|
71
|
9.1 |
CRITICAL
Network
|
-
|
-
|
IBM Security Verify Directory 10.0.0 through 10.0.3 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request.
New
|
CWE-78
OS Command
|
CVE-2024-51450
|
2025-02-6 10:15 |
2025-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
72
|
7.8 |
HIGH
Local
|
-
|
-
|
IBM Security Verify Access Appliance 10.0.0 through 10.0.3 could allow a locally authenticated user to increase their privileges due to execution with unnecessary privileges.
New
|
CWE-250
Execution with Unnecessary Privileges
|
CVE-2024-49814
|
2025-02-6 10:15 |
2025-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
73
|
4.3 |
MEDIUM
Network
|
-
|
-
|
IBM ApplinX 11.1 stores sensitive information in cleartext in memory that could be obtained by an authenticated user.
New
|
CWE-316
Cleartext Storage of Sensitive Information in Memory
|
CVE-2024-49800
|
2025-02-6 09:15 |
2025-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
74
|
4.3 |
MEDIUM
Network
|
-
|
-
|
IBM ApplinX 11.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks ag…
New
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2024-49798
|
2025-02-6 09:15 |
2025-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
75
|
5.9 |
MEDIUM
Network
|
-
|
-
|
IBM ApplinX 11.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability t…
New
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2024-49797
|
2025-02-6 09:15 |
2025-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
76
|
5.4 |
MEDIUM
Network
|
-
|
-
|
IBM ApplinX 11.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to…
New
|
CWE-451
User Interface (UI) Misrepresentation of Critical Information
|
CVE-2024-49796
|
2025-02-6 09:15 |
2025-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
77
|
4.3 |
MEDIUM
Network
|
-
|
-
|
IBM ApplinX 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
New
|
CWE-352
Origin Validation Error
|
CVE-2024-49795
|
2025-02-6 09:15 |
2025-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
78
|
4.3 |
MEDIUM
Network
|
-
|
-
|
IBM ApplinX 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
New
|
CWE-352
Origin Validation Error
|
CVE-2024-49794
|
2025-02-6 09:15 |
2025-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
79
|
5.4 |
MEDIUM
Network
|
-
|
-
|
IBM ApplinX 11.1 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality poten…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-49793
|
2025-02-6 09:15 |
2025-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
80
|
5.4 |
MEDIUM
Network
|
-
|
-
|
IBM ApplinX 11.1 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality poten…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-49792
|
2025-02-6 09:15 |
2025-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
