgery

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks...

5.4CVSS0.0022EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/03/25 8:11 p.m.2 views

CVE-2025-14810

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 does not invalidate a session after privileges have been modified which could allow an authenticated user to retain access to sensitive information. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L CWE: CWE-613: Insufficient Session Expirati...

6.3CVSS5.8AI score0.00242EPSS
Exploits0References2Affected Software1
vulnrichment
vulnrichment
added 2026/03/25 8:11 p.m.2 views

CVE-2025-14810 IBM InfoSphere Information Server is vulnerable due to insufficient session expiration

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 does not invalidate a session after privileges have been modified which could allow an authenticated user to retain access to sensitive information. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L CWE: CWE-613: Insufficient Session Expirati...

6.3CVSS5.8AI score0.00242EPSS
Exploits0References1
cvelist
cvelist
added 2026/03/25 8:11 p.m.26 views

CVE-2025-14810 IBM InfoSphere Information Server is vulnerable due to insufficient session expiration

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 does not invalidate a session after privileges have been modified which could allow an authenticated user to retain access to sensitive information. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L CWE: CWE-613: Insufficient Session Expirati...

6.3CVSS0.00242EPSS
Exploits0References1
cve
cve
added 2026/03/25 8:11 p.m.13 views

CVE-2025-14810

The CVE-2025-14810 issue affects IBM InfoSphere Information Server versions 11.7.0.0 through 11.7.1.6. The root cause is that the product does not invalidate a user session after privileges are modified, which could allow an authenticated user to retain access to sensitive information. Multiple c...

6.5CVSS5.8AI score0.00242EPSS
Exploits0References1Affected Software1
cve
cve
added 2026/03/25 8:9 p.m.16 views

CVE-2025-14808

Summary: CVE-2025-14808 affects IBM InfoSphere Information Server 11.7.0.0–11.7.1.6. The issue allows information disclosure by reading sensitive data from the query string of an HTTP GET request, potentially exploitable via man‑in‑the‑middle techniques. The root cause is disclosure through the q...

3.1CVSS5.8AI score0.00225EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder