CVE-2024-31905 – IBM QRadar Network Packet Capture information disclosure
https://notcve.org/view.php?id=CVE-2024-31905
IBM QRadar Network Packet Capture 7.5 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 289858. • https://www.ibm.com/support/pages/node/7160961 https://exchange.xforce.ibmcloud.com/vulnerabilities/289858 • CWE-311: Missing Encryption of Sensitive Data •
CVE-2024-40705 – IBM InfoSphere Information Server denial of service
https://notcve.org/view.php?id=CVE-2024-40705
IBM InfoSphere Information Server could allow an authenticated user to consume file space resources due to unrestricted file uploads. IBM X-Force ID: 298279. • https://www.ibm.com/support/pages/node/7160855 https://exchange.xforce.ibmcloud.com/vulnerabilities/298279 • CWE-405: Asymmetric Resource Consumption (Amplification) •
CVE-2024-40704 – IBM InfoSphere Information Server information disclosure
https://notcve.org/view.php?id=CVE-2024-40704
IBM InfoSphere Information Server 11.7 could allow a privileged user to obtain sensitive information from authentication request headers. IBM X-Force ID: 298277. • https://www.ibm.com/support/pages/node/7160853 https://exchange.xforce.ibmcloud.com/vulnerabilities/298277 • CWE-522: Insufficiently Protected Credentials •
CVE-2024-25024 – IBM QRadar Suite Software information disclosure
https://notcve.org/view.php?id=CVE-2024-25024
IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 281430. • https://exchange.xforce.ibmcloud.com/vulnerabilities/281430 https://www.ibm.com/support/pages/node/7165488 •
CVE-2024-35152 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2024-35152
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 could allow an authenticated user to cause a denial of service with a specially crafted query due to improper memory allocation. IBM X-Force ID: 292639. • https://exchange.xforce.ibmcloud.com/vulnerabilities/292639 https://www.ibm.com/support/pages/node/7165342 • CWE-789: Memory Allocation with Excessive Size Value •