Common Vulnerabilities and Exposures (CVE)
CVE-2023-32338
IBM Sterling Secure Proxy and IBM Sterling External Authentication Server 6.0.3 and 6.1.0 stores user credentials in plain clear text which can be read by a local user with container access. IBM X-Force ID: 255585.
CVE-2024-45752
logiops through 0.3.4, in its default configuration, allows any unprivileged user to configure its logid daemon via an unrestricted D-Bus service, including setting malicious keyboard macros. This allows for privilege escalation with minima...
CVE-2023-40636
In telecom service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with System execution privileges needed
CVE-2023-40637
In telecom service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges
CVE-2023-27291
IBM Watson CP4D Data Stores 4.6.0, 4.6.1, 4.6.2, and 4.6.3 does not encrypt sensitive or critical information before storage or transmission which could allow an attacker to obtain sensitive information. IBM X-Force ID: 248740.
CVE-2023-40638
In Telecom service, there is a possible missing permission check. This could lead to local denial of service with System execution privileges needed
CVE-2023-40639
In SoundRecorder service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges
CVE-2023-40640
In SoundRecorder service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges
CVE-2023-40641
In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
CVE-2023-40008
Cross-Site Request Forgery (CSRF) vulnerability in Gangesh Matta Simple Org Chart plugin <= 2.3.4 versions.
CVE-2023-41659
Cross-Site Request Forgery (CSRF) vulnerability in Jules Colle, BDWM Responsive Gallery Grid plugin <= 2.3.10 versions.
CVE-2023-36127
User enumeration is found in in PHPJabbers Appointment Scheduler 3.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack...