Page 6 of 468 results (0.011 seconds)

CVSS: 3.7EPSS: 0%CPEs: 12EXPL: 0

IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 could transmit sensitive information in query parameters that could be intercepted using man in the middle techniques. IBM X-Force ID: 257105. • https://exchange.xforce.ibmcloud.com/vulnerabilities/257105 https://www.ibm.com/support/pages/node/7001687 https://www.ibm.com/support/pages/node/7001695 https://www.ibm.com/support/pages/node/7001697 • CWE-311: Missing Encryption of Sensitive Data •

CVSS: 6.5EPSS: 0%CPEs: 12EXPL: 0

IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 could allow a privileged user to obtain highly sensitive information by enabling debug mode. IBM X-Force ID: 257104. • https://exchange.xforce.ibmcloud.com/vulnerabilities/257104 https://www.ibm.com/support/pages/node/7001647 https://www.ibm.com/support/pages/node/7001681 https://www.ibm.com/support/pages/node/7001683 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.5EPSS: 0%CPEs: 13EXPL: 0

IBM MQ 8.0, 9.0, 9.1, 9.2, and 9.3 could disclose sensitive user information from a trace file if that functionality has been enabled. IBM X-Force ID: 251358. • https://exchange.xforce.ibmcloud.com/vulnerabilities/251358 https://https://www.ibm.com/support/pages/node/6985837 •

CVSS: 6.2EPSS: 0%CPEs: 10EXPL: 0

IBM MQ 8.0, 9.0, and 9.1 could allow a local user to obtain sensitive credential information when a detailed technical error message is returned in a stack trace. IBM X-Force ID: 250398. • https://exchange.xforce.ibmcloud.com/vulnerabilities/250398 https://www.ibm.com/support/pages/node/6985835 • CWE-209: Generation of Error Message Containing Sensitive Information •

CVSS: 5.4EPSS: 0%CPEs: 8EXPL: 0

IBM WebSphere Application Server 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 248416. • https://exchange.xforce.ibmcloud.com/vulnerabilities/248416 https://www.ibm.com/support/pages/node/6964836 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •