Filtered by vendor Ibm
Subscriptions
Total
7286 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-35140 | 1 Ibm | 1 Security Verify Access Docker | 2024-11-21 | 7.7 High |
IBM Security Verify Access Docker 10.0.0 through 10.0.6 could allow a local user to escalate their privileges due to improper certificate validation. IBM X-Force ID: 292416. | ||||
CVE-2024-35139 | 1 Ibm | 2 Security Access Manager, Security Verify Access Docker | 2024-11-21 | 6.2 Medium |
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain sensitive information from the container due to incorrect default permissions. IBM X-Force ID: 292415. | ||||
CVE-2024-35137 | 1 Ibm | 2 Security Access Manager, Security Verify Access Docker | 2024-11-21 | 6.2 Medium |
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to possibly elevate their privileges due to sensitive configuration information being exposed. IBM X-Force ID: 292413. | ||||
CVE-2024-35119 | 1 Ibm | 1 Infosphere Information Server | 2024-11-21 | 5.3 Medium |
IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in a stack trace. This information could be used in further attacks against the system. IBM X-Force ID: 290342. | ||||
CVE-2024-35116 | 1 Ibm | 2 Mq, Mq Appliance | 2024-11-21 | 5.9 Medium |
IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS, and 9.3 CD is vulnerable to a denial of service attack caused by an error applying configuration changes. IBM X-Force ID: 290335. | ||||
CVE-2024-31919 | 1 Ibm | 2 Mq, Mq Appliance | 2024-11-21 | 5.9 Medium |
IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS and 9.3 CD, in certain configurations, is vulnerable to a denial of service attack caused by an error processing messages when an API Exit using MQBUFMH is used. IBM X-Force ID: 290259. | ||||
CVE-2024-31916 | 1 Ibm | 1 Openbmc | 2024-11-21 | 7.5 High |
IBM OpenBMC FW1050.00 through FW1050.10 BMCWeb HTTPS server component could disclose sensitive URI content to an unauthorized actor that bypasses authentication channels. IBM X-ForceID: 290026. | ||||
CVE-2024-31912 | 1 Ibm | 2 Mq, Mq Appliance | 2024-11-21 | 7.5 High |
IBM MQ 9.3 LTS and 9.3 CD could allow an authenticated user to escalate their privileges under certain configurations due to incorrect privilege assignment. IBM X-Force ID: 289894. | ||||
CVE-2024-31908 | 1 Ibm | 1 Planning Analytics Local | 2024-11-21 | 6.4 Medium |
IBM Planning Analytics Local 2.0 and 2.1 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 289890. | ||||
CVE-2024-31907 | 1 Ibm | 1 Planning Analytics Local | 2024-11-21 | 5.4 Medium |
IBM Planning Analytics Local 2.0 and 2.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 289889. | ||||
CVE-2024-31904 | 1 Ibm | 1 App Connect Enterprise | 2024-11-21 | 6.5 Medium |
IBM App Connect Enterprise 11.0.0.1 through 11.0.0.25 and 12.0.1.0 through 12.0.12.0 integration nodes could allow an authenticated user to cause a denial of service due to an uncaught exception. IBM X-Force ID: 289647. | ||||
CVE-2024-31902 | 1 Ibm | 1 Infosphere Information Server | 2024-11-21 | 4.3 Medium |
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 289234. | ||||
CVE-2024-31898 | 1 Ibm | 1 Infosphere Information Server | 2024-11-21 | 5.4 Medium |
IBM InfoSphere Information Server 11.7 could allow an authenticated user to read or modify sensitive information by bypassing authentication using insecure direct object references. IBM X-Force ID: 288182. | ||||
CVE-2024-31897 | 1 Ibm | 1 Cloud Pak For Business Automation | 2024-11-21 | 4.3 Medium |
IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, 22.0.2, 23.0.1, and 23.0.2 vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 288178. | ||||
CVE-2024-31895 | 1 Ibm | 1 App Connect Enterprise | 2024-11-21 | 4.3 Medium |
IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain sensitive user information using an expired access token. IBM X-Force ID: 288176. | ||||
CVE-2024-31894 | 1 Ibm | 1 App Connect Enterprise | 2024-11-21 | 4.3 Medium |
IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain sensitive user information using an expired access token. IBM X-Force ID: 288175. | ||||
CVE-2024-31893 | 1 Ibm | 1 App Connect Enterprise | 2024-11-21 | 4.3 Medium |
IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain sensitive calendar information using an expired access token. IBM X-Force ID: 288174. | ||||
CVE-2024-31890 | 1 Ibm | 1 I | 2024-11-21 | 7.8 High |
IBM i 7.3, 7.4, and 7.5 product IBM TCP/IP Connectivity Utilities for i contains a local privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges to gain root access to the host operating system. IBM X-Force ID: 288171. | ||||
CVE-2024-31889 | 1 Ibm | 1 Planning Analytics Local | 2024-11-21 | 5.4 Medium |
IBM Planning Analytics Local 2.0 and 2.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 288136. | ||||
CVE-2024-31887 | 1 Ibm | 1 Security Verify Privilege | 2024-11-21 | 7.5 High |
IBM Security Verify Privilege 11.6.25 could allow an unauthenticated actor to obtain sensitive information from the SOAP API. IBM X-Force ID: 287651. |