CVSS: 5.3EPSS: %CPEs: 2EXPL: 0CVE-2024-56476 – IBM TXSeries for Multiplatforms information disclosure
https://notcve.org/view.php?id=CVE-2024-56476
02 Apr 2025 — IBM TXSeries for Multiplatforms 9.1 and 11.1 could allow an attacker to enumerate usernames due to an observable login attempt response discrepancy. • https://www.ibm.com/support/pages/node/7229880 • CWE-204: Observable Response Discrepancy •
CVSS: 5.5EPSS: %CPEs: 2EXPL: 0CVE-2024-56475 – IBM TXSeries for Multiplatforms cross-site scripting
https://notcve.org/view.php?id=CVE-2024-56475
02 Apr 2025 — IBM TXSeries for Multiplatforms 9.1 and 11.1 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM TXSeries for Multiplatforms 9.1 and 11.1 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functional... • https://www.ibm.com/support/pages/node/7229880 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.0EPSS: %CPEs: 2EXPL: 0CVE-2024-56474 – IBM TXSeries for Multiplatforms cross-site request forgery
https://notcve.org/view.php?id=CVE-2024-56474
02 Apr 2025 — IBM TXSeries for Multiplatforms 9.1 and 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. • https://www.ibm.com/support/pages/node/7229880 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 5.3EPSS: %CPEs: 2EXPL: 0CVE-2025-0154 – IBM TXSeries for Multiplatforms information disclosure
https://notcve.org/view.php?id=CVE-2025-0154
02 Apr 2025 — IBM TXSeries for Multiplatforms 9.1 and 11.1 could disclose sensitive information to a remote attacker due to improper neutralization of HTTP headers. • https://www.ibm.com/support/pages/node/7229880 • CWE-644: Improper Neutralization of HTTP Headers for Scripting Syntax •
CVSS: 5.5EPSS: %CPEs: 1EXPL: 0CVE-2024-56341 – IBM Content Navigator cross-site scripting
https://notcve.org/view.php?id=CVE-2024-56341
02 Apr 2025 — IBM Content Navigator 3.0.11, 3.0.15, and 3.1.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. • https://www.ibm.com/support/pages/node/7229839 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.8EPSS: %CPEs: 1EXPL: 0CVE-2024-25051 – IBM Jazz Reporting Service insufficient session expiration
https://notcve.org/view.php?id=CVE-2024-25051
02 Apr 2025 — IBM Jazz Reporting Service 7.0.2 and 7.0.3 does not invalidate session after logout which could allow an authenticated privileged user to impersonate another user on the system. • https://www.ibm.com/support/pages/node/7229760 • CWE-613: Insufficient Session Expiration •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-55895 – IBM InfoSphere Information Server information disclosure
https://notcve.org/view.php?id=CVE-2024-55895
29 Mar 2025 — IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. • https://www.ibm.com/support/pages/node/7185450 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-51477 – IBM InfoSphere Information Server information disclosure
https://notcve.org/view.php?id=CVE-2024-51477
28 Mar 2025 — IBM InfoSphere Information Server 11.7 could allow an authenticated to obtain sensitive username information due to an observable response discrepancy. • https://www.ibm.com/support/pages/node/7185058 • CWE-203: Observable Discrepancy •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7577 – IBM InfoSphere Information Server information disclosure
https://notcve.org/view.php?id=CVE-2024-7577
28 Mar 2025 — IBM InfoSphere Information Server 11.7 could disclose sensitive user credentials from log files during new installation of the product. • https://www.ibm.com/support/pages/node/7185020 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-43186 – IBM InfoSphere Information Server information disclosure
https://notcve.org/view.php?id=CVE-2024-43186
28 Mar 2025 — IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information that is stored locally under certain conditions. • https://www.ibm.com/support/pages/node/7184980 • CWE-256: Plaintext Storage of a Password •