5.1
CVE-2025-36440 - Multiple Vulnerabilities in IBM Concert Software
IBM Concert 1.0.0 through 2.2.0 could allow a local user to obtain sensitive information due to missing function level access control.
7.3
CVE-2026-4822 - Enter Software Iperius Backup Backup Service temp file
A vulnerability was detected in Enter Software Iperius Backup up to 8.7.3. Affected is an unknown function of the file C:\ProgramData\IperiusBackup\Jobs\ of the component Backup Service. Performing a manipulation results in creation of temporary file with insecure permissions. The attack is only poβ¦
5.1
CVE-2025-36438 - Multiple Vulnerabilities in IBM Concert Software
IBM Concert 1.0.0 through 2.2.0 could allow a privileged user to perform unauthorized actions due to improper restriction of channel communication to intended endpoints.
4.3
CVE-2025-36422 - IBM InfoSphere Information Server is vulnerable to cross-site request forgery
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 IBM InfoSphere DataStage Flow Designer is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
7.1
CVE-2025-36258 - IBM InfoSphere Information Server is vulnerable due to plaintext storage of a password
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 product stores user credentials and other sensitive information in plain text which can be read by a local user.
4.8
CVE-2026-2485 - IBM InfoSphere Information Server Cross-Site Scripting
IBM Infosphere Information ServerΒ 11.7.0.0 throughΒ 11.7.1.6 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusβ¦
4.3
CVE-2026-33249 - NATS: Message tracing can be redirected to arbitrary subject
NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Starting in version 2.11.0 and prior to versions 2.11.15 and 2.12.6, a valid client which uses message tracing headers can indicate that the trace messages can be sent to an arbitrary valid subject, inclβ¦
5.7
CVE-2025-14974 - IBM InfoSphere Information Server is vulnerable due to Insecure Direct Object Reference
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable due to Insecure Direct Object Reference (IDOR).
6.4
CVE-2026-33223 - NATS Server: Incomplete Stripping of Nats-Request-Info Header Allows Identity Spoofing
NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, the NATS message header `Nats-Request-Info:` is supposed to be a guarantee of identity by the NATS server, but the stripping of this header from inbound messages wasβ¦
4.3
CVE-2026-1262 - IBM InfoSphere Information Server Information Disclosure
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is affected by an information disclosure vulnerability.