CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-40704 – IBM InfoSphere Information Server information disclosure
https://notcve.org/view.php?id=CVE-2024-40704
IBM InfoSphere Information Server 11.7 could allow a privileged user to obtain sensitive information from authentication request headers. IBM X-Force ID: 298277. • https://www.ibm.com/support/pages/node/7160853 https://exchange.xforce.ibmcloud.com/vulnerabilities/298277 • CWE-522: Insufficiently Protected Credentials •
CVSS: 6.2EPSS: 0%CPEs: 2EXPL: 0CVE-2024-25024 – IBM QRadar Suite Software information disclosure
https://notcve.org/view.php?id=CVE-2024-25024
IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 281430. • https://exchange.xforce.ibmcloud.com/vulnerabilities/281430 https://www.ibm.com/support/pages/node/7165488 •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-35152 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2024-35152
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 could allow an authenticated user to cause a denial of service with a specially crafted query due to improper memory allocation. IBM X-Force ID: 292639. • https://exchange.xforce.ibmcloud.com/vulnerabilities/292639 https://www.ibm.com/support/pages/node/7165342 • CWE-789: Memory Allocation with Excessive Size Value •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50314 – IBM WebSphere Application Server Libery information disclosure
https://notcve.org/view.php?id=CVE-2023-50314
IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.8 could allow an attacker with access to the network to conduct spoofing attacks. An attacker could exploit this vulnerability using a certificate issued by a trusted authority to obtain sensitive information. IBM X-Force ID: 274713. • https://exchange.xforce.ibmcloud.com/vulnerabilities/274713 https://www.ibm.com/support/pages/node/7165502 • CWE-295: Improper Certificate Validation •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2024-27267 – IBM SDK, Java Technology Edition denial of service
https://notcve.org/view.php?id=CVE-2024-27267
The Object Request Broker (ORB) in IBM SDK, Java Technology Edition 7.1.0.0 through 7.1.5.18 and 8.0.0.0 through 8.0.8.26 is vulnerable to remote denial of service, caused by a race condition in the management of ORB listener threads. IBM X-Force ID: 284573. A flaw was found in IBM SDK, Java Technology Edition. A race condition in the management of ORB listener threads can cause a remote denial of service. • https://exchange.xforce.ibmcloud.com/vulnerabilities/284573 https://www.ibm.com/support/pages/node/7165421 https://access.redhat.com/security/cve/CVE-2024-27267 https://bugzilla.redhat.com/show_bug.cgi?id=2304975 • CWE-300: Channel Accessible by Non-Endpoint •