Vulnerabilities > IBM
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-20 | CVE-2024-43196 | Improper Following of a Certificate's Chain of Trust vulnerability in IBM Openpages With Watson 9.0 IBM OpenPages with Watson 8.3 and 9.0 application could allow an authenticated user to manipulate data in the Questionnaires application allowing the user to spoof other users' responses. | 4.3 |
| 2025-02-20 | CVE-2024-49355 | Improper Output Neutralization for Logs vulnerability in IBM Openpages With Watson 9.0 IBM OpenPages with Watson 8.3 and 9.0 may write improperly neutralized data to server log files when the tracing is enabled per the System Tracing feature. | 6.5 |
| 2025-02-20 | CVE-2024-49780 | Unspecified vulnerability in IBM Openpages With Watson 9.0 IBM OpenPages with Watson 8.3 and 9.0 IBM OpenPages could allow a remote attacker to traverse directories on the system. | 6.5 |
| 2025-02-20 | CVE-2024-49782 | Improper Validation of Certificate with Host Mismatch vulnerability in IBM Openpages With Watson 9.0 IBM OpenPages with Watson 8.3 and 9.0 could allow a remote attacker to spoof mail server identity when using SSL/TLS security. | 8.2 |
| 2025-02-06 | CVE-2024-49791 | Cross-site Scripting vulnerability in IBM Applinx 11.1.0 IBM ApplinX 11.1 is vulnerable to cross-site scripting. | 5.4 |
| 2025-02-06 | CVE-2024-49792 | Cross-site Scripting vulnerability in IBM Applinx 11.1.0 IBM ApplinX 11.1 is vulnerable to cross-site scripting. | 5.4 |
| 2025-02-06 | CVE-2024-49793 | Cross-site Scripting vulnerability in IBM Applinx 11.1.0 IBM ApplinX 11.1 is vulnerable to cross-site scripting. | 5.4 |
| 2025-02-06 | CVE-2024-49794 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Applinx 11.1.0 IBM ApplinX 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 4.3 |
| 2025-02-06 | CVE-2024-49795 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Applinx 11.1.0 IBM ApplinX 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 4.3 |
| 2025-02-06 | CVE-2024-49797 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Applinx 11.1.0 IBM ApplinX 11.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. | 5.9 |