CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-35119 – IBM InfoSphere Information Server information disclosure
https://notcve.org/view.php?id=CVE-2024-35119
IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in a stack trace. This information could be used in further attacks against the system. ... IBM InfoSphere Information Server 11.7 podría permitir a un atacante remoto obtener información confidencial cuando se devuelve un mensaje de error técnico detallado en un seguimiento de la pila. • https://exchange.xforce.ibmcloud.com/vulnerabilities/290342 https://www.ibm.com/support/pages/node/7159052 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28798 – IBM InfoSphere Information Server cross-site scripting
https://notcve.org/view.php?id=CVE-2024-28798
IBM InfoSphere Information Server 11.7 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. ... IBM InfoSphere Information Server 11.7 es vulnerable a cross site scripting almacenado. • https://exchange.xforce.ibmcloud.com/vulnerabilities/287172 https://www.ibm.com/support/pages/node/7158439 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28795 – IBM InfoSphere Information Server cross-site scripting
https://notcve.org/view.php?id=CVE-2024-28795
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. ... IBM InfoSphere Information Server 11.7 es vulnerable a cross site scripting. • https://exchange.xforce.ibmcloud.com/vulnerabilities/286832 https://www.ibm.com/support/pages/node/7158408 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.0EPSS: 0%CPEs: 2EXPL: 0CVE-2022-38383 – IBM Cloud Pak for Security information disclosure
https://notcve.org/view.php?id=CVE-2022-38383
IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.11.0 and IBM QRadar Software Suite 1.10.12.0 through 1.10.21.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 233673. IBM Cloud Pak for Security (CP4S) 1.10.0.0 a 1.10.11.0 e IBM QRadar Software Suite 1.10.12.0 a 1.10.21.0 permiten almacenar localmente páginas web que pueden ser leídas por otro usuario en el sistema. ID de IBM X-Force: 233673. • https://exchange.xforce.ibmcloud.com/vulnerabilities/233673 https://www.ibm.com/support/pages/node/7158986 • CWE-525: Use of Web Browser Cache Containing Sensitive Information •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2022-27540
https://notcve.org/view.php?id=CVE-2022-27540
A potential Time-of-Check to Time-of Use (TOCTOU) vulnerability has been identified in the HP BIOS for certain HP PC products, which might allow arbitrary code execution, denial of service, and information disclosure. • https://support.hp.com/us-en/document/ish_10810714-10810745-16/hpsbhf03948 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •