Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Ibm Subscribe
Filtered by product Infosphere Information Server Business Glossary
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-1845 3 Ibm, Linux, Microsoft 8 Aix, Infosphere Governance Catalog, Infosphere Information Server and 5 more 2023-01-30 5.5 MEDIUM 7.1 HIGH
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 150905.
CVE-2016-0280 1 Ibm 3 Information Server Framework, Infosphere Information Governance Catalog, Infosphere Information Server Business Glossary 2017-08-31 3.5 LOW 5.4 MEDIUM
Cross-site scripting (XSS) vulnerability in IBM Information Server Framework 8.5, Information Server Framework and InfoSphere Information Server Business Glossary 8.7 before FP2, Information Server Framework and InfoSphere Information Server Business Glossary 9.1 before 9.1.2.0, Information Server Framework and InfoSphere Information Governance Catalog 11.3 before 11.3.1.2, and Information Server Framework and InfoSphere Information Governance Catalog 11.5 before 11.5.0.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.