cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-40706,https://securityvulnerability.io/vulnerability/CVE-2024-40706,Remote Information Disclosure Vulnerability in IBM InfoSphere Information Server,"IBM InfoSphere Information Server version 11.7 is susceptible to a vulnerability that allows remote users to access sensitive version information. This exposure may facilitate further targeted attacks against the system, emphasizing the need for immediate remediation and protective measures to secure sensitive data.",IBM,Infosphere Information Server,5.3,MEDIUM,0.0004600000102072954,false,,false,false,false,,false,false,false,,2025-01-24T15:20:36.596Z,0
CVE-2024-52363,https://securityvulnerability.io/vulnerability/CVE-2024-52363,Directory Traversal Vulnerability in IBM InfoSphere Information Server,"IBM InfoSphere Information Server 11.7 is vulnerable to a directory traversal attack. An attacker can exploit this vulnerability by sending a specially crafted URL that includes 'dot dot' sequences, such as '/../', allowing them to access unauthorized files on the server. This could lead to the exposure of sensitive information, potentially compromising the integrity and confidentiality of the system.",IBM,Infosphere Information Server,6.5,MEDIUM,0.0005000000237487257,false,,false,false,false,,false,false,false,,2025-01-17T02:01:17.410Z,0
CVE-2021-29827,https://securityvulnerability.io/vulnerability/CVE-2021-29827,Cross-Frame Scripting Vulnerability in IBM InfoSphere Information Server,"IBM InfoSphere Information Server 11.7 is vulnerable to a cross-frame scripting vulnerability (CVE-2021-29827), allowing remote attackers to hijack the clicking actions of users. By tricking victims into visiting malicious websites, attackers can exploit this vulnerability, gaining the ability to manipulate user actions and launch further attacks. Organizations using this software should take immediate measures to mitigate potential risks associated with this critical vulnerability.",IBM,Infosphere Information Server,5.2,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2024-12-19T00:15:00.000Z,0
CVE-2024-52901,https://securityvulnerability.io/vulnerability/CVE-2024-52901,IBM InfoSphere Information Server 11.7 Vulnerability,"An input validation flaw in IBM InfoSphere Information Server 11.7 may allow an authenticated user to exploit the GUI, potentially causing it to fail to load or to stop functioning entirely. This vulnerability highlights the critical importance of proper input validation mechanisms in software applications, as failures in this area can lead to degraded user experience and operational disruption. Organizations using this product are advised to assess their configurations and apply necessary mitigations to prevent potential exploitation of this issue.",IBM,Infosphere Information Server,6.5,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2024-12-12T16:06:31.783Z,0
CVE-2024-51460,https://securityvulnerability.io/vulnerability/CVE-2024-51460,Vulnerability in InfoSphere Information Server Could Lead to Sensitive Information Disclosure,IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information when a detailed technical error message is returned in a stack trace. This information could be used in further attacks against the system.,IBM,Infosphere Information Server,4.3,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-12-11T12:15:49.427Z,0
CVE-2023-23472,https://securityvulnerability.io/vulnerability/CVE-2023-23472," IBM InfoSphere DataStage Flow Designer Vulnerability Could Lead to System Attacks","IBM InfoSphere DataStage Flow Designer, part of the InfoSphere Information Server suite, has a vulnerability that may enable authenticated users to access sensitive information. This information could potentially be leveraged for further attacks against the system. Proper security measures should be employed to mitigate the risks associated with this vulnerability, ensuring that sensitive data remains protected from unauthorized access.",IBM,Infosphere Information Server,3.1,LOW,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-12-11T12:14:54.975Z,0
CVE-2024-40704,https://securityvulnerability.io/vulnerability/CVE-2024-40704,Sensitive Information Disclosure in IBM InfoSphere Information Server,"A vulnerability in IBM InfoSphere Information Server 11.7 exists that may enable a privileged user to gain unauthorized access to sensitive information contained within authentication request headers. This flaw could expose confidential data, raising significant security concerns for enterprises relying on this system. Safeguarding sensitive data is paramount in today's security landscape.",IBM,Infosphere Information Server,4.9,MEDIUM,0.0004900000058114529,false,,false,false,false,,,false,false,,2024-08-15T17:15:00.000Z,0
