Vulnerabilities > IBM
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-01-06 | CVE-2024-31913 | Cross-site Scripting vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2 is vulnerable to stored cross-site scripting. | 5.4 |
| 2024-12-25 | CVE-2024-39725 | Information Exposure Through an Error Message vulnerability in IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2/7.0.3 IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2 and 7.0.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 5.3 |
| 2024-12-25 | CVE-2024-39727 | Unspecified vulnerability in IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2/7.0.3 IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2 and 7.0.3 uses a web link with untrusted references to an external site. | 9.8 |
| 2024-12-19 | CVE-2024-49336 | Unspecified vulnerability in IBM Security Guardium 11.5 IBM Security Guardium 11.5 and 12.0 is vulnerable to server-side request forgery (SSRF). | 5.4 |
| 2024-12-19 | CVE-2023-30443 | Allocation of Resources Without Limits or Throttling vulnerability in IBM DB2 10.5/11.1/11.5 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query. | 6.5 |
| 2024-12-19 | CVE-2024-35141 | Unspecified vulnerability in IBM Security Verify Access Docker IBM Security Verify Access Docker 10.0.0 through 10.0.6 could allow a local user to escalate their privileges due to execution of unnecessary privileges. | 7.8 |
| 2024-12-18 | CVE-2024-25042 | Cross-site Scripting vulnerability in IBM Cognos Analytics IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 is potentially vulnerable to Cross Site Scripting (XSS). | 6.1 |
| 2024-12-18 | CVE-2024-41752 | Cross-site Scripting vulnerability in IBM Cognos Analytics IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 is vulnerable to HTML injection. | 6.1 |
| 2024-12-18 | CVE-2024-45082 | Open Redirect vulnerability in IBM Cognos Analytics IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 5.2 |
| 2024-12-17 | CVE-2024-49816 | Information Exposure Through Log Files vulnerability in IBM Security Guardium KEY Lifecycle Manager IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 stores potentially sensitive information in log files that could be read by a local privileged user. | 4.4 |