Page 5 of 12062 results (0.057 seconds)

CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0

28 Jan 2025 — A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. • https://nvidia.custhelp.com/app/answers/detail/a_id/5599 • CWE-653: Improper Isolation or Compartmentalization •

CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0

28 Jan 2025 — A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. • https://nvidia.custhelp.com/app/answers/detail/a_id/5599 • CWE-653: Improper Isolation or Compartmentalization •

CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0

28 Jan 2025 — IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete ... • https://www.ibm.com/support/pages/node/7176072 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0

28 Jan 2025 — IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.1 could allow an authenticated user to obtain sensitive information from the dashboard UI using man in the middle techniques. • https://www.ibm.com/support/pages/node/7176072 • CWE-300: Channel Accessible by Non-Endpoint •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

27 Jan 2025 — IBM QRadar SIEM 7.5 transmits sensitive or security-critical data in cleartext in a communication channel that could be obtained by an unauthorized actor using man in the middle techniques. • https://www.ibm.com/support/pages/node/7173420 • CWE-319: Cleartext Transmission of Sensitive Information •

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0

27 Jan 2025 — IBM Watson Query on Cloud Pak for Data (IBM Data Virtualization 1.8, 2.0, 2.1, 2.2, and 3.0.0) could allow an authenticated user to obtain sensitive information from objects published using Watson Query due to an improper data protection mechanism. IBM Watson Query on Cloud Pak for Data (IBM Data Virtualization 1.8, 2.0, 2.1, 2.2, and 3.0.0) could allow an authenticated user to obtain sensitive information from objects published using Watson Query due to an improper data protection mechanism. • https://www.ibm.com/support/pages/node/7173774 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

27 Jan 2025 — An information disclosure issue was addressed with improved privacy controls. • https://support.apple.com/en-us/122068 • CWE-922: Insecure Storage of Sensitive Information •

CVSS: 5.9EPSS: 0%CPEs: 5EXPL: 0

27 Jan 2025 — IBM MQ Container 3.0.0, 3.0.1, 3.1.0 through 3.1.3 CD, 2.0.0 LTS through 2.0.22 LTS and 2.4.0 through 2.4.8, 2.3.0 through 2.3.3, 2.2.0 through 2.2.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM MQ Container 3.0.0, 3.0.1, 3.1.0 through 3.1.3 CD, 2.0.0 LTS through 2.0.22 LTS and 2.4.0 through 2.4.8, 2.3.0 through 2.3.3, 2.2.0 through 2.2.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt ... • https://www.ibm.com/support/pages/node/7157667 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •

CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0

27 Jan 2025 — IBM Sterling File Gateway 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.1 could allow an authenticated user to enumerate usernames due to an observable discrepancy in request responses. • https://www.ibm.com/support/pages/node/7176083 • CWE-204: Observable Response Discrepancy •

CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0

27 Jan 2025 — IBM Storage Protect for Virtual Environments: Data Protection for VMware and Storage Protect Backup-Archive Client 8.1.0.0 through 8.1.23.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM Storage Protect for Virtual Environments: Data Protection for VMware and Storage Protect Backup-Archive Client 8.1.0.0 through 8.1.23.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive inf... • https://www.ibm.com/support/pages/node/7173462 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •