261
|
6.5 |
MEDIUM
Network
|
ibm
|
db2
|
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) federated server 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query under certain non default con…
|
NVD-CWE-noinfo
|
CVE-2024-35136
|
2024-09-21 19:15 |
2024-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
262
|
6.5 |
MEDIUM
Network
|
ibm
|
db2
|
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to a denial of service, under specific non default configurations, as the server may crash when using a s…
|
CWE-74
Injection
|
CVE-2024-31882
|
2024-09-21 19:15 |
2024-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
263
|
7.5 |
HIGH
Network
ibm
|
cloud_pak_for_security qradar_suite
|
IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 displays sensitive data improperly to a local privileged user, in non default configura…
|
NVD-CWE-noinfo
|
CVE-2024-28799
|
2024-09-21 19:15 |
2024-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
264
|
4.1 |
MEDIUM
Network
|
ibm
|
cloud_pak_for_security qradar_suite
|
IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 does not invalidate session after logout which could allow another authenticated…
|
CWE-613
Insufficient Session Expiration
|
CVE-2022-38382
|
2024-09-21 19:15 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
265
|
5.5 |
MEDIUM
Local
|
ibm
|
datacap
|
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 295972.
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2024-39733
|
2024-09-21 19:15 |
2024-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266
|
5.5 |
MEDIUM
Local
|
ibm
|
cloud_pak_for_security qradar_suite
|
IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10.12.0 through 1.10.22.0 stores potentially sensitive information in log files that could be read by a local use…
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2024-25023
|
2024-09-21 19:15 |
2024-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267
|
5.3 |
MEDIUM
Network
ibm
|
robotic_process_automation robotic_process_automation_as_a_service robotic_process_automation_for_cloud_pak
|
IBM Robotic Process Automation 21.0.1 and 21.0.2 could disclose sensitive version to an unauthorized control sphere information that could aid in further attacks against the system. IBM X-Force ID: …
|
CWE-497
Exposure of Sensitive System Information to an Unauthorized Control Sphere
|
CVE-2022-38710
|
2024-09-21 19:15 |
2022-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
268
|
- |
|
-
|
-
|
A vulnerability was found in y_project RuoYi up to 4.7.9. It has been declared as problematic. Affected by this vulnerability is the function SysUserServiceImpl of the file ruoyi-system/src/main/java…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9048
|
2024-09-21 18:15 |
2024-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
269
|
4.4 |
MEDIUM
Network
|
-
|
-
|
The MC4WP: Mailchimp for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 4.9.16 due to insufficient input sanitiza…
|
CWE-80
Basic XSS
|
CVE-2024-8680
|
2024-09-21 18:15 |
2024-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270
|
- |
|
-
|
-
|
This vulnerability occurs when an attacker exploits a race condition between the time a file is checked and the time it is used (TOCTOU). By exploiting this race condition, an attacker can write arbi…
|
-
|
CVE-2024-6787
|
2024-09-21 14:15 |
2024-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|