Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-06 | CVE-2024-49791 | Cross-site Scripting vulnerability in IBM Applinx 11.1.0 IBM ApplinX 11.1 is vulnerable to cross-site scripting. | 5.4 |
| 2025-02-06 | CVE-2024-49792 | Cross-site Scripting vulnerability in IBM Applinx 11.1.0 IBM ApplinX 11.1 is vulnerable to cross-site scripting. | 5.4 |
| 2025-02-06 | CVE-2024-49793 | Cross-site Scripting vulnerability in IBM Applinx 11.1.0 IBM ApplinX 11.1 is vulnerable to cross-site scripting. | 5.4 |
| 2025-02-06 | CVE-2024-49794 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Applinx 11.1.0 IBM ApplinX 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 4.3 |
| 2025-02-06 | CVE-2024-49795 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Applinx 11.1.0 IBM ApplinX 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 4.3 |
| 2025-02-06 | CVE-2024-49797 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Applinx 11.1.0 IBM ApplinX 11.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. | 5.9 |
| 2025-02-06 | CVE-2024-49798 | Information Exposure Through an Error Message vulnerability in IBM Applinx 11.1.0 IBM ApplinX 11.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 4.3 |
| 2025-02-06 | CVE-2024-49800 | Cleartext Storage of Sensitive Information vulnerability in IBM Applinx 11.1.0 IBM ApplinX 11.1 stores sensitive information in cleartext in memory that could be obtained by an authenticated user. | 6.5 |
| 2025-01-21 | CVE-2024-45091 | Information Exposure Through Log Files vulnerability in IBM Urbancode Deploy IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.24, 7.1 through 7.1.2.10, and 7.2 through 7.2.3.13 stores potentially sensitive information in log files that could be read by a local user with access to HTTP request logs. | 5.5 |
| 2025-01-08 | CVE-2024-40679 | Information Exposure Through Log Files vulnerability in IBM DB2 11.5 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to an information disclosure vulnerability as sensitive information may be included in a log file under specific conditions. | 5.5 |