Vulnerabilities > IBM > Infosphere Information Server > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-05-22 | CVE-2023-32336 | Deserialization of Untrusted Data vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Information Server 11.7 is affected by a remote code execution vulnerability due to insecure deserialization in an RMI service. | 9.8 |
2023-05-19 | CVE-2022-47984 | SQL Injection vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Information Server 11.7 is vulnerable to SQL injection. | 9.8 |
2022-11-16 | CVE-2022-40752 | Command Injection vulnerability in IBM products IBM InfoSphere DataStage 11.7 is vulnerable to a command injection vulnerability due to improper neutralization of special elements. | 9.8 |
2022-11-03 | CVE-2022-40747 | XXE vulnerability in IBM Infosphere Information Server 11.7 "IBM InfoSphere Information Server 11.7 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. | 9.1 |
2022-11-03 | CVE-2022-22425 | Improper Neutralization of Formula Elements in a CSV File vulnerability in IBM Infosphere Information Server 11.7 "IBM InfoSphere Information Server 11.7 is potentially vulnerable to CSV Injection. | 9.8 |
2021-01-26 | CVE-2020-27583 | Deserialization of Untrusted Data vulnerability in IBM Infosphere Information Server 8.5 IBM InfoSphere Information Server 8.5.0.0 is affected by deserialization of untrusted data which could allow remote unauthenticated attackers to execute arbitrary code. | 9.8 |
2020-07-09 | CVE-2020-4305 | Deserialization of Untrusted Data vulnerability in IBM products IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data. | 9.3 |
2013-01-31 | CVE-2012-0204 | Unspecified vulnerability in IBM products Untrusted search path vulnerability in InfoSphere Import Export Manager 8.1 through 9.1 in InfoSphere Information Server MetaBrokers & Bridges (MBB) in IBM InfoSphere Information Server 8.1, 8.5 before FP3, 8.7, and 9.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory. | 9.3 |
2009-12-09 | CVE-2009-4240 | Buffer Errors vulnerability in IBM Infosphere Information Server 8.1 Multiple buffer overflows in unspecified setuid executables in the DataStage subsystem in IBM InfoSphere Information Server 8.1 before FP1 have unknown impact and attack vectors. | 10.0 |