Vulnerabilities > IBM
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-16 | CVE-2024-38315 | Insufficient Session Expiration vulnerability in IBM Aspera Shares 1.10.0/1.9.14 IBM Aspera Shares 1.0 through 1.10.0 PL3 does not invalidate session after a password reset which could allow an authenticated user to impersonate another user on the system. | 6.5 |
| 2024-09-13 | CVE-2024-43180 | Cleartext Transmission of Sensitive Information vulnerability in IBM Concert 1.0 IBM Concert 1.0 does not set the secure attribute on authorization tokens or session cookies. | 4.3 |
| 2024-09-10 | CVE-2024-27257 | Unspecified vulnerability in IBM Openpages GRC Platform and Openpages With Watson IBM OpenPages 8.3 and 9.0 potentially exposes information about client-side source code through use of JavaScript source maps to unauthorized users. | 4.3 |
| 2024-09-07 | CVE-2024-37068 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Maximo Application Suite 8.10/8.11/9.0 IBM Maximo Application Suite - Manage Component 8.10, 8.11, and 9.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information using man in the middle techniques. | 7.5 |
| 2024-09-07 | CVE-2024-40680 | Allocation of Resources Without Limits or Throttling vulnerability in IBM MQ Operator 2.0.26/3.2.4 IBM MQ 9.3 CD and 9.4 LTS/CD could allow a local user to cause a denial of service due to improper memory allocation causing a segmentation fault. | 5.5 |
| 2024-09-05 | CVE-2024-45096 | Unspecified vulnerability in IBM Aspera Faspex IBM Aspera Faspex 5.0.0 through 5.0.9 could allow a user with access to the package to obtain sensitive information through a directory listing. | 6.5 |
| 2024-09-05 | CVE-2024-45097 | Interpretation Conflict vulnerability in IBM Aspera Faspex IBM Aspera Faspex 5.0.0 through 5.0.9 could allow a user to bypass intended access restrictions and conduct resource modification. | 7.1 |
| 2024-09-05 | CVE-2024-45098 | Unspecified vulnerability in IBM Aspera Faspex IBM Aspera Faspex 5.0.0 through 5.0.9 could allow a user to bypass intended access restrictions and conduct resource modification. | 8.1 |
| 2024-09-04 | CVE-2024-45074 | Path Traversal vulnerability in IBM Webmethods Integration 10.15 IBM webMethods Integration 10.15 could allow an authenticated user to traverse directories on the system. | 6.5 |
| 2024-09-04 | CVE-2024-45075 | Unspecified vulnerability in IBM Webmethods Integration 10.15 IBM webMethods Integration 10.15 could allow an authenticated user to create scheduler tasks that would allow them to escalate their privileges to administrator due to missing authentication. | 8.8 |