Vulnerabilities > IBM > Medium

DATE CVE VULNERABILITY TITLE RISK
2025-02-05 CVE-2024-38316 Unspecified vulnerability in IBM Aspera Shares 1.10.0/1.9.14/1.9.15
IBM Aspera Shares 1.9.0 through 1.10.0 PL6 does not properly rate limit the frequency that an authenticated user can send emails, which could result in email flooding or a denial of service.
network
low complexity
ibm
6.5
6.5
2025-02-05 CVE-2024-38318 Cross-site Scripting vulnerability in IBM Aspera Shares 1.10.0/1.9.14/1.9.15
IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to HTML injection.
network
low complexity
ibm CWE-79
6.1
6.1
2025-02-05 CVE-2024-56472 Unspecified vulnerability in IBM Aspera Shares 1.10.0/1.9.14/1.9.15
IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to stored cross-site scripting.
network
low complexity
ibm
5.4
5.4
2025-01-31 CVE-2024-40696 Cross-site Scripting vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 Standard Edition is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2025-01-31 CVE-2024-45089 Information Exposure Through Discrepancy vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 Standard Edition EBICS server could allow an authenticated user to obtain sensitive filename information due to an observable discrepancy.
network
low complexity
ibm CWE-203
4.3
4.3
2025-01-31 CVE-2024-47103 Cross-site Scripting vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 Standard Edition is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2025-01-31 CVE-2024-47116 Cross-site Scripting vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 Standard Edition is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2025-01-31 CVE-2024-49807 Cross-site Scripting vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 Standard Edition is vulnerable to stored cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2025-01-29 CVE-2023-37412 Execution with Unnecessary Privileges vulnerability in IBM Aspera Faspex
IBM Aspera Faspex 5.0.0 through 5.0.10 could allow a privileged user to make system changes without proper access controls.
network
low complexity
ibm CWE-250
4.9
4.9
2025-01-29 CVE-2023-37413 Response Discrepancy Information Exposure vulnerability in IBM Aspera Faspex
IBM Aspera Faspex 5.0.0 through 5.0.10 could disclose sensitive username information due to an observable response discrepancy.
network
low complexity
ibm CWE-204
5.3
5.3