Vulnerabilities > IBM > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-07-14 | CVE-2024-39734 | Reliance on Cookies without Validation and Integrity Checking vulnerability in IBM Datacap IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 does not set the secure attribute on authorization tokens or session cookies. | 4.3 |
2024-07-12 | CVE-2024-40690 | Unspecified vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Server 11.7 is vulnerable to cross-site scripting. | 5.4 |
2024-07-10 | CVE-2023-33859 | Unspecified vulnerability in IBM Security Qradar EDR 3.12 IBM Security QRadar EDR 3.12 could disclose sensitive information due to an observable login response discrepancy. | 5.3 |
2024-07-10 | CVE-2023-33860 | Unspecified vulnerability in IBM Security Qradar EDR 3.12 IBM Security QRadar EDR 3.12 does not set the secure attribute on authorization tokens or session cookies. | 5.3 |
2024-07-10 | CVE-2023-35006 | Cross-site Scripting vulnerability in IBM Security Qradar EDR 3.12 IBM Security QRadar EDR 3.12 is vulnerable to HTML injection. | 5.4 |
2024-07-08 | CVE-2024-31897 | Unspecified vulnerability in IBM Cloud PAK for Business Automation IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, 22.0.2, 23.0.1, and 23.0.2 vulnerable to server-side request forgery (SSRF). | 4.3 |
2024-07-08 | CVE-2024-37528 | Unspecified vulnerability in IBM Cloud PAK for Business Automation IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, 22.0.2, 23.0.1, and 23.0.2 is vulnerable to cross-site scripting. | 5.4 |
2024-07-08 | CVE-2024-39723 | Improper Authentication vulnerability in IBM Storage Virtualize 8.6 IBM FlashSystem 5300 USB ports may be usable even if the port has been disabled by the administrator. | 4.6 |
2024-06-30 | CVE-2023-50964 | Unspecified vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. | 5.4 |
2024-06-30 | CVE-2024-28794 | Cross-site Scripting vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. | 5.4 |