Latest Ibm Vulnerabilities

IBM-7160579
Ibm Infosphere Information Server<=11.7
CVE-2024-40689
IBM InfoSphere Information Server SQL injection
Ibm Infosphere Information Server<=11.7
IBM-7161448
IBM Security Verify Directory Integrator<=10.0.0
IBM Security Directory Integrator<=7.2.0
IBM-7161446
IBM Security Directory Integrator<=7.2.0
IBM Security Verify Directory Integrator<=10.0.0
CVE-2022-32759
IBM Security Directory Server information disclosure
IBM Security Directory Integrator<=7.2.0
IBM Security Verify Directory Integrator<=10.0.0
CVE-2024-28772
IBM Security Directory Integrator cross-site scripting
IBM Security Verify Directory Integrator<=10.0.0
IBM Security Directory Integrator<=7.2.0
CVE-2024-37533
IBM InfoSphere Information Server information disclosure
Ibm Infosphere Information Server<=11.7
IBM-7159173
Ibm Infosphere Information Server<=11.7
CVE-2023-50304
IBM Engineering Requirements Management DOORS XML external entity injection
IBM Engineering Requirements Management DOORS<=9.7.2.8
IBM Engineering Requirements Management DOORS Web Access<=9.7.2.8
IBM-7160471
IBM Engineering Requirements Management DOORS<=9.7.2.8
IBM Engineering Requirements Management DOORS Web Access<=9.7.2.8
IBM-7160390
IBM Rational ClearQuest<=9.1 - 9.1.0.6
CVE-2023-42010
IBM Sterling B2B Integrator Standard Edition information disclosure
IBM Sterling B2B Integrator<=6.2.0.0 - 6.2.0.2
IBM Sterling B2B Integrator<=6.0.0.0 - 6.1.2.5
IBM-7160433
IBM Sterling B2B Integrator<=6.2.0.0 - 6.2.0.2
IBM Sterling B2B Integrator<=6.0.0.0 - 6.1.2.5
CVE-2024-28796
IBM ClearQuest (CQ) 9.1 through 9.1.0.6 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functi...
IBM Rational ClearQuest<=9.1 - 9.1.0.6
CVE-2024-39731
IBM Datacap Navigator information disclosure
IBM Datacap=9.1.5
IBM Datacap=9.1.6
IBM Datacap=9.1.7
IBM Datacap=9.1.8
IBM Datacap=9.1.9
IBM-7160300
IBM PEM<=6.2.2
CVE-2022-35640
IBM Sterling Partner Engagement Manager information disclosure
IBM PEM<=6.2.2
CVE-2024-39732
IBM Datacap Navigator information disclosure
IBM Datacap Navigator<=All
IBM Datacap<=9.1.5
IBM Datacap<=9.1.6
IBM Datacap<=9.1.7
IBM Datacap<=9.1.8
IBM Datacap<=9.1.9
CVE-2024-39733
IBM Datacap Navigator information disclosure
IBM Datacap Navigator<=All
IBM Datacap<=9.1.5
IBM Datacap<=9.1.6
IBM Datacap<=9.1.7
IBM Datacap<=9.1.8
IBM Datacap<=9.1.9
CVE-2024-39728
IBM Datacap Navigator cross-site scripting
IBM Datacap Navigator<=All
IBM Datacap<=9.1.5
IBM Datacap<=9.1.6
IBM Datacap<=9.1.7
IBM Datacap<=9.1.8
IBM Datacap<=9.1.9
and 6 more
CVE-2024-39737
IBM Datacap Navigator information disclosure
IBM Datacap Navigator<=All
IBM Datacap<=9.1.5
IBM Datacap<=9.1.6
IBM Datacap<=9.1.7
IBM Datacap<=9.1.8
IBM Datacap<=9.1.9
and 6 more
CVE-2024-124651
IBM Datacap Navigator does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting th...
