|
2441
|
7.5 |
HIGH
Network
ibm
|
cloud_pak_for_security
qradar_suite
|
IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 displays sensitive data improperly to a local privileged user, in non default configura…
|
NVD-CWE-noinfo
|
CVE-2024-28799
|
2024-09-21 19:15 |
2024-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
2442
|
4.1 |
MEDIUM
Network
|
ibm
|
cloud_pak_for_security
qradar_suite
|
IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 does not invalidate session after logout which could allow another authenticated…
|
CWE-613
Insufficient Session Expiration
|
CVE-2022-38382
|
2024-09-21 19:15 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2443
|
5.5 |
MEDIUM
Local
|
ibm
|
datacap
|
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 295972.
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2024-39733
|
2024-09-21 19:15 |
2024-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2444
|
5.5 |
MEDIUM
Local
|
ibm
|
cloud_pak_for_security
qradar_suite
|
IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10.12.0 through 1.10.22.0 stores potentially sensitive information in log files that could be read by a local use…
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2024-25023
|
2024-09-21 19:15 |
2024-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2445
|
5.3 |
MEDIUM
Network
ibm
|
robotic_process_automation
robotic_process_automation_as_a_service
robotic_process_automation_for_cloud_pak
|
IBM Robotic Process Automation 21.0.1 and 21.0.2 could disclose sensitive version to an unauthorized control sphere information that could aid in further attacks against the system. IBM X-Force ID: …
|
CWE-497
Exposure of Sensitive System Information to an Unauthorized Control Sphere
|
CVE-2022-38710
|
2024-09-21 19:15 |
2022-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
2446
|
8.8 |
HIGH
Local
|
siemens
|
omnivise_t3000_whitelisting_server
omnivise_t3000_thin_client
omnivise_t3000_product_data_management
omnivise_t3000_domain_controller
omnivise_t3000_application_server
omnivise_t3000_t…
|
A vulnerability has been identified in Omnivise T3000 Application Server R9.2 (All versions), Omnivise T3000 Domain Controller R9.2 (All versions), Omnivise T3000 Network Intrusion Detection System (…
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2024-38877
|
2024-09-21 08:35 |
2024-08-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2447
|
9.8 |
CRITICAL
Network
siemens
|
omnivise_t3000_application_server
|
A vulnerability has been identified in Omnivise T3000 Application Server R9.2 (All versions), Omnivise T3000 R8.2 SP3 (All versions), Omnivise T3000 R8.2 SP4 (All versions). The affected system expos…
|
NVD-CWE-noinfo
|
CVE-2024-38879
|
2024-09-21 08:26 |
2024-08-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
2448
|
5.3 |
MEDIUM
Network
spa-cart
|
spa-cartcms
|
A vulnerability, which was classified as problematic, has been found in spa-cartcms 1.9.0.6. This issue affects some unknown processing of the file /checkout of the component Checkout Page. The manip…
|
NVD-CWE-Other
|
CVE-2024-6128
|
2024-09-21 08:21 |
2024-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
2449
|
9.8 |
CRITICAL
Network
brainstormforce
|
convert_pro
|
Missing Authorization vulnerability in Brainstorm Force Convert Pro.This issue affects Convert Pro: from n/a through 1.7.5.
|
CWE-862
Missing Authorization
|
CVE-2023-36684
|
2024-09-21 08:19 |
2024-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
2450
|
8.8 |
HIGH
Network
|
brainstormforce
|
spectra
|
Missing Authorization vulnerability in Brainstorm Force Spectra.This issue affects Spectra: from n/a through 2.6.6.
|
CWE-862
Missing Authorization
|
CVE-2023-36676
|
2024-09-21 08:11 |
2024-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
