Filtered by vendor Ibm
Subscriptions
Total
7897 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-39733 | 1 Ibm | 1 Datacap | 2024-11-21 | 5.5 Medium |
| IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 295972. | ||||
| CVE-2024-39732 | 1 Ibm | 1 Datacap | 2024-11-21 | 4.1 Medium |
| IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 temporarily stores data from different environments that could be obtained by a malicious user. IBM X-Force ID: 295791. | ||||
| CVE-2024-39731 | 1 Ibm | 1 Datacap | 2024-11-21 | 5.9 Medium |
| IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 295970. | ||||
| CVE-2024-39729 | 1 Ibm | 2 Datacap, Datacap Navigator | 2024-11-21 | 4.3 Medium |
| IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow an authenticated user to obtain sensitive information from source code that could be used in further attacks against the system. IBM X-Force ID: 295968. | ||||
| CVE-2024-39728 | 1 Ibm | 2 Datacap, Datacap Navigator | 2024-11-21 | 6.4 Medium |
| IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 295967. | ||||
| CVE-2024-39723 | 1 Ibm | 1 Storage Virtualize | 2024-11-21 | 4.6 Medium |
| IBM FlashSystem 5300 USB ports may be usable even if the port has been disabled by the administrator. A user with physical access to the system could use the USB port to cause loss of access to data. IBM X-Force ID: 295935. | ||||
| CVE-2024-38330 | 1 Ibm | 1 I | 2024-11-21 | 7 High |
| IBM System Management for i 7.2, 7.3, and 7.4 could allow a local user to gain elevated privileges due to an unqualified library program call. A malicious actor could cause user-controlled code to run with administrator privilege. IBM X-Force ID: 295227. | ||||
| CVE-2024-38329 | 1 Ibm | 1 Storage Protect For Virtual Environments | 2024-11-21 | 7.7 High |
| IBM Storage Protect for Virtual Environments: Data Protection for VMware 8.1.0.0 through 8.1.22.0 could allow a remote authenticated attacker to bypass security restrictions, caused by improper validation of user permission. By sending a specially crafted request, an attacker could exploit this vulnerability to change its settings, trigger backups, restore backups, and also delete all previous backups via log rotation. IBM X-Force ID: 294994. | ||||
| CVE-2024-38322 | 1 Ibm | 1 Storage Defender Resiliency Service | 2024-11-21 | 5.3 Medium |
| IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 agent username and password error response discrepancy exposes product to brute force enumeration. IBM X-Force ID: 294869. | ||||
| CVE-2024-38319 | 1 Ibm | 1 Soar | 2024-11-21 | 7.5 High |
| IBM Security SOAR 51.0.2.0 could allow an authenticated user to execute malicious code loaded from a specially crafted script. IBM X-Force ID: 294830. | ||||
| CVE-2024-37533 | 1 Ibm | 1 Infosphere Information Server | 2024-11-21 | 2.4 Low |
| IBM InfoSphere Information Server 11.7 could disclose sensitive user information to another user with physical access to the machine. IBM X-Force ID: 294727. | ||||
| CVE-2024-37532 | 1 Ibm | 1 Websphere Application Server | 2024-11-21 | 8.8 High |
| IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to identity spoofing by an authenticated user due to improper signature validation. IBM X-Force ID: 294721. | ||||
| CVE-2024-37528 | 1 Ibm | 1 Cloud Pak For Business Automation | 2024-11-21 | 4.8 Medium |
| IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, 22.0.2, 23.0.1, and 23.0.2 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 294293. | ||||
| CVE-2024-35156 | 1 Ibm | 2 Mq, Mq Appliance | 2024-11-21 | 6.5 Medium |
| IBM MQ 9.3 LTS and 9.3 CD could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 292766. | ||||
| CVE-2024-35155 | 1 Ibm | 2 Mq, Mq Appliance | 2024-11-21 | 6.5 Medium |
| IBM MQ Console 9.3 LTS and 9.3 CD could disclose could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 292765. | ||||
| CVE-2024-35154 | 1 Ibm | 1 Websphere Application Server | 2024-11-21 | 7.2 High |
| IBM WebSphere Application Server 8.5 and 9.0 could allow a remote authenticated attacker, who has authorized access to the administrative console, to execute arbitrary code. Using specially crafted input, the attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 292641. | ||||
| CVE-2024-35153 | 1 Ibm | 1 Websphere Application Server | 2024-11-21 | 4.8 Medium |
| IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 292640. | ||||
| CVE-2024-35139 | 1 Ibm | 2 Security Access Manager, Security Verify Access Docker | 2024-11-21 | 6.2 Medium |
| IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain sensitive information from the container due to incorrect default permissions. IBM X-Force ID: 292415. | ||||
| CVE-2024-35137 | 1 Ibm | 2 Security Access Manager, Security Verify Access Docker | 2024-11-21 | 6.2 Medium |
| IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to possibly elevate their privileges due to sensitive configuration information being exposed. IBM X-Force ID: 292413. | ||||
| CVE-2024-35119 | 1 Ibm | 1 Infosphere Information Server | 2024-11-21 | 5.3 Medium |
| IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in a stack trace. This information could be used in further attacks against the system. IBM X-Force ID: 290342. | ||||