136 matches found
CVE-2023-50952
IBM InfoSphere Information Server 11.7 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 275774...
PT-2024-4807 · Ibm · Ibm Infosphere Information Server
Name of the Vulnerable Software and Affected Versions: IBM InfoSphere Information Server version 11.7 Description: The issue allows users to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure within a trusted sessio...
PT-2024-4811 · Ibm · Ibm Infosphere Information Server
Name of the Vulnerable Software and Affected Versions: IBM InfoSphere Information Server version 11.7 Description: The issue is caused by weaknesses in the authorization procedure of the InfoSphere Information Server platform. This allows an attacker to modify arbitrary projects, potentially givi...
Security Bulletin: IBM InfoSphere Information Server is vulnerable to cross-site scripting (CVE-2023-50964)
Summary A cross-site scripting vulnerability in IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2023-50964 DESCRIPTION: IBM InfoSphere Information Server is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in t...
Security Bulletin: IBM InfoSphere Information Server is vulnerable due to improper error handling (CVE-2023-50953)
Summary An improper error handling vulnerability in IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2023-50953 DESCRIPTION: IBM InfoSphere Information Server could allow a remote attacker to obtain sensitive information when a detailed technical error message is...
Security Bulletin: IBM InfoSphere Information Server is vulnerable due to information exposure in a URL (CVE-2023-50954)
Summary An information exposure vulnerability in InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2023-50954 DESCRIPTION: IBM InfoSphere Information Server returns sensitive information in URL information that could be used in further attacks against the system. CVSS...
Security Bulletin: IBM InfoSphere Information Server is vulnerable due to insecure authorization (CVE-2023-35022)
Summary An insecure authorization vulnerability in IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2023-35022 DESCRIPTION: IBM InfoSphere Information Server could allow a local user to update projects that they do not have the authorization to access. CVSS Base...
Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in Psf Requests (CVE-2024-35195)
Summary A vulnerability in Psf Requests used by InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2024-35195 DESCRIPTION: Psf Requests could allow a local authenticated attacker to bypass security restrictions, caused by an incorrect control flow implementation...
Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in XNIO (CVE-2023-5685)
Summary A vulnerability in XNIO used by InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2023-5685 DESCRIPTION: XNIO is vulnerable to a denial of service, caused by a stack overflow exception when the chain of notifier states becomes problematically large. By sending a...
Security Bulletin: IBM InfoSphere Information Server is vulnerable to stored cross-site scripting (CVE-2024-28795)
Summary A stored cross-site scripting vulnerability in IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2024-28795 DESCRIPTION: IBM InfoSphere Information Server is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript co...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK (April 2024) affect IBM InfoSphere Information Server
Summary There are multiple vulnerabilities in the IBM® SDK Java™ Technology Edition, Version 8 that is used by IBM InfoSphere Information Server. These issues were disclosed as part of the IBM Java SDK updates in April 2024. Vulnerability Details CVEID:CVE-2024-21085 DESCRIPTION: An unspecified...
IBM InfoSphere Information Server Log Information Disclosure Vulnerability
IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. A log information disclosure vulnerability exists in IBM InfoSphere Information Server version...
IBM InfoSphere Information Server 日志信息泄露漏洞
IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. A log information disclosure vulnerability exists in IBM InfoSphere Information Server version...
Security Bulletin: IBM InfoSphere Information Server is affected by multiple vulnerabilities in Bouncy Castle Crypto Package for Java
Summary Multiple vulnerabilities in Bouncy Castle Crypto Package for Java used by IBM InfoSphere Information Server were addressed. Vulnerability Details CVEID:CVE-2023-33201 DESCRIPTION: The Bouncy Castle Crypto Package For Java bc-java could allow a remote attacker to obtain sensitive...
Security Bulletin: IBM InfoSphere Information Server is affected by OpenSSL Vulnerability (CVE-2023-2650)
Summary A vulnerability in OpenSSL used by InfoSphere Information Server were addressed. Vulnerability Details CVEID:CVE-2023-2650 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a flaw when using OBJobj2txt directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CM...
IBM InfoSphere Information Server Cross-Site Scripting Vulnerability (CNVD-2024-12706)
IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. A cross-site scripting vulnerability exists in IBM InfoSphere Information Server version 11.7,...
Security Bulletin: IBM InfoSphere Information Server is vulnerable to cross-site scripting (CVE-2023-33843)
Summary A cross-site scripting vulnerability in IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2023-33843 DESCRIPTION: IBM InfoSphere Information Server is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in t...
Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in MiniZip (CVE-2023-45853)
Summary A denial of service vulnerability in MiniZip that is used by the ODBC drivers included in IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2023-45853 DESCRIPTION: MiniZip is vulnerable to a denial of service, caused by an integer overflow and resultant...
WordPress plugin CSS & JavaScript Toolbox Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK (October 2023) affect IBM InfoSphere Information Server
Summary There are multiple vulnerabilities in the IBM® SDK Java™ Technology Edition, Version 8 that is used by IBM InfoSphere Information Server. These issues were disclosed as part of the IBM Java SDK updates in October 2023. Vulnerability Details CVEID:CVE-2023-22081 DESCRIPTION: An unspecified...