Lucene search
+L

136 matches found

OSV
OSV
added 2024/06/30 6:15 p.m.3 views

CVE-2023-50952

IBM InfoSphere Information Server 11.7 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 275774...

5.4CVSS5.8AI score0.00235EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/06/30 12:0 a.m.9 views

PT-2024-4807 · Ibm · Ibm Infosphere Information Server

Name of the Vulnerable Software and Affected Versions: IBM InfoSphere Information Server version 11.7 Description: The issue allows users to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure within a trusted sessio...

5.5CVSS6.7AI score0.003EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/06/30 12:0 a.m.9 views

PT-2024-4811 · Ibm · Ibm Infosphere Information Server

Name of the Vulnerable Software and Affected Versions: IBM InfoSphere Information Server version 11.7 Description: The issue is caused by weaknesses in the authorization procedure of the InfoSphere Information Server platform. This allows an attacker to modify arbitrary projects, potentially givi...

3.3CVSS6.7AI score0.00162EPSS
Exploits0References6
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/28 10:45 p.m.31 views

Security Bulletin: IBM InfoSphere Information Server is vulnerable to cross-site scripting (CVE-2023-50964)

Summary A cross-site scripting vulnerability in IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2023-50964 DESCRIPTION: IBM InfoSphere Information Server is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in t...

5.4CVSS5.2AI score0.00261EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/28 10:42 p.m.16 views

Security Bulletin: IBM InfoSphere Information Server is vulnerable due to improper error handling (CVE-2023-50953)

Summary An improper error handling vulnerability in IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2023-50953 DESCRIPTION: IBM InfoSphere Information Server could allow a remote attacker to obtain sensitive information when a detailed technical error message is...

5.4CVSS4.5AI score0.00327EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/28 9:52 p.m.21 views

Security Bulletin: IBM InfoSphere Information Server is vulnerable due to information exposure in a URL (CVE-2023-50954)

Summary An information exposure vulnerability in InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2023-50954 DESCRIPTION: IBM InfoSphere Information Server returns sensitive information in URL information that could be used in further attacks against the system. CVSS...

5.3CVSS4.4AI score0.00356EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/28 9:32 p.m.16 views

Security Bulletin: IBM InfoSphere Information Server is vulnerable due to insecure authorization (CVE-2023-35022)

Summary An insecure authorization vulnerability in IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2023-35022 DESCRIPTION: IBM InfoSphere Information Server could allow a local user to update projects that they do not have the authorization to access. CVSS Base...

3.3CVSS3.5AI score0.00162EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/28 9:20 p.m.40 views

Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in Psf Requests (CVE-2024-35195)

Summary A vulnerability in Psf Requests used by InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2024-35195 DESCRIPTION: Psf Requests could allow a local authenticated attacker to bypass security restrictions, caused by an incorrect control flow implementation...

5.6CVSS5.5AI score0.0034EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/28 9:10 p.m.28 views

Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in XNIO (CVE-2023-5685)

Summary A vulnerability in XNIO used by InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2023-5685 DESCRIPTION: XNIO is vulnerable to a denial of service, caused by a stack overflow exception when the chain of notifier states becomes problematically large. By sending a...

7.5CVSS7.5AI score0.03479EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/28 8:38 p.m.14 views

Security Bulletin: IBM InfoSphere Information Server is vulnerable to stored cross-site scripting (CVE-2024-28795)

Summary A stored cross-site scripting vulnerability in IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2024-28795 DESCRIPTION: IBM InfoSphere Information Server is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript co...

5.4CVSS5.2AI score0.003EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/04 6:11 p.m.52 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK (April 2024) affect IBM InfoSphere Information Server

Summary There are multiple vulnerabilities in the IBM® SDK Java™ Technology Edition, Version 8 that is used by IBM InfoSphere Information Server. These issues were disclosed as part of the IBM Java SDK updates in April 2024. Vulnerability Details CVEID:CVE-2024-21085 DESCRIPTION: An unspecified...

7.5CVSS5AI score0.01361EPSS
Exploits0Affected Software1
CNVD
CNVD
added 2024/03/26 12:0 a.m.21 views

IBM InfoSphere Information Server Log Information Disclosure Vulnerability

IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. A log information disclosure vulnerability exists in IBM InfoSphere Information Server version...

6.5CVSS5.7AI score0.00495EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/03/21 12:0 a.m.6 views

IBM InfoSphere Information Server 日志信息泄露漏洞

IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. A log information disclosure vulnerability exists in IBM InfoSphere Information Server version...

6.5CVSS5.7AI score0.00495EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2024/03/20 12:44 a.m.42 views

Security Bulletin: IBM InfoSphere Information Server is affected by multiple vulnerabilities in Bouncy Castle Crypto Package for Java

Summary Multiple vulnerabilities in Bouncy Castle Crypto Package for Java used by IBM InfoSphere Information Server were addressed. Vulnerability Details CVEID:CVE-2023-33201 DESCRIPTION: The Bouncy Castle Crypto Package For Java bc-java could allow a remote attacker to obtain sensitive...

5.5CVSS7.3AI score0.00932EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/03/19 11:20 p.m.59 views

Security Bulletin: IBM InfoSphere Information Server is affected by OpenSSL Vulnerability (CVE-2023-2650)

Summary A vulnerability in OpenSSL used by InfoSphere Information Server were addressed. Vulnerability Details CVEID:CVE-2023-2650 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a flaw when using OBJobj2txt directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CM...

6.5CVSS7AI score0.75116EPSS
Exploits0Affected Software1
CNVD
CNVD
added 2024/03/06 12:0 a.m.20 views

IBM InfoSphere Information Server Cross-Site Scripting Vulnerability (CNVD-2024-12706)

IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. A cross-site scripting vulnerability exists in IBM InfoSphere Information Server version 11.7,...

6.1CVSS6.3AI score0.00394EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/20 5:49 p.m.17 views

Security Bulletin: IBM InfoSphere Information Server is vulnerable to cross-site scripting (CVE-2023-33843)

Summary A cross-site scripting vulnerability in IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2023-33843 DESCRIPTION: IBM InfoSphere Information Server is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in t...

5.4CVSS5.3AI score0.0036EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/01/30 3:24 p.m.36 views

Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in MiniZip (CVE-2023-45853)

Summary A denial of service vulnerability in MiniZip that is used by the ODBC drivers included in IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2023-45853 DESCRIPTION: MiniZip is vulnerable to a denial of service, caused by an integer overflow and resultant...

9.8CVSS9.4AI score0.03179EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2023/12/21 12:0 a.m.9 views

WordPress plugin CSS & JavaScript Toolbox Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress...

6.5CVSS6.1AI score0.00328EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/12/13 2:14 p.m.21 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK (October 2023) affect IBM InfoSphere Information Server

Summary There are multiple vulnerabilities in the IBM® SDK Java™ Technology Edition, Version 8 that is used by IBM InfoSphere Information Server. These issues were disclosed as part of the IBM Java SDK updates in October 2023. Vulnerability Details CVEID:CVE-2023-22081 DESCRIPTION: An unspecified...

5.9CVSS6.2AI score0.014EPSS
Exploits0Affected Software1
Rows per page
Query Builder