Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2021-29875: IBM InfoSphere Information Server information disclosure CVE-2021-29875 Vulnerability Report

IBM InfoSphere Information Server 11.7 could allow an attacker to obtain sensitive information due to a insecure third party domain access vulnerability. IBM X-Force ID: 206572.

CVE
#vulnerability

Related news

CVE-2021-29888: IBM X-Force Exchange

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 207123.

CVE-2021-29888: IBM InfoSphere Information Server cross-site request forgery CVE-2021-29888 Vulnerability Report

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 207123.

CVE-2021-20526: Security Bulletin: IBM Planning Analytics Workspace is affected by security vulnerabilities

IBM Planning Analytics 2.0 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain sensitive information from the cookie. IBM X-Force ID: 198755.

CVE-2021-20552: Security Bulletin: Information Disclosure Vulnerabilty Affects IBM Sterling File Gateway User Interface (CVE-2021-20552)

IBM Sterling File Gateway 6.0.0.0 through 6.1.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 199170.

CVE-2020-4941: IBM Edge information disclosure CVE-2020-4941 Vulnerability Report

IBM Edge 4.2 could reveal sensitive version information about the server from error pages that could aid an attacker in further attacks against the system. IBM X-Force ID: 191941.

CVE-2021-20485: Security Bulletin: Information Disclosure Vulnerabilities Affect IBM Sterling B2B File Gateway User Interface (CVE-2021-20485, CVE-2021-20563)

IBM Sterling File Gateway 2.2.0.0 through 6.1.0.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 197667.

CVE-2021-20377: Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities (CVE-2021-20377, CVE-2020-4690)

IBM Security Guardium 11.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 195569.

CVE-2021-20377: Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities (CVE-2021-20377, CVE-2020-4690)

IBM Security Guardium 11.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 195569.

CVE-2021-20433: Security Bulletin: IBM Security Guardium is affected by an Information Exposure vulnerability

IBM Security Guardium 11.3 could allow a an authenticated user to obtain sensitive information that could be used in further attacks against the system. IBM X-Force ID: 196345.

CVE-2021-29773: Security Bulletin: IBM Security Guardium is affected by the following vulnerabilities ( CVE-2021-29773, CVE-2021-2161)

IBM Security Guardium 10.6 and 11.3 could allow a remote authenticated attacker to obtain sensitive information or modify user details caused by an insecure direct object vulnerability (IDOR). IBM X-Force ID: 202865.

CVE-2021-20508: IBM Security Secret Server information disclosure CVE-2021-20508 Vulnerability Report

IBM Security Secret Server up to 11.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 199322.

CVE-2021-20569: IBM Security Secret Server information disclosure CVE-2021-20569 Vulnerability Report

IBM Security Secret Server up to 11.0 could allow an attacker to enumerate usernames due to improper input validation. IBM X-Force ID: 199243.

CVE-2021-20500: IBM Security Verify Access Docker information disclosure CVE-2021-20500 Vulnerability Report

IBM Security Verify Access Docker 10.0.0 could reveal highly sensitive information to a local privileged user. IBM X-Force ID: 197980.

CVE-2021-20497: IBM Security Verify Access Docker information disclosure CVE-2021-20497 Vulnerability Report

IBM Security Verify Access Docker 10.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 197969

CVE-2021-20498: IBM Security Verify Access Docker information disclosure CVE-2021-20498 Vulnerability Report

IBM Security Verify Access Docker 10.0.0 reveals version information in HTTP requets that could be used in further attacks against the system. IBM X-Force ID: 197972.

CVE-2021-20499: IBM Security Verify Access Docker information disclosure CVE-2021-20499 Vulnerability Report

IBM Security Verify Access Docker 10.0.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 197973

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907