CVE-2024-40705,https://securityvulnerability.io/vulnerability/CVE-2024-40705,Unrestricted File Upload Vulnerability in IBM InfoSphere Information Server,"The vulnerability in IBM InfoSphere Information Server allows authenticated users to perform unrestricted file uploads. This misconfiguration can lead to significant file space consumption, potentially disrupting normal operations and impacting system performance. Organizations using this product should assess their configurations to mitigate this risk.",IBM,Infosphere Information Server,6.5,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2024-08-15T17:15:00.000Z,0
CVE-2024-39751,https://securityvulnerability.io/vulnerability/CVE-2024-39751,Information Disclosure Vulnerability in IBM InfoSphere Information Server,"IBM InfoSphere Information Server 11.7 presents a vulnerability that allows remote attackers to gain unauthorized access to sensitive information through detailed technical error messages returned in the browser. These messages can inadvertently disclose critical system information, potentially facilitating further targeted attacks on the system. Organizations using this software should review their configurations and error handling processes to mitigate exposure.",IBM,Infosphere Information Server,4.3,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-08-06T16:15:00.000Z,0
CVE-2024-40689,https://securityvulnerability.io/vulnerability/CVE-2024-40689,IBM InfoSphere Information Server Vulnerable to SQL Injection,"IBM InfoSphere Information Server 11.7 contains a vulnerability that exposes the system to SQL injection risks. Remote attackers can exploit this flaw by sending specially crafted SQL statements, effectively granting them unauthorized access to the back-end database. This exploitation may lead to unauthorized viewing, addition, modification, or deletion of sensitive information. Organizations using this software are strongly advised to implement recommended security measures to safeguard against potential threats to their database integrity.",IBM,Infosphere Information Server,9.8,CRITICAL,0.0007300000288523734,false,,false,false,false,,,false,false,,2024-07-26T13:27:26.097Z,0
CVE-2024-37533,https://securityvulnerability.io/vulnerability/CVE-2024-37533,Possible Disclosure of Sensitive User Information via Physical Access,IBM InfoSphere Information Server 11.7 could disclose sensitive user information to another user with physical access to the machine.  IBM X-Force ID:  294727.,IBM,Infosphere Information Server,4.6,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-07-24T17:05:56.222Z,0
CVE-2023-50964,https://securityvulnerability.io/vulnerability/CVE-2023-50964,IBM InfoSphere Information Server Vulnerable to Cross-Site Scripting,IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.  IBM X-Force ID:  276102.,IBM,Infosphere Information Server,5.4,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2024-06-30T18:12:32.203Z,0
CVE-2024-28794,https://securityvulnerability.io/vulnerability/CVE-2024-28794,IBM InfoSphere Information Server Vulnerable to Cross-Site Scripting,IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.  IBM X-Force ID:  286831.,IBM,Infosphere Information Server,5.4,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2024-06-30T18:10:00.260Z,0
CVE-2023-50953,https://securityvulnerability.io/vulnerability/CVE-2023-50953,Remote Attack Could Lead to Sensitive Information Disclosure,IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned.  This information could be used in further attacks against the system.  IBM X-Force ID:  275775.,IBM,Infosphere Information Server,4.3,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2024-06-30T18:08:20.068Z,0
CVE-2023-50952,https://securityvulnerability.io/vulnerability/CVE-2023-50952,IBM InfoSphere Information Server Vulnerable to Server-Side Request Forgery (SSRF),"IBM InfoSphere Information Server 11.7 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.  IBM X-Force ID:  275774.",IBM,Infosphere Information Server,5.4,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2024-06-30T18:06:11.581Z,0
