Export limit exceeded: 335106 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (193 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-45671 | 2 Ibm, Linux | 2 Security Verify Information Queue, Linux Kernel | 2025-09-17 | 5.9 Medium |
| IBM Security Verify Information Queue 10.0.5, 10.0.6, 10.0.7, and 10.0.8 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | ||||
| CVE-2025-36003 | 1 Ibm | 1 Security Verify Governance | 2025-09-16 | 7.5 High |
| IBM Security Verify Governance Identity Manager 10.0.2 could allow a remote attacker to obtain sensitive information when detailed technical error messages are returned. This information could be used in further attacks against the system. | ||||
| CVE-2024-45673 | 3 Ibm, Linux, Microsoft | 6 Security Verify Bridge, Security Verify Bridge Directory Sync, Security Verify Gateway For Radius and 3 more | 2025-08-27 | 5.5 Medium |
| IBM Security Verify Bridge Directory Sync 1.0.1 through 1.0.12, IBM Security Verify Gateway for Windows Login 1.0.1 through 1.0.10, and IBM Security Verify Gateway for Radius 1.0.1 through 1.0.11 stores user credentials in configuration files which can be read by a local user. | ||||
| CVE-2024-35138 | 1 Ibm | 1 Security Verify Access | 2025-08-27 | 6.5 Medium |
| IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | ||||
| CVE-2024-22330 | 1 Ibm | 1 Security Verify Governance | 2025-08-24 | 5.9 Medium |
| IBM Security Verify Governance 10.0.2 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. | ||||
| CVE-2024-56343 | 1 Ibm | 2 Security Verify Access, Verify Identity Access Digital Credentials | 2025-08-24 | 4.3 Medium |
| IBM Verify Identity Access Digital Credentials 24.06 could allow an authenticated user to crash the service with a specially crafted POST request. | ||||
| CVE-2024-56342 | 1 Ibm | 2 Security Verify Access, Verify Identity Access Digital Credentials | 2025-08-24 | 4.3 Medium |
| IBM Verify Identity Access Digital Credentials 24.06 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. | ||||
| CVE-2025-0163 | 1 Ibm | 2 Security Verify Access, Security Verify Access Docker | 2025-08-24 | 5.3 Medium |
| IBM Security Verify Access Appliance and Docker 10.0 through 10.0.8 could allow a remote attacker to enumerate usernames due to an observable response discrepancy of disabled accounts. | ||||
| CVE-2024-45674 | 1 Ibm | 4 Security Verify Bridge, Security Verify Bridge Directory Sync, Security Verify Gateway For Radius and 1 more | 2025-08-18 | 3.3 Low |
| IBM Security Verify Bridge Directory Sync 1.0.1 through 1.0.12, IBM Security Verify Gateway for Windows Login 1.0.1 through 1.0.10, and IBM Security Verify Gateway for Radius 1.0.1 through 1.0.11 stores potentially sensitive information in log files that could be read by a local user. | ||||
| CVE-2023-33844 | 1 Ibm | 1 Security Verify Governance | 2025-08-16 | 5.4 Medium |
| IBM Security Verify Governance 10.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | ||||
| CVE-2024-22338 | 1 Ibm | 1 Security Verify Access Oidc Provider | 2025-08-14 | 4 Medium |
| IBM Security Verify Access OIDC Provider 22.09 through 23.03 could disclose sensitive information to a local user due to hazardous input validation. IBM X-Force ID: 279978. | ||||
| CVE-2024-28787 | 1 Ibm | 2 Application Gateway, Security Verify Access | 2025-08-14 | 8.7 High |
| IBM Security Verify Access 10.0.0 through 10.0.7 and IBM Application Gateway 20.01 through 24.03 could allow a remote attacker to obtain highly sensitive private information or cause a denial of service using a specially crafted HTTP request. IBM X-Force ID: 286584. | ||||
| CVE-2024-45672 | 1 Ibm | 1 Security Verify Bridge | 2025-08-14 | 6 Medium |
| IBM Security Verify Bridge 1.0.0 through 1.0.15 could allow a local privileged user to overwrite files due to excessive privileges granted to the agent. which could also cause a denial of service. | ||||
| CVE-2024-31887 | 1 Ibm | 2 Security Verify Privilege, Security Verify Privilege On-premises | 2025-08-13 | 7.5 High |
| IBM Security Verify Privilege 11.6.25 could allow an unauthenticated actor to obtain sensitive information from the SOAP API. IBM X-Force ID: 287651. | ||||
| CVE-2025-0161 | 1 Ibm | 1 Security Verify Access | 2025-08-11 | 7.8 High |
| IBM Security Verify Access Appliance 10.0.0.0 through 10.0.0.9 and 11.0.0.0 could allow a local user to execute arbitrary code due to improper restrictions on code generation. | ||||
| CVE-2024-45650 | 1 Ibm | 1 Security Verify Directory | 2025-08-08 | 7.5 High |
| IBM Security Verify Directory 10.0 through 10.0.3 is vulnerable to a denial of service when sending an LDAP extended operation. | ||||
| CVE-2024-45658 | 1 Ibm | 1 Security Verify Access | 2025-08-08 | 2.7 Low |
| IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system. | ||||
| CVE-2024-49814 | 1 Ibm | 1 Security Verify Access | 2025-08-08 | 7.8 High |
| IBM Security Verify Access Appliance 10.0.0 through 10.0.3 could allow a locally authenticated user to increase their privileges due to execution with unnecessary privileges. | ||||
| CVE-2024-51450 | 1 Ibm | 1 Security Verify Directory | 2025-08-08 | 9.1 Critical |
| IBM Security Verify Directory 10.0.0 through 10.0.3 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. | ||||
| CVE-2024-28766 | 1 Ibm | 2 Security Directory Integrator, Security Verify Directory Integrator | 2025-07-14 | 2.4 Low |
| IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 could disclose sensitive information about directory contents that could aid in further attacks against the system. | ||||