Vulnerabilities > IBM

DATE CVE VULNERABILITY TITLE RISK
2024-05-30 CVE-2022-43384 Unspecified vulnerability in IBM Aspera Console 3.4.0/3.4.1/3.4.2
IBM Aspera Console 3.4.0 through 3.4.2 PL5 is vulnerable to cross-site scripting.
network
low complexity
ibm
5.4
5.4
2024-05-30 CVE-2022-43575 Unspecified vulnerability in IBM Aspera Console 3.4.0/3.4.1/3.4.2
IBM Aspera Console 3.4.0 through 3.4.2 PL5 is vulnerable to cross-site scripting.
network
low complexity
ibm
5.4
5.4
2024-05-30 CVE-2022-43841 Unspecified vulnerability in IBM Aspera Console 3.4.0/3.4.1/3.4.2
IBM Aspera Console 3.4.0 through 3.4.2 PL9 allows web pages to be stored locally which can be read by another user on the system.
local
low complexity
ibm
3.3
3.3
2024-05-28 CVE-2023-37411 Unspecified vulnerability in IBM Aspera Faspex
IBM Aspera Faspex 5.0.0 through 5.0.6 is vulnerable to cross-site scripting.
network
low complexity
ibm
5.4
5.4
2024-05-24 CVE-2023-47710 Unspecified vulnerability in IBM Security Guardium 11.4/11.5/12.0
IBM Security Guardium 11.4, 11.5, and 12.0 is vulnerable to cross-site scripting.
network
low complexity
ibm
5.4
5.4
2024-05-22 CVE-2024-31894 Operation on a Resource after Expiration or Release vulnerability in IBM APP Connect Enterprise
IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain sensitive user information using an expired access token.
network
low complexity
ibm CWE-672
4.3
4.3
2024-05-22 CVE-2024-31895 Operation on a Resource after Expiration or Release vulnerability in IBM APP Connect Enterprise
IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain sensitive user information using an expired access token.
network
low complexity
ibm CWE-672
6.5
6.5
2024-05-22 CVE-2024-31893 Operation on a Resource after Expiration or Release vulnerability in IBM APP Connect Enterprise
IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain sensitive calendar information using an expired access token.
network
low complexity
ibm CWE-672
4.3
4.3
2024-05-22 CVE-2024-31904 Unspecified vulnerability in IBM APP Connect Enterprise
IBM App Connect Enterprise 11.0.0.1 through 11.0.0.25 and 12.0.1.0 through 12.0.12.0 integration nodes could allow an authenticated user to cause a denial of service due to an uncaught exception.
network
low complexity
ibm
6.5
6.5
2024-05-14 CVE-2024-28760 Allocation of Resources Without Limits or Throttling vulnerability in IBM APP Connect Enterprise
IBM App Connect Enterprise 11.0.0.1 through 11.0.0.25 and 12.0.1.0 through 12.0.12.0 dashboard is vulnerable to a denial of service due to improper restrictions of resource allocation.
network
low complexity
ibm CWE-770
4.3
4.3