CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-52296 – IBM Db2 for Linux, UNIX and Windows denial of service
https://notcve.org/view.php?id=CVE-2023-52296
IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to denial of service when querying a specific UDF built-in function concurrently. IBM X-Force ID: 278547. IBM DB2 para Linux, UNIX y Windows (incluye Db2 Connect Server) 11.5 es vulnerable a la denegación de servicio cuando se consulta una función integrada UDF específica de forma simultánea. ID de IBM X-Force: 278547. • https://https://exchange.xforce.ibmcloud.com/vulnerabilities/278547 https://security.netapp.com/advisory/ntap-20240517-0003 https://www.ibm.com/support/pages/node/7145722 • CWE-20: Improper Input Validation •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-25030
https://notcve.org/view.php?id=CVE-2024-25030
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 281677. IBM Db2 para Linux, UNIX y Windows (incluye Db2 Connect Server) 11.1 almacena información potencialmente confidencial en archivos de registro que un usuario local podría leer. ID de IBM X-Force: 281677. • https://https://exchange.xforce.ibmcloud.com/vulnerabilities/281677 https://security.netapp.com/advisory/ntap-20240517-0006 https://www.ibm.com/support/pages/node/7145725 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 6.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-28782 – IBM QRadar Suite Software information disclosure
https://notcve.org/view.php?id=CVE-2024-28782
IBM QRadar Suite Software 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores user credentials in plain clear text which can be read by an authenticated user. IBM X-Force ID: 285698. IBM QRadar Suite Software 1.10.12.0 a 1.10.18.0 e IBM Cloud Pak for Security 1.10.0.0 a 1.10.11.0 almacenan las credenciales de usuario en texto sin formato que puede ser leído por un usuario autenticado. ID de IBM X-Force: 285698. • https://exchange.xforce.ibmcloud.com/vulnerabilities/285698 https://www.ibm.com/support/pages/node/7145683 • CWE-256: Plaintext Storage of a Password •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-50313 – IBM WebSphere Application Server information disclosure
https://notcve.org/view.php?id=CVE-2023-50313
IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security for outbound TLS connections caused by a failure to honor user configuration. IBM X-Force ID: 274812. IBM WebSphere Application Server 8.5 y 9.0 podría proporcionar una seguridad más débil de lo esperado para las conexiones TLS salientes causadas por una falla al respetar la configuración del usuario. ID de IBM X-Force: 274812. • https://exchange.xforce.ibmcloud.com/vulnerabilities/274812 https://www.ibm.com/support/pages/node/7145620 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0CVE-2023-50311 – IBM CICS Transaction Gateway for Multiplatforms information disclosure
https://notcve.org/view.php?id=CVE-2023-50311
IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3 transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval. IBM X-Force ID: 273612. IBM CICS Transaction Gateway for Multiplatforms 9.2 y 9.3 transmite o almacena credenciales de autenticación, pero utiliza un método inseguro que es susceptible de interceptación y/o recuperación no autorizada. ID de IBM X-Force: 273612. IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3 could disclose sensitive path information to an attacker that could reveal through debugging or error messages. • https://exchange.xforce.ibmcloud.com/vulnerabilities/273612 https://https://www.ibm.com/support/pages/node/7145418 • CWE-522: Insufficiently Protected Credentials •