Shodan
Vulnerabilities
Vulnerable Software
Ibm:  Security Vulnerabilities
CVE-2024-40680
IBM MQ 9.3 CD and 9.4 LTS/CD could allow a local user to cause a denial of service due to improper memory allocation causing a segmentation fault.
CVSS Score
5.5
EPSS Score
0.0
Published
2024-09-07
CVE-2024-45097
IBM Aspera Faspex 5.0.0 through 5.0.9 could allow a user to bypass intended access restrictions and conduct resource modification.
CVSS Score
5.9
EPSS Score
0.001
Published
2024-09-05
CVE-2024-45098
IBM Aspera Faspex 5.0.0 through 5.0.9 could allow a user to bypass intended access restrictions and conduct resource modification.
CVSS Score
6.8
EPSS Score
0.001
Published
2024-09-05
CVE-2024-45096
IBM Aspera Faspex 5.0.0 through 5.0.9 could allow a user with access to the package to obtain sensitive information through a directory listing.
CVSS Score
6.5
EPSS Score
0.001
Published
2024-09-05
CVE-2024-45074
IBM webMethods Integration 10.15 could allow an authenticated user to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system.
CVSS Score
6.5
EPSS Score
0.002
Published
2024-09-04
CVE-2024-45075
IBM webMethods Integration 10.15 could allow an authenticated user to create scheduler tasks that would allow them to escalate their privileges to administrator due to missing authentication.
CVSS Score
8.8
EPSS Score
0.002
Published
2024-09-04
CVE-2024-45076
IBM webMethods Integration 10.15 could allow an authenticated user to upload and execute arbitrary files which could be executed on the underlying operating system.
CVSS Score
9.9
EPSS Score
0.002
Published
2024-09-04
CVE-2024-39747
IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 uses default credentials for potentially critical functionality.
CVSS Score
8.1
EPSS Score
0.001
Published
2024-08-31
CVE-2024-35133
IBM Security Verify Access 10.0.0 through 10.0.8 OIDC Provider could allow a remote authenticated attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim.
CVSS Score
6.8
EPSS Score
0.006
Published
2024-08-29
CVE-2024-35118
IBM MaaS360 for Android 6.31 through 8.60 is using hard coded credentials that can be obtained by a user with physical access to the device.
CVSS Score
4.6
EPSS Score
0.0
Published
2024-08-29


Products
Pricing
Contact Us

Shodan ® - All rights reserved