Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-05-30 | CVE-2022-43575 | Unspecified vulnerability in IBM Aspera Console 3.4.0/3.4.1/3.4.2 IBM Aspera Console 3.4.0 through 3.4.2 PL5 is vulnerable to cross-site scripting. | 5.4 |
| 2024-05-28 | CVE-2023-37411 | Unspecified vulnerability in IBM Aspera Faspex IBM Aspera Faspex 5.0.0 through 5.0.6 is vulnerable to cross-site scripting. | 5.4 |
| 2024-05-28 | CVE-2024-28793 | Unspecified vulnerability in IBM Engineering Workflow Management 7.0.2/7.0.3 IBM Engineering Workflow Management 7.0.2 and 7.0.3 is vulnerable to stored cross-site scripting. | 5.4 |
| 2024-05-24 | CVE-2023-47710 | Unspecified vulnerability in IBM Security Guardium 11.4/11.5/12.0 IBM Security Guardium 11.4, 11.5, and 12.0 is vulnerable to cross-site scripting. | 5.4 |
| 2024-05-22 | CVE-2024-31894 | Operation on a Resource after Expiration or Release vulnerability in IBM APP Connect Enterprise IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain sensitive user information using an expired access token. | 4.3 |
| 2024-05-22 | CVE-2024-31895 | Operation on a Resource after Expiration or Release vulnerability in IBM APP Connect Enterprise IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain sensitive user information using an expired access token. | 6.5 |
| 2024-05-22 | CVE-2024-31893 | Operation on a Resource after Expiration or Release vulnerability in IBM APP Connect Enterprise IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain sensitive calendar information using an expired access token. | 4.3 |
| 2024-05-22 | CVE-2024-31904 | Unspecified vulnerability in IBM APP Connect Enterprise IBM App Connect Enterprise 11.0.0.1 through 11.0.0.25 and 12.0.1.0 through 12.0.12.0 integration nodes could allow an authenticated user to cause a denial of service due to an uncaught exception. | 6.5 |
| 2024-05-14 | CVE-2024-28760 | Allocation of Resources Without Limits or Throttling vulnerability in IBM APP Connect Enterprise IBM App Connect Enterprise 11.0.0.1 through 11.0.0.25 and 12.0.1.0 through 12.0.12.0 dashboard is vulnerable to a denial of service due to improper restrictions of resource allocation. | 4.3 |
| 2024-05-14 | CVE-2024-28761 | Cross-site Scripting vulnerability in IBM APP Connect Enterprise IBM App Connect Enterprise 11.0.0.1 through 11.0.0.25 and 12.0.1.0 through 12.0.12.0 is vulnerable to HTML injection. | 5.4 |