CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-54173 – IBM MQ information disclosure
https://notcve.org/view.php?id=CVE-2024-54173
28 Feb 2025 — IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD reveals potentially sensitive information in trace files that could be read by a local user when webconsole trace is enabled. • https://www.ibm.com/support/pages/node/7183370 • CWE-1323: Improper Management of Sensitive Trace Data •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0975 – IBM MQ code execution
https://notcve.org/view.php?id=CVE-2025-0975
28 Feb 2025 — IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD console could allow an authenticated user to execute code due to improper neutralization of escape characters. • https://www.ibm.com/support/pages/node/7183467 • CWE-150: Improper Neutralization of Escape, Meta, or Control Sequences •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-54170 – IBM EntireX denial of service
https://notcve.org/view.php?id=CVE-2024-54170
27 Feb 2025 — IBM EntireX 11.1 could allow a local user to cause a denial of service due to use of a regular expression with an inefficient complexity that consumes excessive CPU cycles. IBM EntireX 11.1 could allow a local user to cause a denial of service due to use of a regular expression with an inefficient complexity that consumes excessive CPU cycles. • https://www.ibm.com/support/pages/node/7184194 • CWE-1333: Inefficient Regular Expression Complexity •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-54169 – IBM EntireX path traversal
https://notcve.org/view.php?id=CVE-2024-54169
27 Feb 2025 — IBM EntireX 11.1 could allow an authenticated attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM EntireX 11.1 could allow an authenticated attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. • https://www.ibm.com/support/pages/node/7184194 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0759 – IBM EntireX race condition
https://notcve.org/view.php?id=CVE-2025-0759
27 Feb 2025 — IBM EntireX 11.1 could allow a local user to unintentionally modify data timestamp integrity due to improper shared resource synchronization. • https://www.ibm.com/support/pages/node/7184194 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-56810 – IBM EntireX information disclosure
https://notcve.org/view.php?id=CVE-2024-56810
27 Feb 2025 — IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system. • https://www.ibm.com/support/pages/node/7184194 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-56496 – IBM EntireX information disclosure
https://notcve.org/view.php?id=CVE-2024-56496
27 Feb 2025 — IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system. • https://www.ibm.com/support/pages/node/7184194 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-56495 – IBM EntireX information disclosure
https://notcve.org/view.php?id=CVE-2024-56495
27 Feb 2025 — IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system. • https://www.ibm.com/support/pages/node/7184194 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-56811 – IBM EntireX information disclosure
https://notcve.org/view.php?id=CVE-2024-56811
27 Feb 2025 — IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system. • https://www.ibm.com/support/pages/node/7184194 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-56493 – IBM EntireX information disclosure
https://notcve.org/view.php?id=CVE-2024-56493
27 Feb 2025 — IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system. • https://www.ibm.com/support/pages/node/7184194 • CWE-209: Generation of Error Message Containing Sensitive Information •