CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-33077 – IBM Engineering Systems Design Rhapsody code execution
https://notcve.org/view.php?id=CVE-2025-33077
23 Jul 2025 — IBM Engineering Systems Design Rhapsody 9.0.2, 10.0, and 10.0.1 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local user could overflow the buffer and execute arbitrary code on the system. • https://www.ibm.com/support/pages/node/7240375 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-33076 – IBM Engineering Systems Design Rhapsody code execution
https://notcve.org/view.php?id=CVE-2025-33076
23 Jul 2025 — IBM Engineering Systems Design Rhapsody 9.0.2, 10.0, and 10.0.1 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local user could overflow the buffer and execute arbitrary code on the system. • https://www.ibm.com/support/pages/node/7240368 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2025-33020 – IBM Engineering Systems Design Rhapsody information disclosure
https://notcve.org/view.php?id=CVE-2025-33020
23 Jul 2025 — IBM Engineering Systems Design Rhapsody 9.0.2, 10.0, and 10.0.1 transmits sensitive information without encryption that could allow an attacker to obtain highly sensitive information. • https://www.ibm.com/support/pages/node/7240374 • CWE-311: Missing Encryption of Sensitive Data •
CVSS: 8.8EPSS: 0%CPEs: 19EXPL: 0CVE-2021-29844
https://notcve.org/view.php?id=CVE-2021-29844
27 Oct 2021 — IBM Jazz Team Server products is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. Los productos IBM Jazz Team Server son vulnerables a un ataque de tipo server-side request forgery (SSRF). Esto puede permitir a un atacante autenticado enviar peticiones no autorizadas desde el sistema, conllevando potencialmente a una enumeración de la red o facili... • https://exchange.xforce.ibmcloud.com/vulnerabilities/205205 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 5.4EPSS: 0%CPEs: 30EXPL: 0CVE-2021-20357
https://notcve.org/view.php?id=CVE-2021-20357
27 Jan 2021 — IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 194963. Los productos de IBM Jazz Foundation, son vulnerables a ataques de tipo cross-site scripting. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbitrario en la Interfaz de Usuario Web, alterando así la fu... • https://exchange.xforce.ibmcloud.com/vulnerabilities/194963 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 30EXPL: 0CVE-2020-4865
https://notcve.org/view.php?id=CVE-2020-4865
27 Jan 2021 — IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 190741. Los productos de IBM Jazz Foundation, son vulnerables a ataques de tipo cross-site scripting. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbitrario en la Interfaz de Usuario Web, alterando así la fu... • https://exchange.xforce.ibmcloud.com/vulnerabilities/190741 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 30EXPL: 0CVE-2020-4855
https://notcve.org/view.php?id=CVE-2020-4855
27 Jan 2021 — IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 190457. Los productos de IBM Jazz Foundation, son vulnerables a ataques de tipo cross-site scripting. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbitrario en la Interfaz de Usuario Web, alterando así la fu... • https://exchange.xforce.ibmcloud.com/vulnerabilities/190457 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 30EXPL: 0CVE-2020-4547
https://notcve.org/view.php?id=CVE-2020-4547
27 Jan 2021 — IBM Jazz Foundation products could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 183315. Los productos de IBM Jazz Foundation, podrían permitir a un atacante remoto secuestrar la acción de clic de la víctima. Al persuadir a una víctima para visitar un sitio web malicios... • https://exchange.xforce.ibmcloud.com/vulnerabilities/183315 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 5.4EPSS: 0%CPEs: 30EXPL: 0CVE-2020-4524
https://notcve.org/view.php?id=CVE-2020-4524
27 Jan 2021 — IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 182434. Los productos de IBM Jazz Foundation, son vulnerables a ataques de tipo cross-site scripting. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbitrario en la Interfaz de Usuario Web, alterando así la fu... • https://exchange.xforce.ibmcloud.com/vulnerabilities/182434 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 33EXPL: 0CVE-2020-4733
https://notcve.org/view.php?id=CVE-2020-4733
08 Jan 2021 — IBM Jazz Foundation products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 188127. Los productos IBM Jazz Foundation son vulnerables a un ataque de tipo cross-site scripting. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbitrario en la Interfaz de Usuario Web, alterando así la fun... • https://exchange.xforce.ibmcloud.com/vulnerabilities/188127 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •