cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-33834,https://securityvulnerability.io/vulnerability/CVE-2023-33834,IBM Security Verify Information Queue information disclosure,IBM Security Verify Information Queue 10.0.4 and 10.0.5 could allow a remote attacker to obtain sensitive information that could aid in further attacks against the system.  IBM X-force ID:  256014.,IBM,Security Verify Information Queue,4.3,MEDIUM,0.000910000002477318,false,,false,false,false,,,false,false,,2023-08-31T14:15:00.000Z,0
CVE-2023-33835,https://securityvulnerability.io/vulnerability/CVE-2023-33835,IBM Security Verify Information Queue information disclosure,IBM Security Verify Information Queue 10.0.4 and 10.0.5 could allow a remote attacker to obtain sensitive information that could aid in further attacks against the system.  IBM X-Force ID:  256015.,IBM,Security Verify Information Queue,4.3,MEDIUM,0.0011599999852478504,false,,false,false,false,,,false,false,,2023-08-31T14:15:00.000Z,0
CVE-2023-33833,https://securityvulnerability.io/vulnerability/CVE-2023-33833,IBM Security Verify Information Queue information disclosure,IBM Security Verify Information Queue 10.0.4 and 10.0.5 stores sensitive information in plain clear text which can be read by a local user.  IBM X-Force ID:  256013.,IBM,Security Verify Information Queue,2.9,LOW,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-08-31T13:15:00.000Z,0
CVE-2022-35286,https://securityvulnerability.io/vulnerability/CVE-2022-35286,Cross-Site Request Forgery Vulnerability in IBM Security Verify Information Queue,"IBM Security Verify Information Queue version 10.0.2 is susceptible to a cross-site request forgery (CSRF) attack. This vulnerability can enable malicious actors to perform unauthorized actions on behalf of a trusted user, exploiting the trust relationship established by the website. It is imperative for users of the affected version to implement safeguards to mitigate the risk of such attacks.",IBM,Security Verify Information Queue,3.1,LOW,0.0007300000288523734,false,,false,false,false,,,false,false,,2022-07-26T15:15:00.000Z,0
CVE-2022-35285,https://securityvulnerability.io/vulnerability/CVE-2022-35285,Cross-Site Request Forgery in IBM Security Verify Information Queue,"IBM Security Verify Information Queue version 10.0.2 contains a vulnerability that is susceptible to cross-site request forgery. This weakness could enable attackers to craft requests that leverage the trust a web application has for the user, thus allowing unauthorized actions without proper authentication. Organizations using this product should implement necessary mitigations to protect against such attacks.",IBM,Security Verify Information Queue,6.5,MEDIUM,0.0007300000288523734,false,,false,false,false,,,false,false,,2022-07-25T18:23:00.000Z,0
CVE-2022-35287,https://securityvulnerability.io/vulnerability/CVE-2022-35287,Hard-coded Credential Vulnerability in IBM Security Verify Information Queue,"IBM Security Verify Information Queue version 10.0.2 contains hard-coded credentials that could jeopardize the security of authentication processes, outbound communications, and internal data encryption. This vulnerability may expose sensitive data, enabling unauthorized access and posing a significant risk to the integrity of the system.",IBM,Security Verify Information Queue,6.8,MEDIUM,0.0010999999940395355,false,,false,false,false,,,false,false,,2022-07-25T18:23:00.000Z,0
CVE-2022-35284,https://securityvulnerability.io/vulnerability/CVE-2022-35284,Sensitive Information Disclosure in IBM Security Verify Information Queue,"IBM Security Verify Information Queue version 10.0.2 contains a vulnerability that may enable unauthorized disclosure of sensitive information. This occurs due to a missing or improperly configured SameSite attribute for critical cookies, potentially exposing data during cross-site requests. Organizations utilizing this software should take immediate action to review their cookie configurations to mitigate the risk associated with this vulnerability.",IBM,Security Verify Information Queue,5.3,MEDIUM,0.001019999966956675,false,,false,false,false,,,false,false,,2022-07-22T00:00:00.000Z,0
CVE-2022-35288,https://securityvulnerability.io/vulnerability/CVE-2022-35288,Information Disclosure Vulnerability in IBM Security Verify Information Queue,"IBM Security Verify Information Queue version 10.0.2 is susceptible to a vulnerability that may allow unauthorized users to access sensitive information. This unauthorized access can potentially be exploited to conduct further attacks on the system, jeopardizing user data and system integrity.",IBM,Security Verify Information Queue,5.3,MEDIUM,0.0005600000149570405,false,,false,false,false,,,false,false,,2022-07-22T00:00:00.000Z,0
CVE-2022-35283,https://securityvulnerability.io/vulnerability/CVE-2022-35283,Denial of Service in IBM Security Verify Information Queue,"IBM Security Verify Information Queue version 10.0.2 is susceptible to a denial of service attack that can be executed by an authenticated user. By sending a specially crafted HTTP request, an attacker could disrupt service and impact the availability of the application. Organizations using this version should take immediate steps to mitigate this vulnerability.",IBM,Security Verify Information Queue,6.5,MEDIUM,0.0007600000244565308,false,,false,false,false,,,false,false,,2022-07-14T17:15:00.000Z,0
CVE-2021-20406,https://securityvulnerability.io/vulnerability/CVE-2021-20406,IBM Security Verify Information Queue information disclosure,IBM Security Verify Information Queue 1.0.6 and 1.0.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 196184.,IBM,Security Verify Information Queue,4.9,MEDIUM,0.0005600000149570405,false,,false,false,false,,,false,false,,2021-02-12T17:15:00.000Z,0
