CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50953 – IBM InfoSphere Information Server information disclosure
https://notcve.org/view.php?id=CVE-2023-50953
30 Jun 2024 — IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system. ... IBM InfoSphere Information Server 11.7 podría permitir a un atacante remoto obtener información confidencial cuando se devuelve un mensaje de error técnico detallado. • https://exchange.xforce.ibmcloud.com/vulnerabilities/275775 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50954 – IBM InfoSphere Information Server information disclosure
https://notcve.org/view.php?id=CVE-2023-50954
30 Jun 2024 — IBM InfoSphere Information Server 11.7 returns sensitive information in URL information that could be used in further attacks against the system. ... IBM InfoSphere Information Server 11.7 devuelve información confidencial en información URL que podría usarse en futuros ataques contra el sistema. • https://exchange.xforce.ibmcloud.com/vulnerabilities/275776 • CWE-598: Use of GET Request Method With Sensitive Query Strings •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-35119 – IBM InfoSphere Information Server information disclosure
https://notcve.org/view.php?id=CVE-2024-35119
30 Jun 2024 — IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in a stack trace. This information could be used in further attacks against the system. ... IBM InfoSphere Information Server 11.7 podría permitir a un atacante remoto obtener información confidencial cuando se devuelve un mensaje de error técnico detallado en un seguimiento de la pila. • https://exchange.xforce.ibmcloud.com/vulnerabilities/290342 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 4.0EPSS: 0%CPEs: 2EXPL: 0CVE-2022-38383 – IBM Cloud Pak for Security information disclosure
https://notcve.org/view.php?id=CVE-2022-38383
28 Jun 2024 — IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.11.0 and IBM QRadar Software Suite 1.10.12.0 through 1.10.21.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 233673. IBM Cloud Pak for Security (CP4S) 1.10.0.0 a 1.10.11.0 e IBM QRadar Software Suite 1.10.12.0 a 1.10.21.0 permiten almacenar localmente páginas web que pueden ser leídas por otro usuario en el sistema. ID de IBM X-Force: 233673. • https://exchange.xforce.ibmcloud.com/vulnerabilities/233673 • CWE-525: Use of Web Browser Cache Containing Sensitive Information •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2022-27540
https://notcve.org/view.php?id=CVE-2022-27540
28 Jun 2024 — A potential Time-of-Check to Time-of Use (TOCTOU) vulnerability has been identified in the HP BIOS for certain HP PC products, which might allow arbitrary code execution, denial of service, and information disclosure. • https://support.hp.com/us-en/document/ish_10810714-10810745-16/hpsbhf03948 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-38322 – IBM Storage Defender information disclosure
https://notcve.org/view.php?id=CVE-2024-38322
28 Jun 2024 — IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 agent username and password error response discrepancy exposes product to brute force enumeration. IBM X-Force ID: 294869. IBM Storage Defender - Resiliency Service 2.0.0 a 2.0.4 La discrepancia en la respuesta de error de nombre de usuario y contraseña del agente expone el producto a una enumeración de fuerza bruta. ID de IBM X-Force: 294869. • https://exchange.xforce.ibmcloud.com/vulnerabilities/294869 • CWE-204: Observable Response Discrepancy •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-25031 – IBM Storage Defender information disclosure
https://notcve.org/view.php?id=CVE-2024-25031
28 Jun 2024 — IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 uses an inadequate account lockout setting that could allow an attacker on the network to brute force account credentials. IBM X-Force ID: 281678. IBM Storage Defender - Resiliency Service 2.0.0 a 2.0.4 utiliza una configuración de bloqueo de cuenta inadecuada que podría permitir a un atacante en la red utilizar fuerza bruta en las credenciales de la cuenta. ID de IBM X-Force: 281678. • https://exchange.xforce.ibmcloud.com/vulnerabilities/281678 • CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-35156 – IBM MQ information disclosure
https://notcve.org/view.php?id=CVE-2024-35156
28 Jun 2024 — IBM MQ 9.3 LTS and 9.3 CD could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. • https://exchange.xforce.ibmcloud.com/vulnerabilities/292766 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-35155 – IBM MQ information disclosure
https://notcve.org/view.php?id=CVE-2024-35155
28 Jun 2024 — IBM MQ Console 9.3 LTS and 9.3 CD could disclose could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. • https://exchange.xforce.ibmcloud.com/vulnerabilities/292765 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 1CVE-2024-35139 – IBM Security Access Manager Docker information disclosure
https://notcve.org/view.php?id=CVE-2024-35139
28 Jun 2024 — IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain sensitive information from the container due to incorrect default permissions. • https://packetstorm.news/files/id/182466 • CWE-276: Incorrect Default Permissions •