EUVD-2026-32423

IBM Controller 11.0.1, 11.1.0, 11.1.1, and 11.1.2 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data...

CVE-2025-33111

IBM Controller 11.1.0 through 11.1.1 and IBM Cognos Controller 11.0.0 through 11.0.1 FP6 is vulnerable to creation of temporary files without atomic operations which may expose sensitive information to an authenticated user due to race condition attacks...

CVE-2025-2534

CVE-2025-2534 affects IBM Db2 Big SQL on Cloud Pak for Data (versions 7.6–7.8 on CPD 4.8–5.2) and IBM Db2 Big SQL on Cloud Pak for Data; a specially crafted query can cause the server to crash (DoS). Remediation: upgrade to IBM Db2 Big SQL 8.3 or later (on Cloud Pak for Data 5.3+). Affected CPD v...

EUVD-2025-27838

Malicious code in bioql PyPI...

IBM Controller 安全漏洞

IBM Controller is a Web-based financial consolidation tool from International Business Machines IBM. A security vulnerability exists in IBM Controller versions 11.0.0, 11.0.1, and 11.1.0 that stems from the potential disclosure of sensitive credentials...

PT-2025-1040 · Ibm · Ibm Cognos Controller +1

Name of the Vulnerable Software and Affected Versions: IBM Cognos Controller versions 11.0.0 through 11.0.1 IBM Controller version 11.1.0 Description: The issue is related to the error reporting mechanism in IBM Cognos Controller and IBM Controller, which could allow a remote attacker to obtain...

PT-2023-10678 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab Community and Enterprise Edition versions 11.1.0 through 11.1.7 GitLab Community and Enterprise Edition versions 11.2.0 through 11.2.4 GitLab Community and Enterprise Edition versions 11.3.0 through 11.3.1 Description: An issue was...

HCL Technologies Campaign Cross-Site Scripting Vulnerability

HCL Technologies Campaign is a suite of management solutions from HCL Technologies India to help marketers design, execute, measure and optimize marketing campaigns. A cross-site scripting vulnerability exists in HCL Technologies Campaign versions 10.1.x, 11.0.1 and 11.1.0.x. The vulnerability ca...

Cisco Email Security Appliance AsyncOS Input Validation Error Vulnerability

Cisco Email Security Appliance ESA is an email security appliance from Cisco in the U.S. AsyncOS Software is the operating system that runs on it. An input validation error vulnerability exists in the email filtering feature in Cisco AsyncOS Software versions 12.1.0-085 and 11.1.0-131, which stem...

IBM Cognos Analytics Cross-Site Scripting Vulnerability (CNVD-2019-25041)

IBM Cognos Analytics is a suite of business intelligence software from IBM in the United States. The software includes reports, dashboards, and scorecards, and can assist companies in adjusting their decisions by analyzing such things as key factors and key people. A cross-site scripting...