Latest medium severity vulnerabilities for "ibm cognos analytics" 11.2.0-11.2.4 fp3

IBM Cognos AnalyticsIBM Cognos Analytics cross-site scripting

medium

5.4

First published (updated )

CVE-2024-25042

IBM Cognos AnalyticsIBM Cognos Analytics cross-site scripting

medium

5.4

First published (updated )

CVE-2024-25041

IBM Cognos AnalyticsIBM Cognos Analytics improper certificate validation

medium

5.9

First published (updated )

CVE-2024-25053

IBM Cognos AnalyticsIBM WebSphere Application Server server-side request forgery

medium

4.3

First published (updated )

CVE-2024-22329

IBM Cognos AnalyticsIBM WebSphere Application Server Liberty cross-site scripting

medium

4.7

EPSS

0.04%

First published (updated )

CVE-2024-27270

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

IBM Cognos AnalyticsNode.js is vulnerable to a denial of service, caused by a resource exhaustion flaw in fetch() brotli…

medium

6.5

EPSS

0.04%

First published (updated )

CVE-2024-22025

IBM Cognos AnalyticsIBM WebSphere Application Server Liberty information disclosure

medium

5.3

First published (updated )

CVE-2023-50312

IBM Cognos AnalyticsNode.js could allow a remote attacker to bypass security restrictions, caused by the improper handli…

medium

5

EPSS

0.04%

First published (updated )

CVE-2024-21890

Apache ShiroApache Shiro before 1.13.0 or 2.0.0-alpha-4, may be susceptible to a path traversal attack that results in an authentication bypass when used together with path rewriting

medium

6.6

First published (updated )

CVE-2023-46749

IBM Cognos AnalyticsInput Validation

medium

6.5

First published (updated )

CVE-2023-51775

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

Apache Santuario XML Security for JavaApache Santuario: Private Key disclosure in debug-log output

medium

6.5

First published (updated )

CVE-2023-44483

IBM Cognos AnalyticsCode Injection

medium

5.3

First published (updated )

CVE-2023-39333

Eclipse JettyJetty's OpenId Revoked authentication allows one request

medium

4.3

First published (updated )

CVE-2023-41900

Eclipse JettyJetty accepts "+" prefixed value in Content-Length

medium

5.3

First published (updated )

CVE-2023-40167

Eclipse JettyJetty vulnerable to errant command quoting in CGI Servlet

medium

4.3

First published (updated )

CVE-2023-36479

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

Eclipse JettyInfoleak

medium

5.3

First published (updated )

CVE-2023-26049

maven/org.eclipse.jetty:jetty-serverEclipse Jetty is vulnerable to a denial of service, caused by an out of memory flaw in the HttpServl…

medium

5.3

First published (updated )

CVE-2023-26048

IBM Cognos Analyticsvercel ms index.js parse redos

medium

5.3

First published (updated )

CVE-2017-20162

redhat/jettyInfoleak

medium

5.3

First published (updated )

CVE-2021-28169

IBM Cognos AnalyticsXSS

medium

6.5

First published (updated )

CVE-2021-3377

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

Eclipse JettyXSS

medium

6.1

First published (updated )

CVE-2019-10241

IBM Cognos AnalyticsGNU C Library is vulnerable to a denial of service, caused by an error in the glob implementation. A…

medium

4

First published (updated )

CVE-2010-4756

IBM Cognos AnalyticsIBM Cognos Analytics cross-site scripting

IBM Cognos AnalyticsIBM Cognos Analytics cross-site scripting

IBM Cognos AnalyticsIBM Cognos Analytics improper certificate validation

IBM Cognos AnalyticsIBM WebSphere Application Server server-side request forgery

IBM Cognos AnalyticsIBM WebSphere Application Server Liberty cross-site scripting

Never miss a vulnerability like this again

IBM Cognos AnalyticsNode.js is vulnerable to a denial of service, caused by a resource exhaustion flaw in fetch() brotli…

IBM Cognos AnalyticsIBM WebSphere Application Server Liberty information disclosure

IBM Cognos AnalyticsNode.js could allow a remote attacker to bypass security restrictions, caused by the improper handli…

Apache ShiroApache Shiro before 1.13.0 or 2.0.0-alpha-4, may be susceptible to a path traversal attack that results in an authentication bypass when used together with path rewriting

IBM Cognos AnalyticsInput Validation

Never miss a vulnerability like this again

Apache Santuario XML Security for JavaApache Santuario: Private Key disclosure in debug-log output

IBM Cognos AnalyticsCode Injection

Eclipse JettyJetty's OpenId Revoked authentication allows one request

Eclipse JettyJetty accepts "+" prefixed value in Content-Length

Eclipse JettyJetty vulnerable to errant command quoting in CGI Servlet

Never miss a vulnerability like this again

Eclipse JettyInfoleak

maven/org.eclipse.jetty:jetty-serverEclipse Jetty is vulnerable to a denial of service, caused by an out of memory flaw in the HttpServl…

IBM Cognos Analyticsvercel ms index.js parse redos

redhat/jettyInfoleak

IBM Cognos AnalyticsXSS

Never miss a vulnerability like this again

Eclipse JettyXSS

IBM Cognos AnalyticsGNU C Library is vulnerable to a denial of service, caused by an error in the glob implementation. A…

Company

Resources

Contact