cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-51456,https://securityvulnerability.io/vulnerability/CVE-2024-51456,Remote Data Exposure in IBM Robotic Process Automation,"A vulnerability exists in IBM Robotic Process Automation versions 21.0.0 through 21.0.7.19 and 23.0.0 through 23.0.19, where a remote attacker may exploit weaknesses in crypto-analysis to access sensitive data. This risk accentuates the need for vigilant security measures and targeted updates to safeguard valuable information from potential exposure.",IBM,Robotic Process Automation,5.9,MEDIUM,0.0008699999889358878,false,,true,false,true,2025-01-13T07:16:24.000Z,false,false,false,,2025-01-12T13:26:34.770Z,0
CVE-2024-49785,https://securityvulnerability.io/vulnerability/CVE-2024-49785,Cross-Site Scripting Vulnerability in IBM Watsonx.ai,"IBM watsonx.ai versions 1.1 through 2.0.3 and IBM watsonx.ai on Cloud Pak for Data versions 4.8 through 5.0.3 are susceptible to a cross-site scripting vulnerability. This issue enables an authenticated user to inject arbitrary JavaScript code into the Web UI, potentially compromising the intended functionality of the application. If exploited, this vulnerability could lead to security risks such as the disclosure of sensitive information, including user credentials, during a trusted session.",IBM,,5.4,MEDIUM,0.00044999999227002263,false,,true,false,true,2025-01-13T05:14:09.000Z,false,false,false,,2025-01-12T02:15:00.000Z,0
CVE-2024-35133,https://securityvulnerability.io/vulnerability/CVE-2024-35133,IBM Security Verify Access Vulnerability Could Lead to Phishing Attacks,"IBM Security Verify Access versions 10.0.0 through 10.0.8 present an open redirect vulnerability in the OIDC Provider, which can be exploited by remote authenticated attackers to perform phishing attacks. By convincing users to navigate to a specially designed link, attackers can manipulate the displayed URL, redirecting users to malicious sites disguised as legitimate ones. This exploitation can lead to the theft of sensitive information or enable further compromise of the victim's security.",IBM,"Security Verify Access,Security Verify Access Docker",8.2,HIGH,0.0007399999885819852,false,,false,false,true,2024-10-18T18:49:27.000Z,true,false,false,,2024-08-29T16:39:43.913Z,0
CVE-2023-43040,https://securityvulnerability.io/vulnerability/CVE-2023-43040,Unauthorized Access to RGW for Ceph in Spectrum Fusion HCI 2.5.2-2.7.2,IBM Spectrum Fusion HCI versions 2.5.2 through 2.7.2 are susceptible to a vulnerability that could enable an attacker to perform unauthorized actions within the RGW for Ceph. This issue arises from improper access controls related to bucket management. Organizations utilizing these versions are advised to review their configurations and implement security measures to mitigate the risk of exploitation. Reference IBM's advisory for further details.,IBM,Spectrum Fusion Hci,6.5,MEDIUM,0.0004299999854993075,false,,false,false,true,2024-07-30T02:39:14.000Z,true,false,false,,2024-05-14T13:46:00.000Z,0
CVE-2024-25029,https://securityvulnerability.io/vulnerability/CVE-2024-25029,IBM Personal Communications Vulnerable to Remote Code Execution and Local Privilege Escalation,"IBM Personal Communications versions 14.0.6 through 15.0.1 contain a Windows service with a vulnerability that exposes affected systems to remote code execution and local privilege escalation. This vulnerability enables an attacker with unprivileged access and network capabilities to execute commands at the level of NT AUTHORITY\SYSTEM. Consequently, this can lead to unauthorized lateral movement across networks and elevation of privileges, significantly compromising system integrity and security.",IBM,Personal Communications,9,CRITICAL,0.0004299999854993075,false,,true,false,true,2024-04-09T05:39:04.000Z,,false,false,,2024-04-06T11:51:45.548Z,0
CVE-2024-22328,https://securityvulnerability.io/vulnerability/CVE-2024-22328,Maximo Suite Vulnerable to Remote File Access Attack,"IBM Maximo Application Suite versions 8.10 and 8.11 are susceptible to a directory traversal vulnerability that could permit a remote attacker to access sensitive files on the system. This occurs through specially crafted URL requests that include 'dot dot' sequences (/../), allowing unauthorized access to system directories and files. The exploitation could lead to data exposure and potential disclosure of sensitive information.",IBM,Maximo Application Suite,7.5,HIGH,0.0008999999845400453,false,,false,false,true,2024-04-07T22:09:17.000Z,true,false,false,,2024-04-06T11:40:29.742Z,0