Total
10497 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-45638 | 2 Ibm, Linux | 2 Security Qradar Edr, Linux Kernel | 2025-07-16 | N/A | 4.1 MEDIUM |
| IBM Security QRadar 3.12 EDR stores user credentials in plain text which can be read by a local privileged user. | |||||
| CVE-2024-45643 | 2 Ibm, Linux | 2 Security Qradar Edr, Linux Kernel | 2025-07-16 | N/A | 5.9 MEDIUM |
| IBM Security QRadar 3.12 EDR uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt sensitive credential information. | |||||
| CVE-2025-6554 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2025-07-16 | N/A | 8.1 HIGH |
| Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2024-51476 | 2 Ibm, Linux | 2 Concert Software, Linux Kernel | 2025-07-16 | N/A | 7.5 HIGH |
| IBM Concert Software 1.0.5 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. | |||||
| CVE-2024-41743 | 2 Ibm, Linux | 2 Txseries For Multiplatforms, Linux Kernel | 2025-07-16 | N/A | 7.5 HIGH |
| IBM TXSeries for Multiplatforms 10.1 could allow a remote attacker to cause a denial of service using persistent connections due to improper allocation of resources. | |||||
| CVE-2024-41742 | 2 Ibm, Linux | 2 Txseries For Multiplatforms, Linux Kernel | 2025-07-16 | N/A | 7.5 HIGH |
| IBM TXSeries for Multiplatforms 10.1 is vulnerable to a denial of service, caused by improper enforcement of the timeout on individual read operations. By conducting a slowloris-type attacks, a remote attacker could exploit this vulnerability to cause a denial of service. | |||||
| CVE-2024-45654 | 2 Ibm, Linux | 2 Security Qradar Edr, Linux Kernel | 2025-07-16 | N/A | 4.3 MEDIUM |
| IBM Security ReaQta 3.12 could allow an authenticated user to perform unauthorized actions due to reliance on untrusted inputs. | |||||
| CVE-2024-45100 | 2 Ibm, Linux | 2 Security Qradar Edr, Linux Kernel | 2025-07-16 | N/A | 4.9 MEDIUM |
| IBM Security ReaQta 3.12 could allow a privileged user to cause a denial of service by sending multiple administration requests due to improper allocation of resources. | |||||
| CVE-2024-45640 | 2 Ibm, Linux | 2 Security Qradar Edr, Linux Kernel | 2025-07-15 | N/A | 5.3 MEDIUM |
| IBM Security ReaQta 3.12 returns sensitive information in an HTTP response that could be used in further attacks against the system. | |||||
| CVE-2024-56475 | 2 Ibm, Linux | 3 Aix, Txseries For Multiplatforms, Linux Kernel | 2025-07-15 | N/A | 5.4 MEDIUM |
| IBM TXSeries for Multiplatforms 9.1 and 11.1 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | |||||
| CVE-2025-0154 | 2 Ibm, Linux | 3 Aix, Txseries For Multiplatforms, Linux Kernel | 2025-07-15 | N/A | 5.3 MEDIUM |
| IBM TXSeries for Multiplatforms 9.1 and 11.1 could disclose sensitive information to a remote attacker due to improper neutralization of HTTP headers. | |||||
| CVE-2024-56476 | 2 Ibm, Linux | 3 Aix, Txseries For Multiplatforms, Linux Kernel | 2025-07-15 | N/A | 5.3 MEDIUM |
| IBM TXSeries for Multiplatforms 9.1 and 11.1 could allow an attacker to enumerate usernames due to an observable login attempt response discrepancy. | |||||
| CVE-2023-33861 | 2 Ibm, Linux | 2 Security Qradar Edr, Linux Kernel | 2025-07-15 | N/A | 6.5 MEDIUM |
| IBM Security ReaQta EDR 3.12 could allow an attacker to spoof a trusted entity by interfering with the communication path between the host and client. | |||||
| CVE-2024-45641 | 2 Ibm, Linux | 2 Security Qradar Edr, Linux Kernel | 2025-07-15 | N/A | 6.5 MEDIUM |
| IBM Security ReaQta EDR 3.12 could allow an attacker to perform unauthorized actions due to improper SSL certificate validation. | |||||
| CVE-2024-45644 | 2 Ibm, Linux | 2 Security Qradar Edr, Linux Kernel | 2025-07-15 | N/A | 4.7 MEDIUM |
| IBM Security ReaQta 3.12 allows a privileged user to upload or transfer files of dangerous types that can be automatically processed within the product's environment. | |||||
| CVE-2024-25051 | 3 Ibm, Linux, Microsoft | 3 Jazz Reporting Service, Linux Kernel, Windows | 2025-07-14 | N/A | 6.6 MEDIUM |
| IBM Jazz Reporting Service 7.0.2 and 7.0.3 does not invalidate session after logout which could allow an authenticated privileged user to impersonate another user on the system. | |||||
| CVE-2025-27367 | 3 Ibm, Linux, Microsoft | 3 Openpages With Watson, Linux Kernel, Windows | 2025-07-14 | N/A | 5.3 MEDIUM |
| IBM OpenPages with Watson 8.3 and 9.0 is vulnerable to improper input validation due to bypassing of client-side validation for the data types and requiredness of fields for GRC Objects when an authenticated user sends a specially crafted payload to the server allowing for data to be saved without storing the required fields. | |||||
| CVE-2024-49784 | 3 Ibm, Linux, Microsoft | 3 Openpages With Watson, Linux Kernel, Windows | 2025-07-14 | N/A | 5.3 MEDIUM |
| IBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in storage of encrypted data with AES encryption and CBC mode. If an authenticated remote attacker with access to the database or a local attacker with access to server files could extract the encrypted data values they could exploit this weaker algorithm to use additional cryptographic methods to possibly extract the encrypted data. | |||||
| CVE-2024-49783 | 3 Ibm, Linux, Microsoft | 3 Openpages With Watson, Linux Kernel, Windows | 2025-07-14 | N/A | 5.3 MEDIUM |
| IBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in storage of encrypted data. If an authenticated remote attacker with access to the database or a local attacker with access to server files could extract the encrypted data, they could exploit this vulnerability to use additional cryptographic methods to possibly extract the encrypted data. | |||||
| CVE-2023-43039 | 3 Ibm, Linux, Microsoft | 3 Openpages With Watson, Linux Kernel, Windows | 2025-07-14 | N/A | 6.1 MEDIUM |
| IBM OpenPages with Watson 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session | |||||