|
313661
|
9.8 |
CRITICAL
Network
|
profelis
|
passbox
|
Improper Authentication, Missing Authentication for Critical Function, Improper Authorization vulnerability in Profelis Informatics and Consulting PassBox allows Authentication Abuse.This issue affec…
|
CWE-287
CWE-306
CWE-285
Improper Authentication
Missing Authentication for Critical Function
Improper Authorization
|
CVE-2024-7015
|
2024-09-23 18:15 |
2024-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313662
|
- |
|
-
|
-
|
The pagination class includes arbitrary parameters in links, leading to cache poisoning attack vectors.
|
-
|
CVE-2024-27185
|
2024-09-22 14:15 |
2024-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313663
|
7.5 |
HIGH
Network
|
ibm
|
maximo_application_suite
|
IBM Maximo Application Suite - Manage Component 8.10, 8.11, and 9.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information using man i…
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2024-37068
|
2024-09-21 19:15 |
2024-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313664
|
8.2 |
HIGH
Network
|
ibm
|
security_verify_access_docker
security_verify_access
|
IBM Security Verify Access 10.0.0 through 10.0.8 OIDC Provider could allow a remote authenticated attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit …
|
CWE-601
Open Redirect
|
CVE-2024-35133
|
2024-09-21 19:15 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313665
|
8.1 |
HIGH
Network
|
ibm
|
app_connect_enterprise_certified_container
|
IBM App Connect Enterprise Certified Container 5.0, 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, and 12.1 does not limit calls to unshare in run…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2022-43915
|
2024-09-21 19:15 |
2024-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313666
|
6.5 |
MEDIUM
Network
|
ibm
|
cloud_pak_for_security
qradar_suite
|
IBM QRadar Suite Software 1.10.12.0 through 1.10.22.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 could allow a remote attacker to obtain sensitive information when a detailed technical…
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2023-47728
|
2024-09-21 19:15 |
2024-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313667
|
5.5 |
MEDIUM
Local
|
ibm
|
cloud_pak_for_security
qradar_suite
|
IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores user credentials in plain clear text which can be read by a local user. IBM X-F…
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2024-25024
|
2024-09-21 19:15 |
2024-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313668
|
6.5 |
MEDIUM
Network
|
ibm
|
db2
|
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) federated server 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query under certain non default con…
|
NVD-CWE-noinfo
|
CVE-2024-35136
|
2024-09-21 19:15 |
2024-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313669
|
6.5 |
MEDIUM
Network
|
ibm
|
db2
|
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to a denial of service, under specific non default configurations, as the server may crash when using a s…
|
CWE-74
Injection
|
CVE-2024-31882
|
2024-09-21 19:15 |
2024-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313670
|
7.5 |
HIGH
Network
|
ibm
|
cloud_pak_for_security
qradar_suite
|
IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 displays sensitive data improperly to a local privileged user, in non default configura…
|
NVD-CWE-noinfo
|
CVE-2024-28799
|
2024-09-21 19:15 |
2024-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