IBM Datacap Navigator<=All
IBM Datacap<=9.1.5
IBM Datacap<=9.1.6
IBM Datacap<=9.1.7
IBM Datacap<=9.1.8
IBM Datacap<=9.1.9
CVE-2024-39729
IBM Datacap Navigator information disclosure
IBM Datacap Navigator<=All
IBM Datacap<=9.1.5
IBM Datacap<=9.1.6
IBM Datacap<=9.1.7
IBM Datacap<=9.1.8
IBM Datacap<=9.1.9
and 6 more
CVE-2024-39741
IBM Datacap Navigator directory traversal
IBM Datacap Navigator<=All
IBM Datacap<=9.1.5
IBM Datacap<=9.1.6
IBM Datacap<=9.1.7
IBM Datacap<=9.1.8
IBM Datacap<=9.1.9
and 6 more
IBM-7160185
IBM Datacap Navigator<=All
IBM Datacap<=9.1.5
IBM Datacap<=9.1.6
IBM Datacap<=9.1.7
IBM Datacap<=9.1.8
IBM Datacap<=9.1.9
CVE-2024-39735
IBM Datacap Navigator cross-site scripting
IBM Datacap Navigator<=All
IBM Datacap<=9.1.5
IBM Datacap<=9.1.6
IBM Datacap<=9.1.7
IBM Datacap<=9.1.8
IBM Datacap<=9.1.9
and 6 more
CVE-2024-39736
IBM Datacap Navigator HTTP HOST header injection
IBM Datacap Navigator<=All
IBM Datacap<=9.1.5
IBM Datacap<=9.1.6
IBM Datacap<=9.1.7
IBM Datacap<=9.1.8
IBM Datacap<=9.1.9
and 6 more
CVE-2024-39739
IBM Datacap Navigator server-side request forgery
IBM Datacap Navigator<=All
IBM Datacap<=9.1.5
IBM Datacap<=9.1.6
IBM Datacap<=9.1.7
IBM Datacap<=9.1.8
IBM Datacap<=9.1.9
and 6 more
CVE-2024-39740
IBM Datacap Navigator information disclosure
IBM Datacap Navigator<=All
IBM Datacap<=9.1.5
IBM Datacap<=9.1.6
IBM Datacap<=9.1.7
IBM Datacap<=9.1.8
IBM Datacap<=9.1.9
and 6 more
IBM-7160103
Ibm Infosphere Information Server<=11.7
CVE-2024-40690
IBM InfoSphere Server cross-site scripting
Ibm Infosphere Information Server<=11.7
IBM-7159825
Ibm Websphere Application Server<=9.0
Ibm Websphere Application Server<=8.5
CVE-2023-35008
IBM Security ReaQta does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this...
IBM Security QRadar EDR<=3.12
CVE-2023-33859
IBM Security ReaQta information disclosure
IBM Security QRadar EDR<=3.12
CVE-2024-25023
IBM QRadar Suite Software information disclosure
IBM Cloud Pak for Security<=1.10.0.0 - 1.10.11.0
IBM QRadar Suite Software<=1.10.12.0 - 1.10.22.0
IBM-7159768
IBM Cloud Pak for Security<=1.10.0.0 - 1.10.11.0
IBM QRadar Suite Software<=1.10.12.0 - 1.10.22.0
IBM-7159770
IBM Security QRadar EDR<=3.12
CVE-2024-35154
IBM WebSphere Application Server code execution
Ibm Websphere Application Server<=9.0
Ibm Websphere Application Server<=8.5
CVE-2023-33860
IBM Security ReaQta information disclosure
IBM Security QRadar EDR<=3.12
CVE-2023-35006
IBM Security ReaQta HTML injection
IBM Security QRadar EDR<=3.12
CVE-2024-39742
IBM MQ Container authentication bypass
IBM MQ Operator<=SC2 (formerly LTS): v3.2.0, v3.2.1CD:  v3.0.0, v3.0.1, v3.1.0 - 3.1.3 LTS: v2.0.0 - 2.0.23 Other Release: v2.4.0 - v2.4.8, v2.3.0 - 2.3.3, v2.2.0 - v2.2.2
IBM supplied MQ Advanced container images<=CD: 9.4.0.0-r1, 9.3.4.0-r1, 9.3.4.1-r1,9.3.5.0-r1,9.3.5.0-r2,9.3.5.1-r1, 9.3.5.1-r2LTS: 9.2.0.1-r1-eus, 9.2.0.2-r1-eus, 9.2.0.2-r2-eus, 9.2.0.4-r1-eus, 9.2.0.5-r1-eus, 9.2.0.5-r2-eus, 9.2.0.5-r3-eus, 9.2.0.6-r1-eus, 9.2.0.6-r2-eus, 9.2.0.6-r3-eus, 9.2.3.0-r1, 9.2.4.0-r1, 9.2.5.0-r1, 9.2.5.0-r2, 9.2.5.0-r3, 9.3.0.0-r1, 9.3.0.0-r2, 9.3.0.0-r3, 9.3.0.1-r1, 9.3.0.1-r2, 9.3.0.1-r3, 9.3.0.1-r4, 9.3.0.3-r1, 9.3.0.4-r1, 9.3.0.4-r2, 9.3.0.5-r1, 9.3.0.5-r2, 9.3.0.5-r3, 9.3.0.6-r1, 9.3.0.10-r1, 9.3.0.10-r2, 9.3.0.11-r1,9.3.0.11-r2, 9.3.0.15-r1, 9.3.0.16-r1, 9.3.0.16-r2, 9.3.0.17-r1, 9.3.0.17-r2, 9.3.0.17-r3 Other Release: 9.2.0.1-r1-eus, 9.2.0.2-r1-eus, 9.2.0.2-r2-eus, 9.2.0.4-r1-eus, 9.2.0.5-r1-eus, 9.2.0.5-r2-eus, 9.2.0.5-r3-eus, 9.2.0.6-r1-eus, 9.2.0.6-r2-eus, 9.2.0.6-r3-eus, 9.2.3.0-r1, 9.2.4.0-r1, 9.2.5.0-r1, 9.2.5.0-r2, 9.2.5.0-r3, 9.3.0.0-r1, 9.3.0.0-r2, 9.3.0.0-r3, 9.3.0.1-r1, 9.3.0.1-r2, 9.3.0.1-r3, 9.3.0.1-r4,  9.3.0.3-r1,  9.3.0.4-r1, 9.3.0.4-r2,  9.3.0.5-r1, 9.3.0.5-r2, 9.3.0.5-r3,  9.3.0.6-r1,  9.3.1.0-r1, 9.3.1.0-r2, 9.3.1.0-r3, 9.3.1.1-r1, 9.3.2.0-r1, 9.3.2.0-r2, 9.3.2.1-r1, 9.3.2.1-r2,  9.3.3.0-r1, 9.3.3.0-r2, 9.3.3.1-r1, 9.3.3.1-r2, 9.3.3.2-r1, 9.3.3.2-r2, 9.3.3.2-r3, ,9.3.3.3-r1,  9.3.3.3-r2
CVE-2024-39743
IBM MQ Container denial of service
IBM MQ Operator<=SC2 (formerly LTS): v3.2.0, v3.2.1CD:  v3.0.0, v3.0.1, v3.1.0 - 3.1.3 LTS: v2.0.0 - 2.0.23 Other Release: v2.4.0 - v2.4.8, v2.3.0 - 2.3.3, v2.2.0 - v2.2.2
IBM supplied MQ Advanced container images<=CD: 9.4.0.0-r1, 9.3.4.0-r1, 9.3.4.1-r1,9.3.5.0-r1,9.3.5.0-r2,9.3.5.1-r1, 9.3.5.1-r2LTS: 9.2.0.1-r1-eus, 9.2.0.2-r1-eus, 9.2.0.2-r2-eus, 9.2.0.4-r1-eus, 9.2.0.5-r1-eus, 9.2.0.5-r2-eus, 9.2.0.5-r3-eus, 9.2.0.6-r1-eus, 9.2.0.6-r2-eus, 9.2.0.6-r3-eus, 9.2.3.0-r1, 9.2.4.0-r1, 9.2.5.0-r1, 9.2.5.0-r2, 9.2.5.0-r3, 9.3.0.0-r1, 9.3.0.0-r2, 9.3.0.0-r3, 9.3.0.1-r1, 9.3.0.1-r2, 9.3.0.1-r3, 9.3.0.1-r4, 9.3.0.3-r1, 9.3.0.4-r1, 9.3.0.4-r2, 9.3.0.5-r1, 9.3.0.5-r2, 9.3.0.5-r3, 9.3.0.6-r1, 9.3.0.10-r1, 9.3.0.10-r2, 9.3.0.11-r1,9.3.0.11-r2, 9.3.0.15-r1, 9.3.0.16-r1, 9.3.0.16-r2, 9.3.0.17-r1, 9.3.0.17-r2, 9.3.0.17-r3 Other Release: 9.2.0.1-r1-eus, 9.2.0.2-r1-eus, 9.2.0.2-r2-eus, 9.2.0.4-r1-eus, 9.2.0.5-r1-eus, 9.2.0.5-r2-eus, 9.2.0.5-r3-eus, 9.2.0.6-r1-eus, 9.2.0.6-r2-eus, 9.2.0.6-r3-eus, 9.2.3.0-r1, 9.2.4.0-r1, 9.2.5.0-r1, 9.2.5.0-r2, 9.2.5.0-r3, 9.3.0.0-r1, 9.3.0.0-r2, 9.3.0.0-r3, 9.3.0.1-r1, 9.3.0.1-r2, 9.3.0.1-r3, 9.3.0.1-r4,  9.3.0.3-r1,  9.3.0.4-r1, 9.3.0.4-r2,  9.3.0.5-r1, 9.3.0.5-r2, 9.3.0.5-r3,  9.3.0.6-r1,  9.3.1.0-r1, 9.3.1.0-r2, 9.3.1.0-r3, 9.3.1.1-r1, 9.3.2.0-r1, 9.3.2.0-r2, 9.3.2.1-r1, 9.3.2.1-r2,  9.3.3.0-r1, 9.3.3.0-r2, 9.3.3.1-r1, 9.3.3.1-r2, 9.3.3.2-r1, 9.3.3.2-r2, 9.3.3.2-r3, ,9.3.3.3-r1,  9.3.3.3-r2
IBM-7159714
IBM MQ Operator<=SC2 (formerly LTS): v3.2.0, v3.2.1CD:  v3.0.0, v3.0.1, v3.1.0 - 3.1.3 LTS: v2.0.0 - 2.0.23 Other Release: v2.4.0 - v2.4.8, v2.3.0 - 2.3.3, v2.2.0 - v2.2.2
IBM supplied MQ Advanced container images<=CD: 9.4.0.0-r1, 9.3.4.0-r1, 9.3.4.1-r1,9.3.5.0-r1,9.3.5.0-r2,9.3.5.1-r1, 9.3.5.1-r2LTS: 9.2.0.1-r1-eus, 9.2.0.2-r1-eus, 9.2.0.2-r2-eus, 9.2.0.4-r1-eus, 9.2.0.5-r1-eus, 9.2.0.5-r2-eus, 9.2.0.5-r3-eus, 9.2.0.6-r1-eus, 9.2.0.6-r2-eus, 9.2.0.6-r3-eus, 9.2.3.0-r1, 9.2.4.0-r1, 9.2.5.0-r1, 9.2.5.0-r2, 9.2.5.0-r3, 9.3.0.0-r1, 9.3.0.0-r2, 9.3.0.0-r3, 9.3.0.1-r1, 9.3.0.1-r2, 9.3.0.1-r3, 9.3.0.1-r4, 9.3.0.3-r1, 9.3.0.4-r1, 9.3.0.4-r2, 9.3.0.5-r1, 9.3.0.5-r2, 9.3.0.5-r3, 9.3.0.6-r1, 9.3.0.10-r1, 9.3.0.10-r2, 9.3.0.11-r1,9.3.0.11-r2, 9.3.0.15-r1, 9.3.0.16-r1, 9.3.0.16-r2, 9.3.0.17-r1, 9.3.0.17-r2, 9.3.0.17-r3 Other Release: 9.2.0.1-r1-eus, 9.2.0.2-r1-eus, 9.2.0.2-r2-eus, 9.2.0.4-r1-eus, 9.2.0.5-r1-eus, 9.2.0.5-r2-eus, 9.2.0.5-r3-eus, 9.2.0.6-r1-eus, 9.2.0.6-r2-eus, 9.2.0.6-r3-eus, 9.2.3.0-r1, 9.2.4.0-r1, 9.2.5.0-r1, 9.2.5.0-r2, 9.2.5.0-r3, 9.3.0.0-r1, 9.3.0.0-r2, 9.3.0.0-r3, 9.3.0.1-r1, 9.3.0.1-r2, 9.3.0.1-r3, 9.3.0.1-r4,  9.3.0.3-r1,  9.3.0.4-r1, 9.3.0.4-r2,  9.3.0.5-r1, 9.3.0.5-r2, 9.3.0.5-r3,  9.3.0.6-r1,  9.3.1.0-r1, 9.3.1.0-r2, 9.3.1.0-r3, 9.3.1.1-r1, 9.3.2.0-r1, 9.3.2.0-r2, 9.3.2.1-r1, 9.3.2.1-r2,  9.3.3.0-r1, 9.3.3.0-r2, 9.3.3.1-r1, 9.3.3.1-r2, 9.3.3.2-r1, 9.3.3.2-r2, 9.3.3.2-r3, ,9.3.3.3-r1,  9.3.3.3-r2
CVE-2024-37528
IBM Cloud Pak for Business Automation cross-site scripting
IBM Cloud Pak for Business Automation>=18.0.0<=18.0.2
IBM Cloud Pak for Business Automation>=19.0.1<=19.0.3
IBM Cloud Pak for Business Automation>=20.0.1<=20.0.3
IBM Cloud Pak for Business Automation=21.0.1
