Lucene search
K

13 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/02/20 4:54 p.m.15 views

Security Bulletin: IBM Db2 Mirror for i is vulnerable to cross-site scripting and cross-site request forgery due to Angular [CVE-2025-66412, CVE-2026-22610, CVE-2025-66035]

Summary The IBM Db2 Mirror for i GUI uses the Angular web framework. The version of Angular used by IBM Db2 Mirror for i is vulnerable to cross-site scripting and cross-site request forgery as described in the vulnerability details section. IBM has addressed the vulnerabilities for IBM Db2 Mirror...

8.5CVSS5.2AI score0.00572EPSS
Exploits2Affected Software2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-14143

Malware in sbrugna...

6.7CVSS6.5AI score0.00275EPSS
Exploits0References3
CVE
CVE
added 2023/12/18 7:9 p.m.55 views

CVE-2023-47741

CVE-2023-47741 affects IBM Db2 Mirror for i web browser clients and IBM i web browser clients on IBM i 7.3–7.5 (and Db2 Mirror for i 7.4–7.5). The issue allows clear-text passwords to linger in browser memory and be viewable via tools before garbage collection, potentially enabling an attacker wi...

5.3CVSS5.3AI score0.00333EPSS
Exploits0References2Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2023/12/15 5:38 p.m.23 views

Security Bulletin: IBM Db2 Mirror for i is vulnerable to an attacker obtaining sensitive information due to a vulnerability in web browser clients (CVE-2023-47741).

Summary IBM Db2 Mirror for i GUI is a web browser client interface implementation. The browser implementation could allow sensitive information including passwords to be left in memory which could be viewed using common tools for viewing process information on a PC CVE-2023-47741. IBM Db2 Mirror...

5.3CVSS5.2AI score0.00333EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/30 4:16 p.m.31 views

Security Bulletin: IBM Db2 Mirror for i is vulnerable to attacker obtaining sensitive information due to Java string processing in IBM Toolbox for Java (CVE-2022-43928)

Summary IBM Db2 Mirror for i setup and GUI use the IBM Toolbox for Java to access IBM i interfaces. IBM Toolbox for Java could allow sensitive information stored as Java strings to be obtained by an attacker as described in the vulnerability details section. IBM Db2 Mirror for i has addressed the...

6.5CVSS5.5AI score0.00638EPSS
Exploits0Affected Software4
Cvelist
Cvelist
added 2023/04/07 1:37 p.m.27 views

CVE-2022-43928 IBM Db2 Mirror for i information disclosure

The IBM Toolbox for Java Db2 Mirror for i 7.4 and 7.5 could allow a user to obtain sensitive information, caused by utilizing a Java string for processing. Since Java strings are immutable, their contents exist in memory until garbage collected. This means sensitive data could be visible in memor...

4.9CVSS6.2AI score0.00638EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/04/07 12:0 a.m.7 views

IBM Db2 安全漏洞

IBM DB2 is a relational database management system from International Business Machines IBM. The system is implemented in UNIX, Linux, IBMi, z/OS, and Windows server versions. A security vulnerability exists in IBM Db2 Mirror for i version 7.4 and 7.5, which stems from the presence of sensitive...

6.5CVSS6.4AI score0.00638EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2022/06/09 10:48 p.m.13 views

Security Bulletin: IBM Db2 Mirror for i is vulnerable to denial of service due to gson 217225

Summary IBM Db2 Mirror for i setup and GUI use gson which is vulnerable to denial of service as described in the vulnerability details section. IBM has addressed the vulnerability for IBM Db2 Mirror for i. Vulnerability Details IBM X-Force ID: 217225 DESCRIPTION: Google Gson is vulnerable to a...

1.2AI score
Exploits0Affected Software3
IBM Security Bulletins
IBM Security Bulletins
added 2022/06/09 10:48 p.m.85 views

Security Bulletin: IBM Db2 Mirror for i is vulnerable to directory traversal due to Moment.js (CVE-2022-24785)

Summary The IBM Db2 Mirror for i GUI uses Chart.js for data presentation and charting features. The version of Chart.js used by IBM Db2 Mirror for i depends upon Moment.js which is vulnerable to CVE-2022-24785 as described in the vulnerability details section. IBM has addressed the vulnerability...

7.5CVSS0.5AI score0.05664EPSS
Exploits0Affected Software3
Prion
Prion
added 2019/08/29 3:15 p.m.24 views

Design/Logic Flaw

IBM i 7.4 users who have done a Restore User Profile RSTUSRPRF on a system which has been configured with Db2 Mirror for i might have user profiles with elevated privileges caused by incorrect processing during a restore of multiple user profiles. A user with restore privileges could exploit this...

3.3CVSS6.1AI score0.00275EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2019/08/29 3:0 p.m.55 views

CVE-2019-4536

IBM i 7.4 configured with Db2 Mirror for i may be affected. During a Restore User Profile (RSTUSRPRF) on systems with Db2 Mirror, incorrect processing of a multi-profile restore could leave some user profiles with elevated privileges, enabling privilege escalation on the restored system. Remediat...

6.7CVSS6.1AI score0.00275EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/08/29 3:0 p.m.19 views

CVE-2019-4536

IBM i 7.4 users who have done a Restore User Profile RSTUSRPRF on a system which has been configured with Db2 Mirror for i might have user profiles with elevated privileges caused by incorrect processing during a restore of multiple user profiles. A user with restore privileges could exploit this...

6.7CVSS6.1AI score0.00275EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2019/08/29 12:0 a.m.5 views

PT-2019-17120 · Ibm · Ibm I +1

Name of the Vulnerable Software and Affected Versions: IBM i version 7.4 Description: The issue arises when a Restore User Profile RSTUSRPRF is performed on a system configured with Db2 Mirror for i, potentially resulting in user profiles having elevated privileges due to incorrect processing...

6.7CVSS6.1AI score0.00275EPSS
Exploits0References3
Rows per page
Query Builder