cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-41787,https://securityvulnerability.io/vulnerability/CVE-2024-41787,Remote Code Execution Vulnerability in IBM Engineering Requirements Management DOORS,"A vulnerability in IBM Engineering Requirements Management DOORS versions 7.0.2 and 7.0.3 allows attackers to bypass security restrictions due to a race condition. An attacker can exploit this issue by sending a specially crafted request, potentially leading to remote code execution, compromising the integrity and confidentiality of the system.",IBM,Engineering Requirements Management Doors Next,9.8,CRITICAL,0.000910000002477318,false,,false,false,false,,false,false,false,,2025-01-10T13:18:51.866Z,146
CVE-2023-45192,https://securityvulnerability.io/vulnerability/CVE-2023-45192,IBM Engineering Requirements Management DOORS Next Vulnerable to XML External Entity Injection Attack,"The vulnerability in IBM Engineering Requirements Management DOORS Next versions 7.0.2 and 7.0.3 is related to XML External Entity Injection (XXE). This flaw allows a remote attacker to exploit the XML processing mechanism, which could lead to the exposure of sensitive information stored within the application. Additionally, this vulnerability could enable an attacker to consume memory resources, potentially leading to application unavailability. Organizations using the affected versions should consider applying patches or mitigations to protect against potential exploitation. For more information, refer to IBM's official advisory and the vulnerability database entry.",IBM,Engineering Requirements Management Doors Next,8.2,HIGH,0.0007600000244565308,false,,false,false,false,,,false,false,,2024-06-06T18:49:05.734Z,0
CVE-2014-3092,https://securityvulnerability.io/vulnerability/CVE-2014-3092,,"IBM Jazz Team Server, as used in Rational Collaborative Lifecycle Management; Rational Quality Manager 3.x before 3.0.1.6 iFix 3, 4.x before 4.0.7, and 5.x before 5.0.1; and other Rational products, does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.",IBM,"Rational Engineering Lifecycle Manager,Rational Requirements Composer,Rational Software Architect Design Manager,Rational Quality Manager,Rational Team Concert,Rational Rhapsody Design Manager,Rational Doors Next Generation",,,0.001769999973475933,false,,false,false,false,,,false,false,,2014-09-12T01:00:00.000Z,0