CVSS: 5.6EPSS: 0%CPEs: 2EXPL: 0CVE-2024-45647 – IBM Security Verify Access unverified password change
https://notcve.org/view.php?id=CVE-2024-45647
20 Jan 2025 — IBM Security Verify Access 10.0.0 through 10.0.8 and IBM Security Verify Access Docker 10.0.0 through 10.0.8 could allow could an unverified user to change the password of an expired user without prior knowledge of that password. • https://www.ibm.com/support/pages/node/7176212 • CWE-620: Unverified Password Change •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-41742 – IBM TXSeries for Multiplatforms denial of service
https://notcve.org/view.php?id=CVE-2024-41742
19 Jan 2025 — IBM TXSeries for Multiplatforms 10.1 is vulnerable to a denial of service, caused by improper enforcement of the timeout on individual read operations. By conducting a slowloris-type attacks, a remote attacker could exploit this vulnerability to cause a denial of service. • https://www.ibm.com/support/pages/node/7172103 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-41743 – IBM TXSeries for Multiplatforms denial of service
https://notcve.org/view.php?id=CVE-2024-41743
19 Jan 2025 — IBM TXSeries for Multiplatforms 10.1 could allow a remote attacker to cause a denial of service using persistent connections due to improper allocation of resources. • https://www.ibm.com/support/pages/node/7172103 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-41783 – IBM Sterling Secure Proxy improper input validation
https://notcve.org/view.php?id=CVE-2024-41783
19 Jan 2025 — IBM Sterling Secure Proxy 6.0.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, 6.1.0.0, and 6.2.0.0 could allow a privileged user to inject commands into the underlying operating system due to improper validation of a specified type of input. • https://www.ibm.com/support/pages/node/7176189 •
CVSS: 9.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-38337 – IBM Sterling Secure Proxy improper input validation
https://notcve.org/view.php?id=CVE-2024-38337
19 Jan 2025 — IBM Sterling Secure Proxy 6.0.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, 6.1.0.0, and 6.2.0.0 could allow an unauthorized attacker to retrieve or alter sensitive information contents due to incorrect permission assignments. • https://www.ibm.com/support/pages/node/7179166 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45652 – IBM Maximo Asset Management directory traversal
https://notcve.org/view.php?id=CVE-2024-45652
19 Jan 2025 — IBM Maximo MXAPIASSET API 7.6.1.3 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. • https://www.ibm.com/support/pages/node/7174820 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-45653 – IBM Sterling Connect:Direct Web Services information disclosure
https://notcve.org/view.php?id=CVE-2024-45653
19 Jan 2025 — IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 could disclose sensitive IP address information to authenticated users in responses that could be used in further attacks against the system. • https://www.ibm.com/support/pages/node/7174104 • CWE-201: Insertion of Sensitive Information Into Sent Data •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45654 – IBM Security ReaQta improper input validation
https://notcve.org/view.php?id=CVE-2024-45654
19 Jan 2025 — IBM Security ReaQta 3.12 could allow an authenticated user to perform unauthorized actions due to reliance on untrusted inputs. • https://www.ibm.com/support/pages/node/7175072 • CWE-807: Reliance on Untrusted Inputs in a Security Decision •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-45662 – IBM Safer Payments denial of service
https://notcve.org/view.php?id=CVE-2024-45662
18 Jan 2025 — IBM Safer Payments 6.4.0.00 through 6.4.2.07, 6.5.0.00 through 6.5.0.05, and 6.6.0.00 through 6.6.0.03 could allow a remote attacker to cause a denial of service due to improper allocation of resources. IBM Safer Payments 6.4.0.00 through 6.4.2.07, 6.5.0.00 through 6.5.0.05, and 6.6.0.00 through 6.6.0.03 could allow a remote attacker to cause a denial of service due to improper allocation of resources. • https://www.ibm.com/support/pages/node/7173765 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47106 – IBM Jazz for Service Management information disclosure
https://notcve.org/view.php?id=CVE-2024-47106
18 Jan 2025 — IBM Jazz for Service Management 1.1.3 through 1.1.3.22 could allow a remote attacker to obtain sensitive information from improper access restrictions that could aid in further attacks against the system. • https://www.ibm.com/support/pages/node/7178507 • CWE-552: Files or Directories Accessible to External Parties •