cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-39727,https://securityvulnerability.io/vulnerability/CVE-2024-39727,Web Link Vulnerability in IBM Engineering Insights Product Line,IBM Engineering Lifecycle Optimization - Engineering Insights versions 7.0.2 and 7.0.3 contain a significant vulnerability resulting from the use of web links with untrusted references to external sites. A remote attacker can exploit this issue to expose sensitive information or execute unauthorized actions through the victim's web browser. Organizations utilizing these affected versions should assess their security posture and take appropriate measures to mitigate potential risks.,IBM,Engineering Insights,6.1,MEDIUM,0.0004600000102072954,false,false,false,false,,false,false,2024-12-25T13:59:06.713Z,0
CVE-2024-39725,https://securityvulnerability.io/vulnerability/CVE-2024-39725,Remote Information Exposure Vulnerability in IBM Engineering Insights,"IBM Engineering Lifecycle Optimization - Engineering Insights versions 7.0.2 and 7.0.3 are impacted by a vulnerability that permits remote attackers to gain sensitive information. This risk arises when detailed technical error messages are outputted in the browser, potentially revealing crucial data that may be exploited to conduct further attacks on the system. Organizations utilizing affected versions should take immediate action to mitigate risks associated with unauthorized information disclosure.",IBM,Engineering Insights,5.3,MEDIUM,0.0004600000102072954,false,false,false,false,,false,false,2024-12-25T13:56:55.358Z,0
CVE-2024-39726,https://securityvulnerability.io/vulnerability/CVE-2024-39726,XML External Entity Injection Vulnerability in IBM Engineering Insights,"An XML External Entity Injection (XXE) vulnerability has been identified in IBM Engineering Lifecycle Optimization - Engineering Insights versions 7.0.2 and 7.0.3, which may allow remote attackers to exploit XML data processing weaknesses. This type of attack can lead to the exposure of sensitive information and may enable attackers to consume system memory resources, thereby impacting application performance and integrity.",IBM,Engineering Lifecycle Optimization - Engineering Insights,8.2,HIGH,0.0008699999889358878,false,false,false,false,,false,false,2024-11-15T17:15:00.000Z,0