IBM Cloud Pak for Business Automation=21.0.1-interim_fix_001
IBM Cloud Pak for Business Automation=21.0.1-interim_fix_002
and 64 more
CVE-2024-31897
IBM Cloud Pak for Business Automation server-side request forgery
IBM Cloud Pak for Business Automation>=18.0.0<=18.0.2
IBM Cloud Pak for Business Automation>=19.0.1<=19.0.3
IBM Cloud Pak for Business Automation>=20.0.1<=20.0.3
IBM Cloud Pak for Business Automation=21.0.1
IBM Cloud Pak for Business Automation=21.0.1-interim_fix_001
IBM Cloud Pak for Business Automation=21.0.1-interim_fix_002
and 64 more
CVE-2024-38330
IBM i privilege escalation
IBM i<=7.4
IBM i<=7.3
IBM i<=7.2
IBM i=7.2
IBM i=7.3
IBM i=7.4
IBM-7159615
IBM i<=7.4
IBM i<=7.3
IBM i<=7.2
IBM-7159333
IBM Storage Virtualize<=8.6
CVE-2024-39723
IBM FlashSystem denial of service
IBM Storage Virtualize<=8.6
IBM Storage Virtualize=8.6
CVE-2024-35116
IBM MQ denial of service
IBM MQ Operator<=SC2 (formerly LTS): v3.2.0, v3.2.1CD:  v3.0.0, v3.0.1, v3.1.0 - 3.1.3 LTS: v2.0.0 - 2.0.23 Other Release: v2.4.0 - v2.4.8, v2.3.0 - 2.3.3, v2.2.0 - v2.2.2
IBM supplied MQ Advanced container images<=CD: 9.4.0.0-r1, 9.3.4.0-r1, 9.3.4.1-r1,9.3.5.0-r1,9.3.5.0-r2,9.3.5.1-r1, 9.3.5.1-r2LTS: 9.2.0.1-r1-eus, 9.2.0.2-r1-eus, 9.2.0.2-r2-eus, 9.2.0.4-r1-eus, 9.2.0.5-r1-eus, 9.2.0.5-r2-eus, 9.2.0.5-r3-eus, 9.2.0.6-r1-eus, 9.2.0.6-r2-eus, 9.2.0.6-r3-eus, 9.2.3.0-r1, 9.2.4.0-r1, 9.2.5.0-r1, 9.2.5.0-r2, 9.2.5.0-r3, 9.3.0.0-r1, 9.3.0.0-r2, 9.3.0.0-r3, 9.3.0.1-r1, 9.3.0.1-r2, 9.3.0.1-r3, 9.3.0.1-r4, 9.3.0.3-r1, 9.3.0.4-r1, 9.3.0.4-r2, 9.3.0.5-r1, 9.3.0.5-r2, 9.3.0.5-r3, 9.3.0.6-r1, 9.3.0.10-r1, 9.3.0.10-r2, 9.3.0.11-r1,9.3.0.11-r2, 9.3.0.15-r1, 9.3.0.16-r1, 9.3.0.16-r2, 9.3.0.17-r1, 9.3.0.17-r2, 9.3.0.17-r3 Other Release: 9.2.0.1-r1-eus, 9.2.0.2-r1-eus, 9.2.0.2-r2-eus, 9.2.0.4-r1-eus, 9.2.0.5-r1-eus, 9.2.0.5-r2-eus, 9.2.0.5-r3-eus, 9.2.0.6-r1-eus, 9.2.0.6-r2-eus, 9.2.0.6-r3-eus, 9.2.3.0-r1, 9.2.4.0-r1, 9.2.5.0-r1, 9.2.5.0-r2, 9.2.5.0-r3, 9.3.0.0-r1, 9.3.0.0-r2, 9.3.0.0-r3, 9.3.0.1-r1, 9.3.0.1-r2, 9.3.0.1-r3, 9.3.0.1-r4,  9.3.0.3-r1,  9.3.0.4-r1, 9.3.0.4-r2,  9.3.0.5-r1, 9.3.0.5-r2, 9.3.0.5-r3,  9.3.0.6-r1,  9.3.1.0-r1, 9.3.1.0-r2, 9.3.1.0-r3, 9.3.1.1-r1, 9.3.2.0-r1, 9.3.2.0-r2, 9.3.2.1-r1, 9.3.2.1-r2,  9.3.3.0-r1, 9.3.3.0-r2, 9.3.3.1-r1, 9.3.3.1-r2, 9.3.3.2-r1, 9.3.3.2-r2, 9.3.3.2-r3, ,9.3.3.3-r1,  9.3.3.3-r2

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203