CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-35156 – IBM MQ information disclosure
https://notcve.org/view.php?id=CVE-2024-35156
IBM MQ 9.3 LTS and 9.3 CD could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. • https://exchange.xforce.ibmcloud.com/vulnerabilities/292766 https://www.ibm.com/support/pages/node/7158058 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-35155 – IBM MQ information disclosure
https://notcve.org/view.php?id=CVE-2024-35155
IBM MQ Console 9.3 LTS and 9.3 CD could disclose could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. • https://exchange.xforce.ibmcloud.com/vulnerabilities/292765 https://www.ibm.com/support/pages/node/7158059 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-35139 – IBM Security Access Manager Docker information disclosure
https://notcve.org/view.php?id=CVE-2024-35139
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain sensitive information from the container due to incorrect default permissions. • https://exchange.xforce.ibmcloud.com/vulnerabilities/292415 https://www.ibm.com/support/pages/node/7158790 • CWE-276: Incorrect Default Permissions •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-35137 – IBM Security Access Manager Docker information disclosure
https://notcve.org/view.php?id=CVE-2024-35137
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to possibly elevate their privileges due to sensitive configuration information being exposed. • https://exchange.xforce.ibmcloud.com/vulnerabilities/292413 https://www.ibm.com/support/pages/node/7158790 • CWE-258: Empty Password in Configuration File •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-30135 – Sensitive Information Disclosure vulnerability affects DRYiCE AEX v10
https://notcve.org/view.php?id=CVE-2024-30135
HCL DRYiCE AEX is potentially impacted by disclosure of sensitive information in the mobile application when a snapshot is taken. • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0114193 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •