CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-41774 – IBM Common Licensing cross-site scripting
https://notcve.org/view.php?id=CVE-2024-41774
IBM Common Licensing 9.0 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 350348. • https://exchange.xforce.ibmcloud.com/vulnerabilities/350348 https://www.ibm.com/support/pages/node/7165251 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-40697 – IBM Common Licensing information disclosure
https://notcve.org/view.php?id=CVE-2024-40697
IBM Common Licensing 9.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 297895. • https://exchange.xforce.ibmcloud.com/vulnerabilities/297895 https://www.ibm.com/support/pages/node/7165250 • CWE-521: Weak Password Requirements •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50306 – IBM Common Licensing information disclosure
https://notcve.org/view.php?id=CVE-2023-50306
IBM Common Licensing 9.0 could allow a local user to enumerate usernames due to an observable response discrepancy. IBM X-Force ID: 273337. IBM Common Licensing 9.0 podría permitir a un usuario local enumerar nombres de usuario debido a una discrepancia de respuesta observable. ID de IBM X-Force: 273337. • https://exchange.xforce.ibmcloud.com/vulnerabilities/273337 https://www.ibm.com/support/pages/node/7120660 • CWE-204: Observable Response Discrepancy •
CVSS: 6.9EPSS: 0%CPEs: 66EXPL: 0CVE-2011-1205
https://notcve.org/view.php?id=CVE-2011-1205
Multiple buffer overflows in unspecified COM objects in Rational Common Licensing 7.0 through 7.1.1.4 in IBM Rational ClearCase 7.0.0.4 through 7.1.1.4, ClearQuest 7.0.0.4 through 7.1.1.4, and other products allow local users to gain privileges via a Trojan horse HTML document in the My Computer zone. Múltiples desbordamientos de búfer en objetos COM no especificados de Rational Common Licensing v7.0 hasta v7.1.1.4 en IBM Rational ClearCase v7.0.0.4 hasta v7.1.1.4, ClearQuest v7.0.0.4 hasta v7.1.1.4 y otros productos, permite a usuarios locales ganar privilegios a través de un documento HTML caballo de troya en la zona de Mi PC • http://www.ibm.com/support/docview.wss?uid=swg21470998 http://www.securitytracker.com/id?1025268 http://www.securitytracker.com/id?1025269 http://www.vupen.com/english/advisories/2011/0832 https://exchange.xforce.ibmcloud.com/vulnerabilities/66304 https://exchange.xforce.ibmcloud.com/vulnerabilities/66324 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •