Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
IBM QRadar SIEM 7.5 through 7.5 Update Pack 13 Independent Fix 01 could allow a local privileged user to perform unauthorized actions on configuration files due to improper permission assignment.
IBM InfoSphere Information Server 11.7 could allow an authenticated to obtain sensitive username information due to an observable response discrepancy.
IBM QRadar SIEM 7.5 - 7.5.0 UP14 IF01 is affected by an information disclosure vulnerability involving exposure of directory information. IBM has addressed this vulnerability in the latest update.
IBM InfoSphere Information Server 11.7 could disclose sensitive user information to another user with physical access to the machine. IBM X-Force ID: 294727.
IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Fo
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2 could disclose sensitive information in the HTTP response using man in the middle techniques. IBM X-Fo
IBM Security ReaQta EDR 3.12 could allow an attacker to perform unauthorized actions due to improper SSL certificate validation.
IBM Aspera 5.0.0 through 5.0.13.1 could disclose sensitive user information from the system to an authenticated user due to an observable discrepancy of returned data.
IBM QRadar 7.5.0 through 7.5.0 UP15 Interim Fix 002 could allow a privileged user to upload a malicious backup archive that could be restored and used to gain access to the underlying operating system
IBM QRadar SIEM 7.5.0 through 7.5.0 Update Package 14 stores potentially sensitive information in configuration files that could be read by a local user.
IBM QRadar SIEM 7.5 through 7.5.0 UP14 stores user credentials in configuration files in source control which can be read by an authenticated user.
IBM QRadar SIEM 7.5 transmits sensitive or security-critical data in cleartext in a communication channel that could be obtained by an unauthorized actor using man in the middle techniques.
IBM Security ReaQta EDR 3.12 could allow an attacker to spoof a trusted entity by interfering with the communication path between the host and client.
IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 could allow an unauthenticated user in the environment to obtain highly sensitive informa
A vulnerability has been identified in Polarion V2310 (All versions), Polarion V2404 (All versions < V2404.2). The login implementation of the affected application contains an observable response disc
IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used
IBM InfoSphere Information Server 11.7 could allow a privileged user to obtain sensitive information from authentication request headers. IBM X-Force ID: 298277.
A CWE-204 "Observable Response Discrepancy" in the login page in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote attacker to enumerate valid usernames via crafted
IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 does not invalidate session after logout which could allow another authenticated
CVE-2025-33117
CRITICAL CVSS 9.1
Find Similar
IBM QRadar SIEM 7.5 through 7.5.0 Update Package 12 could allow a privileged user to modify configuration files that would allow the upload of a malicious autoupdate file to execute arbitrary command