Lucene search
+L

1737 matches found

Vulnrichment
Vulnrichment
added 2026/03/17 9:50 p.m.2 views

CVE-2026-1267 IBM Planning Analytics Information Disclosure

IBM Planning Analytics Local 2.1.0 through 2.1.17 could allow an unauthorized access to sensitive application data and administrative functionalities due to lack of proper access controls...

6.5CVSS5.8AI score0.0033EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/17 9:50 p.m.23 views

CVE-2026-1267 IBM Planning Analytics Information Disclosure

IBM Planning Analytics Local 2.1.0 through 2.1.17 could allow an unauthorized access to sensitive application data and administrative functionalities due to lack of proper access controls...

6.5CVSS0.0033EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/17 9:50 p.m.4 views

CVE-2026-1267

IBM Planning Analytics Local 2.1.0 through 2.1.17 could allow an unauthorized access to sensitive application data and administrative functionalities due to lack of proper access controls...

6.5CVSS5.8AI score0.0033EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/03/17 9:50 p.m.22 views

CVE-2026-1267

IBM Planning Analytics Local versions 2.1.0–2.1.17 are affected by CVE-2026-1267 due to lack of proper access controls, enabling unauthorized access to sensitive data and administrative functionalities. The issue is documented across multiple feeds (NVD, Red Hat, ENISA EUVD, CVE list) with a base...

6.5CVSS5.8AI score0.0033EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/03/17 9:50 p.m.25 views

CVE-2025-14806 IBM Planning Analytics Information Disclosure

IBM Planning Analytics Local 2.1.0 through 2.1.17 could allow an attacker to trick the caching mechanism into storing and serving sensitive, user-specific responses as publicly cacheable resources...

5.7CVSS0.00292EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/17 9:50 p.m.4 views

CVE-2025-14806

IBM Planning Analytics Local 2.1.0 through 2.1.17 could allow an attacker to trick the caching mechanism into storing and serving sensitive, user-specific responses as publicly cacheable resources...

5.7CVSS5.8AI score0.00292EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/17 9:50 p.m.2 views

CVE-2025-14806 IBM Planning Analytics Information Disclosure

IBM Planning Analytics Local 2.1.0 through 2.1.17 could allow an attacker to trick the caching mechanism into storing and serving sensitive, user-specific responses as publicly cacheable resources...

5.7CVSS5.8AI score0.00292EPSS
Exploits0References1
CVE
CVE
added 2026/03/17 9:50 p.m.14 views

CVE-2025-14806

CVE-2025-14806 affects IBM Planning Analytics Local 2.1.0–2.1.17, where a flaw in the caching mechanism could allow an attacker to trick the cache into storing and serving sensitive, user-specific responses as publicly cacheable resources. The Red Hat/US IBM advisories and the IBM Security Bullet...

5.7CVSS5.8AI score0.00292EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/17 12:0 a.m.15 views

PT-2026-25950

CVE-2025-14806 IBM Planning Analytics Local 2.1.0 through 2.1.17 could allow an attacker to trick the caching mechanism into storing and serving sensitive, user-specific responses a… https://t.co/pdQ0W8CD4d...

5.7CVSS5.8AI score0.00292EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/17 12:0 a.m.7 views

IBM Planning Analytics Local 安全漏洞

IBM Planning Analytics Local is a web-based local architecture of the International Business Machines IBM company. Versions of IBM Planning Analytics Local from 2.1.0 to 2.1.17 have security vulnerabilities. These vulnerabilities stem from caching mechanisms, which may allow attackers to trick th...

5.7CVSS5.8AI score0.00292EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/17 12:0 a.m.10 views

IBM Planning Analytics Local 信息泄露漏洞

IBM Planning Analytics Local is a web-based local architecture of the International Business Machines IBM company. Versions of IBM Planning Analytics Local from 2.1.0 to 2.1.17 have information leakage vulnerabilities. These vulnerabilities stem from inadequate access control, which may allow...

6.5CVSS5.8AI score0.0033EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/17 12:0 a.m.13 views

PT-2026-25951

CVE-2026-1267 IBM Planning Analytics Local 2.1.0 through 2.1.17 could allow an unauthorized access to sensitive application data and administrative functionalities due to lack of pro… https://t.co/BQ9nfoG4xS...

6.5CVSS5.8AI score0.0033EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/16 9:53 p.m.9 views

Security Bulletin: Multiple vulnerabilities in IBM Planning Analytics

Summary Multiple vulnerabilities were addressed in IBM Planning Analytics Local. Vulnerability Details CVEID:CVE-2025-15284 DESCRIPTION: Improper Input Validation vulnerability in qs parse modules allows HTTP DoS.This issue affects qs: 6.14.1. Summary The arrayLimit option in qs did not enforce...

7.5CVSS6.6AI score0.00459EPSS
Exploits3Affected Software1
Packet Storm News
Packet Storm News
added 2026/03/15 12:0 a.m.4 views

Toward Secure Web to ERP Payment Flows: A Case Study of HTTP Header Trust Failures in SAP Based Systems

Electronic banking portals often sit in front of enterprise resource planning ERP systems such as SAP, mediating payment requests between users and back end financial infrastructure. When these integrations place excessive trust in client supplied HTTP metadata, subtle design flaws can arise that...

5.8AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/03/11 4:25 p.m.1 views

CVE-2026-30236

OpenProject is an open-source, web-based project management software. Prior to 17.2.0, when editing a project budget and planning the labor cost, it was not checked that the user that was planned in the budget is actually a project member. This exposed the user's default rate if one was set up to...

4.3CVSS5.8AI score0.00176EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/11 7:8 a.m.5 views

CVE-2025-36105

IBM Planning Analytics Advanced Certified Containers 3.1.0 through 3.1.4 could allow a local privileged user to obtain sensitive information from environment variables...

4.4CVSS5.8AI score0.00082EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/11 7:8 a.m.6 views

CVE-2026-27687

Due to missing authorization check in SAP S/4HANA HCM Portugal and SAP ERP HCM Portugal, a user with high privileges could access sensitive data belonging to another company. This vulnerability has a high impact on confidentiality and does not affect integrity and availability...

5.8CVSS5.8AI score0.00262EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/11 12:0 a.m.13 views

PT-2026-24740

OpenProject is an open-source, web-based project management software. Prior to 17.2.0, when editing a project budget and planning the labor cost, it was not checked that the user that was planned in the budget is actually a project member. This exposed the user's default rate if one was set up to...

4.3CVSS5.8AI score0.00176EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/03/11 12:0 a.m.8 views

OpenProject 安全漏洞

OpenProject is an open-source web-based project management software. Versions of OpenProject prior to 17.2.0 had security vulnerabilities. These vulnerabilities stemmed from improper validation of user identities during the editing of project budgets, planning labor costs, and the front-end cost...

4.3CVSS5.8AI score0.00176EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/10 6:31 p.m.4 views

EUVD-2025-208459

IBM Planning Analytics Advanced Certified Containers 3.1.0 through 3.1.4 could allow a local privileged user to obtain sensitive information from environment variables...

4.4CVSS5.8AI score0.00082EPSS
Exploits0References2
Rows per page
Query Builder