11 matches found
CVE-2025-36364 IBM DevOps Plan REST APIs are vulnerable to exposure of sensitive data through request query parameters.
IBM DevOps Plan 3.0.0 through 3.0.5 allows web page cache to be stored locally which can be read by another user on the system...
CVE-2024-22333 IBM Maximo Application Suite information disclosure
IBM Maximo Asset Management 7.6.1.3 and IBM Maximo Application Suite 8.10 and 8.11 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 279973...
CVE-2022-43841 IBM Aspera Console information disclosure
IBM Aspera Console 3.4.0 through 3.4.2 PL9 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 239078...
Mozilla Firefox 安全漏洞
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from an information disclosure vulnerability that originates from the use of an iframe with an 'about:blank' source to store data in local memory, which can be exploited by an...
Security Bulletin: IBM CICS TX Standard is vulnerable to allowing web pages to be stored locally which can then be accessed by other users on the system (CVE-2022-34312).
Summary IBM CICS TX Standard could allow web pages to be sored locally which can then be accessed by other users on the system. The fix removes this vulnerability CVE-2022-34312 from IBM CICS TX Standard. Vulnerability Details CVEID:CVE-2022-34312 DESCRIPTION: IBM CICS TX allows web pages to be...
Code injection
IBM CICS TX 11.1 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 229447...
Code injection
IBM Maximo Spatial Asset Management 7.6.0.3, 7.6.0.4, 7.6.0.5, and 7.6.1.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 186023...
Remote code execution
Zimbra before 8.8.15 Patch 10 and 9.x before 9.0.0 Patch 3 allows remote code execution via an avatar file. There is potential abuse of /service/upload servlet in the webmail subsystem. A user can upload executable files exe,sh,bat,jar in the Contact section of the mailbox as an avatar image for ...
Code injection
IBM Cloud Pak System 2.3 and 2.3.0.1 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 163774...
Code injection
IBM Cognos Controller 10.2.0, 10.2.1, 10.3.0, 10.3.1, and 10.4.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 158882...
Code injection
IBM QRadar SIEM 7.2 and 7.3 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 143118...