CVSS: 6.2EPSS: 0%CPEs: 2EXPL: 0CVE-2024-25024 – IBM QRadar Suite Software information disclosure
https://notcve.org/view.php?id=CVE-2024-25024
IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 281430. • https://exchange.xforce.ibmcloud.com/vulnerabilities/281430 https://www.ibm.com/support/pages/node/7165488 •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-35152 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2024-35152
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 could allow an authenticated user to cause a denial of service with a specially crafted query due to improper memory allocation. IBM X-Force ID: 292639. • https://exchange.xforce.ibmcloud.com/vulnerabilities/292639 https://www.ibm.com/support/pages/node/7165342 • CWE-789: Memory Allocation with Excessive Size Value •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50314 – IBM WebSphere Application Server Libery information disclosure
https://notcve.org/view.php?id=CVE-2023-50314
IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.8 could allow an attacker with access to the network to conduct spoofing attacks. An attacker could exploit this vulnerability using a certificate issued by a trusted authority to obtain sensitive information. IBM X-Force ID: 274713. • https://exchange.xforce.ibmcloud.com/vulnerabilities/274713 https://www.ibm.com/support/pages/node/7165502 • CWE-295: Improper Certificate Validation •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2024-27267 – IBM SDK, Java Technology Edition denial of service
https://notcve.org/view.php?id=CVE-2024-27267
The Object Request Broker (ORB) in IBM SDK, Java Technology Edition 7.1.0.0 through 7.1.5.18 and 8.0.0.0 through 8.0.8.26 is vulnerable to remote denial of service, caused by a race condition in the management of ORB listener threads. IBM X-Force ID: 284573. • https://exchange.xforce.ibmcloud.com/vulnerabilities/284573 https://www.ibm.com/support/pages/node/7165421 • CWE-300: Channel Accessible by Non-Endpoint •
CVSS: 5.6EPSS: 0%CPEs: 2EXPL: 0CVE-2024-28799 – IBM QRadar Suite Software information disclosure
https://notcve.org/view.php?id=CVE-2024-28799
IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 displays sensitive data improperly during back-end commands which may result in the unexpected disclosure of this information. IBM X-Force ID: 287173. IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 displays sensitive data improperly to a local user during back-end commands which may result in the unexpected disclosure of this information under certain conditions. IBM X-Force ID: 287173. • https://exchange.xforce.ibmcloud.com/vulnerabilities/287173 https://www.ibm.com/support/pages/node/7165488 • CWE-214: Invocation of Process Using Visible Sensitive Information •