CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-1331 – IBM CICS TX code execution
https://notcve.org/view.php?id=CVE-2025-1331
08 May 2025 — IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1 could allow a local user to execute arbitrary code on the system due to the use of unsafe use of the gets function. IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1 could allow a local user to execute arbitrary code on the system due to the use of unsafe use of the gets function. • https://www.ibm.com/support/pages/node/7232923 • CWE-242: Use of Inherently Dangerous Function •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-1330 – IBM CICS TX code execution
https://notcve.org/view.php?id=CVE-2025-1330
08 May 2025 — IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1 could allow a local user to execute arbitrary code on the system due to failure to handle DNS return requests by the gethostbyname function. • https://www.ibm.com/support/pages/node/7232923 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-1329 – IBM CICS TX code execution
https://notcve.org/view.php?id=CVE-2025-1329
08 May 2025 — IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1 could allow a local user to execute arbitrary code on the system due to failure to handle DNS return requests by the gethostbyaddr function. • https://www.ibm.com/support/pages/node/7232923 • CWE-787: Out-of-bounds Write •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-41746 – IBM CICS TX cross-site scripting
https://notcve.org/view.php?id=CVE-2024-41746
16 Jan 2025 — IBM CICS TX Advanced 10.1, 11.1, and Standard 11.1 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. • https://www.ibm.com/support/pages/node/7171873 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-41744 – IBM CICS TX Standard cross-site request forgery
https://notcve.org/view.php?id=CVE-2024-41744
01 Nov 2024 — IBM CICS TX Standard 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. • https://www.ibm.com/support/pages/node/7174576 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-41745 – IBM CICS TX Standard cross-site scripting
https://notcve.org/view.php?id=CVE-2024-41745
01 Nov 2024 — IBM CICS TX Standard is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. • https://www.ibm.com/support/pages/node/7174576 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-34310 – IBM CICS TX information disclosure
https://notcve.org/view.php?id=CVE-2022-34310
12 Feb 2024 — IBM CICS TX Standard and Advanced 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 229441. IBM CICS TX Standard y Advanced 11.1 utiliza algoritmos criptográficos más débiles de lo esperado que podrían permitir a un atacante descifrar información altamente confidencial. ID de IBM X-Force: 229441. • https://exchange.xforce.ibmcloud.com/vulnerabilities/229441 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •