Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
infosphere information server vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-1994
IBM InfoSphere Information Server 11.5 and 11.7 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the malicious user to view, add, modify or delete information in the back-end database. IBM X-Force ID: 154494.
Ibm Infosphere Information Server On Cloud 11.5
Ibm Infosphere Information Server On Cloud 11.7
Ibm Infosphere Metadata Asset Manager 11.7
Ibm Infosphere Metadata Asset Manager 11.5
NA
CVE-2013-0477
Multiple cross-site scripting (XSS) vulnerabilities in IBM InfoSphere Master Data Management - Collaborative Edition 10.0 and 10.1 before FP1 and InfoSphere Master Data Management Server for Product Information Management 6.0, 9.0, and 9.1 allow remote authenticated users to inje...
Ibm Infosphere Master Data Management Collaboration Server 10.0.1
Ibm Infosphere Master Data Management Collaboration Server 10.0.0
Ibm Infosphere Master Data Management Server For Product Information Management 9.1.0
Ibm Infosphere Master Data Management Server For Product Information Management 6.0.0
Ibm Infosphere Master Data Management Server For Product Information Management 9.0.0
NA
CVE-2013-0478
Cross-site scripting (XSS) vulnerability in IBM InfoSphere Master Data Management - Collaborative Edition 10.0 and 10.1 before FP1 and InfoSphere Master Data Management Server for Product Information Management 6.0, 9.0, and 9.1 allows remote authenticated users to inject arbitra...
Ibm Infosphere Master Data Management Collaboration Server 10.0.1
Ibm Infosphere Master Data Management Collaboration Server 10.0.0
Ibm Infosphere Master Data Management Server For Product Information Management 9.1.0
Ibm Infosphere Master Data Management Server For Product Information Management 6.0.0
Ibm Infosphere Master Data Management Server For Product Information Management 9.0.0
7.5
CVSSv3
CVE-2023-24959
IBM InfoSphere Information Systems 11.7 could expose information about the host system and environment configuration. IBM X-Force ID: 246332.
Ibm Infosphere Information Server
8.8
CVSSv3
CVE-2023-22877
IBM InfoSphere Information Server 11.7 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 244368.
Ibm Infosphere Information Server
8.8
CVSSv3
CVE-2023-23473
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an malicious user to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 245400.
Ibm Infosphere Information Server
3.3
CVSSv3
CVE-2020-4886
IBM InfoSphere Information Server 11.7 stores sensitive information in the browser's history that could be obtained by a user who has access to the same system. IBM X-Force ID: 190910.
Ibm Infosphere Information Server 11.7
6.5
CVSSv3
CVE-2021-38887
IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information from application response requests that could be used in further attacks against the system. IBM X-Force ID: 209401.
Ibm Infosphere Information Server 11.7
5.4
CVSSv3
CVE-2021-38952
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Fo...
Ibm Infosphere Information Server 11.7
7.5
CVSSv3
CVE-2021-29875
IBM InfoSphere Information Server 11.7 could allow an malicious user to obtain sensitive information due to a insecure third party domain access vulnerability. IBM X-Force ID: 206572.
Ibm Infosphere Information Server 11.7
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »