Vulnerabilities > IBM

DATE CVE VULNERABILITY TITLE RISK
2024-06-30 CVE-2024-35119 Unspecified vulnerability in IBM Infosphere Information Server 11.7
IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in a stack trace.
network
low complexity
ibm
5.3
2024-06-30 CVE-2023-35022 Unspecified vulnerability in IBM Infosphere Information Server 11.7
IBM InfoSphere Information Server 11.7 could allow a local user to update projects that they do not have the authorization to access.
local
low complexity
ibm
3.3
2024-06-30 CVE-2024-28795 Unspecified vulnerability in IBM Infosphere Information Server 11.7
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting.
network
low complexity
ibm
5.4
2024-06-28 CVE-2022-38383 Unspecified vulnerability in IBM Cloud PAK for Security and Qradar Suite
IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.11.0 and IBM QRadar Software Suite 1.10.12.0 through 1.10.21.0 allows web pages to be stored locally which can be read by another user on the system.
local
low complexity
ibm
3.3
2024-06-28 CVE-2024-25031 Unspecified vulnerability in IBM Storage Defender 2.0.0/2.0.4
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 uses an inadequate account lockout setting that could allow an attacker on the network to brute force account credentials.
low complexity
ibm
6.5
2024-06-28 CVE-2024-25041 Unspecified vulnerability in IBM Cognos Analytics
IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, and 12.0.2 is potentially vulnerable to cross site scripting (XSS).
network
low complexity
ibm
5.4
2024-06-28 CVE-2024-25053 Unspecified vulnerability in IBM Cognos Analytics
IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, and 12.0.2 is vulnerable to improper certificate validation when using the IBM Planning Analytics Data Source Connection.
network
high complexity
ibm
5.9
2024-06-28 CVE-2024-35116 Allocation of Resources Without Limits or Throttling vulnerability in IBM MQ
IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS, and 9.3 CD is vulnerable to a denial of service attack caused by an error applying configuration changes.
network
low complexity
ibm CWE-770
7.5
2024-06-28 CVE-2024-35156 Unspecified vulnerability in IBM MQ
IBM MQ 9.3 LTS and 9.3 CD could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.
network
low complexity
ibm
6.5
2024-06-28 CVE-2024-38322 Information Exposure Through Discrepancy vulnerability in IBM Storage Defender Resiliency Service
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 agent username and password error response discrepancy exposes product to brute force enumeration.
network
low complexity
ibm CWE-203
7.5