CVE-2024-28797,https://securityvulnerability.io/vulnerability/CVE-2024-28797,IBM InfoSphere Information Server Vulnerable to Cross-Site Scripting,IBM InfoSphere Information Server 11.7 is vulnerable stored to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.  IBM X-Force ID:  287136.,IBM,Infosphere Information Server,5.4,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2024-06-30T18:03:50.828Z,0
CVE-2024-31898,https://securityvulnerability.io/vulnerability/CVE-2024-31898,Bypassing Authentication via Insecure Direct Object References,IBM InfoSphere Information Server 11.7 could allow an authenticated user to read or modify sensitive information by bypassing authentication using insecure direct object references.   IBM X-Force ID:  288182.,IBM,Infosphere Information Server,5.4,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2024-06-30T18:01:26.363Z,0
CVE-2023-50954,https://securityvulnerability.io/vulnerability/CVE-2023-50954,IBM InfoSphere Information Server Vulnerability Could Lead to Further Attacks,IBM InfoSphere Information Server 11.7 returns sensitive information in URL information that could be used in further attacks against the system.  IBM X-Force ID:  275776.,IBM,Infosphere Information Server,5.3,MEDIUM,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-06-30T16:40:59.263Z,0
CVE-2024-31902,https://securityvulnerability.io/vulnerability/CVE-2024-31902,IBM InfoSphere Information Server Vulnerable to Cross-Site Request Forgery,"The vulnerability in IBM InfoSphere Information Server 11.7 enables a cross-site request forgery (CSRF) attack, allowing malicious actors to execute unauthorized actions on behalf of a trusted user. CSRF exploits the trust that a web application has in a user's session, which can lead to significant security breaches, including data manipulation or unauthorized access to sensitive information. Organizations utilizing IBM InfoSphere should take immediate precautions to mitigate the impacts of this vulnerability.",IBM,Infosphere Information Server,8.8,HIGH,0.0005499999970197678,false,,false,false,false,,,false,false,,2024-06-30T16:38:15.217Z,0
CVE-2024-35119,https://securityvulnerability.io/vulnerability/CVE-2024-35119,Remote Attack on IBM InfoSphere Information Server Could Lead to Sensitive Information Disclosure,IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in a stack trace.  This information could be used in further attacks against the system.  IBM X-Force ID:  290342.,IBM,Infosphere Information Server,5.3,MEDIUM,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-06-30T16:36:37.299Z,0
CVE-2024-28798,https://securityvulnerability.io/vulnerability/CVE-2024-28798,IBM InfoSphere Information Server Vulnerable to Stored Cross-Site Scripting,IBM InfoSphere Information Server 11.7 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.  IBM X-Force ID:  287172.,IBM,Infosphere Information Server,6.1,MEDIUM,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-06-30T16:12:59.807Z,0
CVE-2023-35022,https://securityvulnerability.io/vulnerability/CVE-2023-35022,Local User Access to Unauthorized Projects,"IBM InfoSphere Information Server 11.7 is susceptible to a vulnerability that may enable a local user to modify projects beyond their authorized access levels. This flaw compromises access control mechanisms, creating potential risks for data integrity and security. Proper configurations and security measures are essential to mitigate unauthorized project updates by users lacking permissions.",IBM,Infosphere Information Server,3.3,LOW,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-06-30T16:10:56.752Z,0
CVE-2024-28795,https://securityvulnerability.io/vulnerability/CVE-2024-28795,IBM InfoSphere Information Server Vulnerable to Cross-Site Scripting,IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.  IBM X-Force ID:  286832.,IBM,Infosphere Information Server,5.4,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2024-06-30T16:00:18.030Z,0
CVE-2024-22352,https://securityvulnerability.io/vulnerability/CVE-2024-22352,Log File Vulnerability Could Allow Local User Access,IBM InfoSphere Information Server 11.7 stores potentially sensitive information in log files that could be read by a local user.  IBM X-Force ID:  280361.,IBM,Infosphere Information Server,5.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-03-21T02:52:00.000Z,0
CVE-2023-50303,https://securityvulnerability.io/vulnerability/CVE-2023-50303,IBM InfoSphere Information Server Vulnerable to Cross-Site Scripting,IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.  IBM X-Force ID:  273333.,IBM,Infosphere Information Server,6.1,MEDIUM,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-02-28T00:10:22.262Z,0