Vulnerabilities > IBM > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-22 | CVE-2024-43173 | Unspecified vulnerability in IBM Concert 1.0.0/1.0.1 IBM Concert 1.0.0 and 1.0.1 vulnerable to attacks that rely on the use of cookies without the SameSite attribute. | 3.7 |
| 2024-07-17 | CVE-2023-42010 | Unspecified vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2 could disclose sensitive information in the HTTP response using man in the middle techniques. | 3.7 |
| 2024-06-30 | CVE-2023-35022 | Unspecified vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Information Server 11.7 could allow a local user to update projects that they do not have the authorization to access. | 3.3 |
| 2024-06-28 | CVE-2022-38383 | Unspecified vulnerability in IBM Cloud PAK for Security and Qradar Suite IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.11.0 and IBM QRadar Software Suite 1.10.12.0 through 1.10.21.0 allows web pages to be stored locally which can be read by another user on the system. | 3.3 |
| 2024-06-15 | CVE-2024-31870 | Information Exposure Through Discrepancy vulnerability in IBM I IBM Db2 for i 7.2, 7.3, 7.4, and 7.5 supplies user defined table function is vulnerable to user enumeration by a local authenticated attacker, without having authority to the related *USRPRF objects. | 3.3 |
| 2024-06-13 | CVE-2024-22333 | Exposure of Resource to Wrong Sphere vulnerability in IBM Maximo Application Suite and Maximo Asset Management IBM Maximo Asset Management 7.6.1.3 and IBM Maximo Application Suite 8.10 and 8.11 allows web pages to be stored locally which can be read by another user on the system. | 3.3 |
| 2024-03-31 | CVE-2023-50311 | Insufficiently Protected Credentials vulnerability in IBM Cics Transaction Gateway 9.2/9.3 IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3 could disclose sensitive path information to an attacker that could reveal through debugging or error messages. | 3.1 |
| 2024-03-22 | CVE-2022-32756 | Information Exposure Through an Error Message vulnerability in IBM Security Verify Directory 10.0.0 IBM Security Verify Directory 10.0.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 2.7 |
| 2024-03-15 | CVE-2023-46181 | Information Exposure Through Browser Caching vulnerability in IBM Sterling Secure Proxy 6.0.3/6.1.0 IBM Sterling Secure Proxy 6.0.3 and 6.1.0 allows web pages to be stored locally which can be read by another user on the system. | 3.3 |
| 2023-08-31 | CVE-2023-33833 | Missing Encryption of Sensitive Data vulnerability in IBM Security Verify Information Queue 10.0.4/10.0.5 IBM Security Verify Information Queue 10.0.4 and 10.0.5 stores sensitive information in plain clear text which can be read by a local user. | 3.3 |