Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-05-24 | CVE-2023-47710 | Unspecified vulnerability in IBM Security Guardium 11.4/11.5/12.0 IBM Security Guardium 11.4, 11.5, and 12.0 is vulnerable to cross-site scripting. | 5.4 |
| 2024-05-22 | CVE-2024-31894 | Operation on a Resource after Expiration or Release vulnerability in IBM APP Connect Enterprise IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain sensitive user information using an expired access token. | 4.3 |
| 2024-05-22 | CVE-2024-31895 | Operation on a Resource after Expiration or Release vulnerability in IBM APP Connect Enterprise IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain sensitive user information using an expired access token. | 6.5 |
| 2024-05-22 | CVE-2024-31893 | Operation on a Resource after Expiration or Release vulnerability in IBM APP Connect Enterprise IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain sensitive calendar information using an expired access token. | 4.3 |
| 2024-05-22 | CVE-2024-31904 | Unspecified vulnerability in IBM APP Connect Enterprise IBM App Connect Enterprise 11.0.0.1 through 11.0.0.25 and 12.0.1.0 through 12.0.12.0 integration nodes could allow an authenticated user to cause a denial of service due to an uncaught exception. | 6.5 |
| 2024-05-14 | CVE-2024-28760 | Allocation of Resources Without Limits or Throttling vulnerability in IBM APP Connect Enterprise IBM App Connect Enterprise 11.0.0.1 through 11.0.0.25 and 12.0.1.0 through 12.0.12.0 dashboard is vulnerable to a denial of service due to improper restrictions of resource allocation. | 4.3 |
| 2024-05-14 | CVE-2024-28761 | Cross-site Scripting vulnerability in IBM APP Connect Enterprise IBM App Connect Enterprise 11.0.0.1 through 11.0.0.25 and 12.0.1.0 through 12.0.12.0 is vulnerable to HTML injection. | 5.4 |
| 2024-05-14 | CVE-2024-28781 | Unspecified vulnerability in IBM Urbancode Deploy IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4, and 8.0 through 8.0.0.1 is vulnerable to cross-site scripting. | 5.4 |
| 2024-05-14 | CVE-2024-22344 | Cross-site Scripting vulnerability in IBM Txseries for Multiplatform 8.2 IBM TXSeries for Multiplatforms 8.2 is vulnerable to HTML injection. | 6.1 |
| 2024-05-14 | CVE-2023-47711 | Unspecified vulnerability in IBM Security Guardium IBM Security Guardium 11.3, 11.4, 11.5, and 12.0 could allow an authenticated user to upload files that would cause a denial of service. | 6.5 |