CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2024-36248	API keys for some cloud services are hardcoded in the "main" binary. As for the details of affected product names, model numbers, and versions,... Description: API keys for some cloud services are hardcoded in the "main" binary. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References]. CVSS: CRITICAL (9.1) EPSS Score: 0.04% Source: CVE January 28th, 2025 (5 months ago)
CVE-2024-35244	There are several hidden accounts. Some of them are intended for maintenance engineers, and with the knowledge of their passwords (e.g., by... Description: There are several hidden accounts. Some of them are intended for maintenance engineers, and with the knowledge of their passwords (e.g., by examining the coredump), these accounts can be used to re-configure the device. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References]. CVSS: CRITICAL (9.1) EPSS Score: 0.04% Source: CVE January 28th, 2025 (5 months ago)
CVE-2024-35144	IBM Maximo Application Suite information disclosure Description: IBM Maximo Application Suite 8.10, 8.11, and 9.0 - Monitor Component stores source code on the web server that could aid in further attacks against the system. CVSS: MEDIUM (5.3) EPSS Score: 0.05% Source: CVE January 28th, 2025 (5 months ago)
CVE-2024-35134	IBM Analytics Content Hub information disclosure Description: IBM Analytics Content Hub 2.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. CVSS: MEDIUM (5.3) EPSS Score: 0.05% Source: CVE January 28th, 2025 (5 months ago)
CVE-2024-35117	IBM OpenPages with Watson information disclosure Description: IBM OpenPages with Watson 9.0 may write sensitive information, under specific configurations, in clear text to the system tracing log files that could be obtained by a privileged user. CVSS: MEDIUM (4.4) EPSS Score: 0.05% Source: CVE January 28th, 2025 (5 months ago)
CVE-2024-35114	IBM Control Center information disclosure Description: IBM Control Center 6.2.1 and 6.3.1 could allow a remote attacker to enumerate usernames due to an observable discrepancy between login attempts. CVSS: MEDIUM (5.3) EPSS Score: 0.05% Source: CVE January 28th, 2025 (5 months ago)
CVE-2024-35113	IBM Control Center information disclosure Description: IBM Control Center 6.2.1 and 6.3.1 could allow an authenticated user to obtain sensitive information exposed through a directory listing. CVSS: MEDIUM (4.3) EPSS Score: 0.05% Source: CVE January 28th, 2025 (5 months ago)
CVE-2024-35112	IBM Control Center cross-site scripting Description: IBM Control Center 6.2.1 and 6.3.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. CVSS: MEDIUM (5.4) EPSS Score: 0.05% Source: CVE January 28th, 2025 (5 months ago)
CVE-2024-35111	IBM Control Center information disclosure Description: IBM Control Center 6.2.1 and 6.3.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. CVSS: MEDIUM (4.3) EPSS Score: 0.05% Source: CVE January 28th, 2025 (5 months ago)
CVE-2024-31906	IBM Automation Decision Services information disclosure Description: IBM Automation Decision Services 23.0.2 allows web pages to be stored locally which can be read by another user on the system. CVSS: MEDIUM (6.2) EPSS Score: 0.05% Source: CVE January 28th, 2025 (5 months ago)