CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2025-33118 – IBM QRadar SIEM cross-site scripting
https://notcve.org/view.php?id=CVE-2025-33118
01 Aug 2025 — IBM QRadar SIEM 7.5 through 7.5.0 Update Pack 12 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM QRadar SIEM 7.5 a 7.5.0 Update Pack 12 es vulnerable a Cross-Site Scripting almacenadas. Esta vulnerabilidad permite a los usuarios autenticados incrustar código JavaScript arbitrario en la interfaz web, a... • https://www.ibm.com/support/pages/node/7241303 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-36040 – IBM Aspera Faspex session fixation
https://notcve.org/view.php?id=CVE-2025-36040
30 Jul 2025 — IBM Aspera Faspex 5.0.0 through 5.0.12.1 could allow an authenticated user to perform unauthorized actions due to client-side enforcement of sever side security mechanisms. IBM Aspera Faspex 5.0.0 a 5.0.12.1 podría permitir que un usuario autenticado realice acciones no autorizadas debido a la aplicación del lado del cliente de los mecanismos de seguridad del lado del servidor. • https://www.ibm.com/support/pages/node/7241007 • CWE-613: Insufficient Session Expiration •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-36039 – IBM Aspera Faspex bypass security
https://notcve.org/view.php?id=CVE-2025-36039
30 Jul 2025 — IBM Aspera Faspex 5.0.0 through 5.0.12.1 could allow an authenticated user to perform unauthorized actions due to client-side enforcement of sever side security mechanisms, IBM Aspera Faspex 5.0.0 a 5.0.12.1 podría permitir que un usuario autenticado realice acciones no autorizadas debido a la aplicación del lado del cliente de los mecanismos de seguridad del lado del servidor. • https://www.ibm.com/support/pages/node/7241007 • CWE-602: Client-Side Enforcement of Server-Side Security •
CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-49828 – IBM Db2 for Linux, UNIX and Windows denial of service
https://notcve.org/view.php?id=CVE-2024-49828
29 Jul 2025 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5.0.0 through 10.5.0.11, 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.2 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query. IBM Db2 para Linux, UNIX y Windows (incluye Db2 Connect Server) 10.5.0.0 a 10.5.0.11, 11.1.0 a 11.1.4.7, 11.5.0 a 11.5.9 y 12.1.0 a 12.1.2 es vulnerable a una denegación de servicio, ya que el servidor puede bloquearse en dete... • https://www.ibm.com/support/pages/node/7240945 • CWE-121: Stack-based Buffer Overflow •
CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-51473 – IBM Db2 for Linux, UNIX and Windows denial of service
https://notcve.org/view.php?id=CVE-2024-51473
29 Jul 2025 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5.0.0 through 10.5.0.11, 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.2 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query. IBM Db2 para Linux, UNIX y Windows (incluye Db2 Connect Server) 10.5.0.0 a 10.5.0.11, 11.1.0 a 11.1.4.7, 11.5.0 a 11.5.9 y 12.1.0 a 12.1.2 es vulnerable a una denegación de servicio, ya que el servidor puede bloquearse en dete... • https://www.ibm.com/support/pages/node/7240944 • CWE-121: Stack-based Buffer Overflow •
CVSS: 6.1EPSS: 0%CPEs: 12EXPL: 0CVE-2024-52894 – IBM Db2 for Linux, UNIX and Windows denial of service
https://notcve.org/view.php?id=CVE-2024-52894
29 Jul 2025 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5.0.0 through 10.5.0.11, 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.2 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query. IBM Db2 para Linux, UNIX y Windows (incluye Db2 Connect Server) 10.5.0.0 a 10.5.0.11, 11.1.0 a 11.1.4.7, 11.5.0 a 11.5.9 y 12.1.0 a 12.1.2 es vulnerable a una denegación de servicio, ya que el servidor puede bloquearse en dete... • https://www.ibm.com/support/pages/node/7240953 • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-33114 – IBM Db2 for Linux denial of service
https://notcve.org/view.php?id=CVE-2025-33114
29 Jul 2025 — IBM Db2 for Linux 12.1.0, 12.1.1, and 12.1.2 is vulnerable to denial of service with a specially crafted query under certain non-default conditions. IBM Db2 para Linux 12.1.0, 12.1.1 y 12.1.2 es vulnerable a la denegación de servicio con una consulta especialmente manipulada en determinadas condiciones no predeterminadas. • https://www.ibm.com/support/pages/node/7240943 • CWE-943: Improper Neutralization of Special Elements in Data Query Logic •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-33092 – IBM Db2 for Linux code execution
https://notcve.org/view.php?id=CVE-2025-33092
29 Jul 2025 — IBM Db2 for Linux 12.1.0, 12.1.1, and 12.1.2 is vulnerable to a stack-based buffer overflow in db2fm, caused by improper bounds checking. A local user could overflow the buffer and execute arbitrary code on the system. IBM Db2 para Linux 12.1.0, 12.1.1 y 12.1.2 es vulnerable a un desbordamiento de búfer basado en la pila en db2fm, causado por una comprobación incorrecta de los límites. Un usuario local podría desbordar el búfer y ejecutar código arbitrario en el sistema. • https://www.ibm.com/support/pages/node/7240940 • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2025-36071 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2025-36071
29 Jul 2025 — IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 through 11.5.9 and 12.1.0 through 12.1.2 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query due to improper release of memory resources. IBM Db2 para Linux, UNIX y Windows (incluye DB2 Connect Server) 11.5.0 a 11.5.9 y 12.1.0 a 12.1.2 es vulnerable a una denegación de servicio ya que el servidor puede bloquearse en determinadas condiciones con una consulta especialmente ... • https://www.ibm.com/support/pages/node/7240955 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-36010 – IBM Db2 for Linux denial of service
https://notcve.org/view.php?id=CVE-2025-36010
29 Jul 2025 — IBM Db2 for Linux 12.1.0, 12.1.1, and 12.1.2 could allow an unauthenticated user to cause a denial of service due to executable segments that are waiting for each other to release a necessary lock. IBM Db2 para Linux 12.1.0, 12.1.1 y 12.1.2 podrían permitir que un usuario no autenticado provoque una denegación de servicio debido a segmentos ejecutables que están esperando que otros liberen un bloqueo necesario. • https://www.ibm.com/support/pages/node/7240951 • CWE-833: Deadlock •