📦 Infosphere Information Server

This SQL injection vulnerability in IBM InfoSphere Information Server 11.7 allows remote attackers to execute arbitrary SQL commands against the back-end database. Attackers could potentially view, mo...

IBM InfoSphere Information Server 11.7 has an XML External Entity Injection (XXE) vulnerability that allows attackers to read sensitive files from the server or cause denial of service through resourc...

CVE-2020-27583 is a critical Java deserialization vulnerability in IBM InfoSphere Information Server 8.5.0.0 that allows unauthenticated remote attackers to execute arbitrary code on affected systems....

This XML External Entity (XXE) vulnerability in IBM InfoSphere Information Server allows attackers to read sensitive files from the server by exploiting improper XML parsing. Organizations running aff...

IBM InfoSphere Information Server versions 11.7.0.0 through 11.7.1.6 contain an XML external entity injection (XXE) vulnerability that allows remote attackers to read sensitive files from the server o...

This vulnerability in IBM InfoSphere Information Server allows non-root users within a container environment to escalate their privileges to root-level capabilities. It affects versions 11.7.0.0 throu...

IBM InfoSphere Information Server versions 11.7.0.0 through 11.7.1.6 contain a resource exhaustion vulnerability due to insufficient validation of incoming requests. A remote attacker could send speci...

IBM InfoSphere Information Server 11.7 contains a stored cross-site scripting (XSS) vulnerability that allows authenticated users to inject malicious JavaScript into the web interface. This could enab...

IBM InfoSphere Information Server 11.7 has an improper input validation vulnerability that allows remote attackers to cause denial of service. This affects organizations running vulnerable versions of...

IBM InfoSphere Information Server 11.7 has a remote code execution vulnerability due to insecure deserialization in an RMI service. Attackers can exploit this to execute arbitrary code on affected sys...

This vulnerability in IBM Runtime Environment Java Technology Edition's IBMJCEPlus and JSSE components could expose sensitive information due to cryptographic weaknesses. It affects IBM Java 8.0.7.0 t...

IBM InfoSphere Information Server 11.7 has an insecure third-party domain access vulnerability that could allow attackers to obtain sensitive information. This affects organizations running vulnerable...

CVE-2021-29730 is a SQL injection vulnerability in IBM InfoSphere Information Server 11.7 that allows remote attackers to execute arbitrary SQL commands. This could enable attackers to view, modify, o...

IBM InfoSphere Information Server versions 11.7.0.0 through 11.7.1.6 write sensitive information to log files, potentially exposing credentials or other confidential data. This affects organizations u...

This CVE describes a server-side request forgery (SSRF) vulnerability in IBM InfoSphere Information Server versions 11.7.0.0 through 11.7.1.6. An authenticated attacker could exploit this to send unau...

IBM InfoSphere DataStage Flow Designer in IBM InfoSphere Information Server 11.7 transmits sensitive user information in unencrypted API requests, allowing attackers to intercept this data via man-in-...

IBM InfoSphere Information Server 11.7 contains an information disclosure vulnerability where authenticated users can access directory listings that reveal sensitive system information. This could pro...

IBM InfoSphere Information Server 11.7 fails to properly invalidate user sessions after logout, allowing authenticated users to reuse old session tokens to impersonate other users. This affects organi...

IBM InfoSphere Information Server 11.7 may expose sensitive user credentials in log files during new installations. This vulnerability allows attackers with access to installation logs to obtain authe...

IBM InfoSphere Information Server 11.7 contains an information disclosure vulnerability where authenticated users can access sensitive local data under certain conditions. This affects organizations u...

IBM InfoSphere Information Server 11.7 exposes sensitive version information to remote users, which could be used for reconnaissance in targeted attacks. This affects systems running the vulnerable ve...

IBM InfoSphere Information Server 11.7 contains a directory traversal vulnerability that allows remote attackers to read arbitrary files on the system by sending specially crafted URL requests contain...

IBM InfoSphere Information Server 11.7 contains an improper input validation vulnerability in its GUI component. Authenticated users can cause the GUI to stop loading or become unresponsive, disruptin...

IBM InfoSphere Information Server 11.7 contains an information disclosure vulnerability where privileged users can access sensitive authentication data from request headers. This affects organizations...

IBM InfoSphere Information Server 11.7 contains a SQL injection vulnerability that allows remote attackers to execute arbitrary SQL commands. This could enable attackers to read, modify, or delete dat...

IBM InfoSphere Information Server 11.7 contains a cross-site scripting (XSS) vulnerability that allows authenticated users to inject malicious JavaScript into the web interface. This could enable atta...

This vulnerability in IBM InfoSphere Information Server 11.7 allows authenticated users to bypass authorization controls and access or modify sensitive data they shouldn't have permission to view. It ...

IBM InfoSphere Information Server 11.7 discloses sensitive technical error information to remote attackers. This information leakage could reveal system details useful for crafting further attacks. Or...

IBM InfoSphere Information Server 11.7 discloses sensitive technical information in error messages, potentially revealing system details that could aid attackers in crafting further exploits. This aff...

IBM InfoSphere Information Server 11.7 exposes sensitive information in URLs, potentially revealing system details that could aid attackers in reconnaissance or further exploitation. This affects orga...

IBM InfoSphere Information Server 11.7 contains a cross-site scripting (XSS) vulnerability that allows attackers to inject malicious JavaScript into the web interface. This could lead to session hijac...