CVE-2021-20408,https://securityvulnerability.io/vulnerability/CVE-2021-20408,,IBM Security Verify Information Queue 1.0.6 and 1.0.7 could disclose highly sensitive information to a local user due to inproper storage of a plaintext cryptographic key. IBM X-Force ID: 198187.,IBM,Security Verify Information Queue,7.1,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-02-12T17:15:00.000Z,0
CVE-2021-20409,https://securityvulnerability.io/vulnerability/CVE-2021-20409,IBM Security Verify Information Queue information disclosure,"IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 196188.",IBM,Security Verify Information Queue,7.5,HIGH,0.0026599999982863665,false,,false,false,false,,,false,false,,2021-02-12T17:15:00.000Z,0
CVE-2021-20411,https://securityvulnerability.io/vulnerability/CVE-2021-20411,,IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a user to impersonate another user on the system due to incorrectly updating the session identifier. IBM X-Force ID: 198191.,IBM,Security Verify Information Queue,7.5,HIGH,0.0005099999834783375,false,,false,false,false,,,false,false,,2021-02-12T17:15:00.000Z,0
CVE-2021-20412,https://securityvulnerability.io/vulnerability/CVE-2021-20412,,"IBM Security Verify Information Queue 1.0.6 and 1.0.7 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 198192.",IBM,Security Verify Information Queue,5.9,MEDIUM,0.0007900000200606883,false,,false,false,false,,,false,false,,2021-02-12T17:15:00.000Z,0
CVE-2021-20407,https://securityvulnerability.io/vulnerability/CVE-2021-20407,IBM Security Verify Information Queue information disclosure,IBM Security Verify Information Queue 1.0.6 and 1.0.7 discloses sensitive information in source code that could be used in further attacks against the system.  IBM X-Force ID:  196185.,IBM,Security Verify Information Queue,7.5,HIGH,0.0010100000072270632,false,,false,false,false,,,false,false,,2021-02-12T17:15:00.000Z,0
CVE-2021-20410,https://securityvulnerability.io/vulnerability/CVE-2021-20410,,IBM Security Verify Information Queue 1.0.6 and 1.0.7 sends user credentials in plain clear text which can be read by an authenticated user using man in the middle techniques. IBM X-Force ID: 198190.,IBM,Security Verify Information Queue,5.3,MEDIUM,0.0005600000149570405,false,,false,false,false,,,false,false,,2021-02-12T17:15:00.000Z,0
CVE-2021-20404,https://securityvulnerability.io/vulnerability/CVE-2021-20404,,IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a user on the network to cause a denial of service due to an invalid cookie value that could prevent future logins. IBM X-Force ID: 196078.,IBM,Security Verify Information Queue,2.6,LOW,0.0007900000200606883,false,,false,false,false,,,false,false,,2021-02-11T17:15:00.000Z,0
CVE-2021-20405,https://securityvulnerability.io/vulnerability/CVE-2021-20405,,IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a user to perform unauthorized activities due to improper encoding of output. IBM X-Force ID: 196183.,IBM,Security Verify Information Queue,3.1,LOW,0.0006399999838322401,false,,false,false,false,,,false,false,,2021-02-11T17:15:00.000Z,0
CVE-2021-20403,https://securityvulnerability.io/vulnerability/CVE-2021-20403,,IBM Security Verify Information Queue 1.0.6 and 1.0.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.,IBM,Security Verify Information Queue,3.1,LOW,0.0007300000288523734,false,,false,false,false,,,false,false,,2021-02-11T17:15:00.000Z,0
CVE-2021-20402,https://securityvulnerability.io/vulnerability/CVE-2021-20402,,IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 196076.,IBM,Security Verify Information Queue,2.7,LOW,0.0007600000244565308,false,,false,false,false,,,false,false,,2021-02-11T17:15:00.000Z,0
CVE-2020-4289,https://securityvulnerability.io/vulnerability/CVE-2020-4289,,"IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, and 1.0.5 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain sensitive information from the cookie. IBM X-Force ID: 176332.",IBM,Security Information Queue,5.3,MEDIUM,0.0010300000431016088,false,,false,false,false,,,false,false,,2020-04-08T14:15:00.000Z,0
CVE-2020-4284,https://securityvulnerability.io/vulnerability/CVE-2020-4284,,"IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, and 1.0.5 could disclose sensitive information to an unauthorized user due to insufficient timeout functionality in the Web UI. IBM X-Force ID: 176207.",IBM,Security Information Queue,5.3,MEDIUM,0.0006399999838322401,false,,false,false,false,,,false,false,,2020-04-08T14:15:00.000Z,0
CVE-2020-4290,https://securityvulnerability.io/vulnerability/CVE-2020-4290,,"IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, and 1.0.5 could allow any authenticated user to spoof the configuration owner of any other user which disclose sensitive information or allow for unauthorized access. IBM X-Force ID: 176333.",IBM,Security Information Queue,4.2,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2020-04-08T14:15:00.000Z,0
CVE-2020-4164,https://securityvulnerability.io/vulnerability/CVE-2020-4164,,"IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, and 1.0.5 could expose sensitive information from applicatino errors which could be used in further attacks against the system. IBM X-Force ID: 174400.",IBM,Security Information Queue,2.7,LOW,0.0005000000237487257,false,,false,false,false,,,false,false,,2020-04-08T14:15:00.000Z,0
CVE-2020-4282,https://securityvulnerability.io/vulnerability/CVE-2020-4282,,"IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, and 1.0.5 could allow an authenticated user to perform unauthorized actions by bypassing illegal character restrictions. X-Force ID: 176205.",IBM,Security Information Queue,3,LOW,0.0005000000237487257,false,,false,false,false,,,false,false,,2020-04-08T14:15:00.000Z,0