cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2012-2201,https://securityvulnerability.io/vulnerability/CVE-2012-2201,Denial of Service Vulnerability in IBM WebSphere MQ,"IBM WebSphere MQ 7.1 has a vulnerability that allows a remote attacker to exploit improper handling of user IDs. By exploiting this flaw, the attacker can bypass the security mechanisms configured on a SVRCONN channel, leading to a potential flooding of the queue manager and causing denial of service. This vulnerability highlights the importance of securing message queue environments against unauthorized access and misuse.",IBM,Websphere MQ,7.5,HIGH,0.001180000021122396,false,,false,false,false,,,false,false,,2022-09-29T03:15:00.000Z,0
CVE-2020-4310,https://securityvulnerability.io/vulnerability/CVE-2020-4310,,"IBM MQ and MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 C are vulnerable to a denial of service attack due to an error within the Data Conversion logic. IBM X-Force ID: 177081.",IBM,"Websphere MQ,MQ",5.9,MEDIUM,0.0007099999929778278,false,,false,false,false,,,false,false,,2020-06-16T14:15:00.000Z,0
CVE-2012-4863,https://securityvulnerability.io/vulnerability/CVE-2012-4863,,IBM WebSphere MQ 7.1 and 7.5: Queue manager has a DoS vulnerability,IBM,Websphere MQ,6.5,MEDIUM,0.000859999970998615,false,,false,false,false,,,false,false,,2020-01-23T13:49:42.000Z,0
CVE-2018-1551,https://securityvulnerability.io/vulnerability/CVE-2018-1551,,IBM WebSphere MQ 8.0.0.2 through 8.0.0.8 and 9.0.0.0 through 9.0.0.3 could allow users to have more authority than they should have if an MQ administrator creates an invalid user group name. IBM X-Force ID: 142888.,IBM,Websphere MQ,3.1,LOW,0.0021100000012665987,false,,false,false,false,,,false,false,,2018-08-06T14:29:00.000Z,0
CVE-2018-1503,https://securityvulnerability.io/vulnerability/CVE-2018-1503,,"IBM WebSphere MQ 7.5, 8.0, and 9.0 could allow a remotely authenticated attacker to to send invalid or malformed headers that could cause messages to no longer be transmitted via the affected channel. IBM X-Force ID: 141339.",IBM,Websphere MQ,4.3,MEDIUM,0.00215000007301569,false,,false,false,false,,,false,false,,2018-07-23T13:29:00.000Z,0
CVE-2017-1795,https://securityvulnerability.io/vulnerability/CVE-2017-1795,,"IBM WebSphere MQ 7.5, 8.0, and 9.0 through 9.0.4 could allow a local user to obtain highly sensitive information via trace logs in IBM WebSphere MQ Managed File Transfer. IBM X-Force ID: 137042.",IBM,Websphere MQ,4.4,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2018-07-06T14:29:00.000Z,0
CVE-2018-1374,https://securityvulnerability.io/vulnerability/CVE-2018-1374,,"An IBM WebSphere MQ (Maintenance levels 7.1.0.0 - 7.1.0.9, 7.5.0.0 - 7.5.0.8, 8.0.0.0 - 8.0.0.8, 9.0.0.0 - 9.0.0.2, and 9.0.0 - 9.0.4) client connecting to a Queue Manager could cause a SIGSEGV in the Channel process amqrmppa. IBM X-Force ID: 137775.",IBM,Websphere MQ,5.3,MEDIUM,0.0007300000288523734,false,,false,false,false,,,false,false,,2018-06-26T20:29:00.000Z,0
CVE-2015-1957,https://securityvulnerability.io/vulnerability/CVE-2015-1957,,"IBM WebSphere MQ 7.5.x before 7.5.0.6 and 8.0.x before 8.0.0.3 allows remote authenticated users to obtain sensitive information via a man-in-the-middle attack, related to duplication of message data in cleartext outside the protected payload. IBM X-Force ID: 103482.",IBM,Websphere MQ,5.3,MEDIUM,0.000859999970998615,false,,false,false,false,,,false,false,,2018-04-10T15:00:00.000Z,0
CVE-2018-1388,https://securityvulnerability.io/vulnerability/CVE-2018-1388,,GSKit V7 may disclose side channel information via discrepancies between valid and invalid PKCS#1 padding. IBM X-Force ID: 138212.,IBM,Websphere MQ,7.5,HIGH,0.0016700000269338489,false,,false,false,false,,,false,false,,2018-02-07T17:29:00.000Z,0
CVE-2017-1118,https://securityvulnerability.io/vulnerability/CVE-2017-1118,,IBM WebSphere MQ Internet Pass-Thru 2.0 and 2.1 could allow n attacker to cause the MQIPT to stop responding due to an incorrectly configured security policy. IBM X-Force ID: 121156.,IBM,Websphere MQ,7.5,HIGH,0.0017600000137463212,false,,false,false,false,,,false,false,,2017-08-02T17:29:00.000Z,0
CVE-2017-1145,https://securityvulnerability.io/vulnerability/CVE-2017-1145,,"IBM WebSphere MQ 8.0.0.6 does not properly terminate channel agents when they are no longer needed, which could allow a user to cause a denial of service through resource exhaustion. IBM Reference #: 1999672.",IBM,Websphere MQ,8.6,HIGH,0.0020699999295175076,false,,false,false,false,,,false,false,,2017-03-20T16:00:00.000Z,0
CVE-2016-8971,https://securityvulnerability.io/vulnerability/CVE-2016-8971,,IBM WebSphere MQ 8.0 could allow an authenticated user with queue manager permissions to cause a segmentation fault which would result in the box having to be rebooted to resume normal operations. IBM Reference #: 1998663.,IBM,Websphere MQ,6.5,MEDIUM,0.0007600000244565308,false,,false,false,false,,,false,false,,2017-03-07T17:00:00.000Z,0
CVE-2016-9009,https://securityvulnerability.io/vulnerability/CVE-2016-9009,,IBM WebSphere MQ 8.0 could allow an authenticated user with authority to create a cluster object to cause a denial of service to MQ clustering. IBM Reference #: 1998647.,IBM,Websphere MQ,3.1,LOW,0.0006900000153109431,false,,false,false,false,,,false,false,,2017-02-24T18:00:00.000Z,0
CVE-2016-8915,https://securityvulnerability.io/vulnerability/CVE-2016-8915,,"IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager and queue, to deny service to other channels running under the same process. IBM Reference #: 1998649.",IBM,Websphere MQ,6.5,MEDIUM,0.0009500000160187483,false,,false,false,false,,,false,false,,2017-02-22T19:00:00.000Z,0
CVE-2016-8986,https://securityvulnerability.io/vulnerability/CVE-2016-8986,,IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager to bring down MQ channels using specially crafted HTTP requests. IBM Reference #: 1998648.,IBM,Websphere MQ,6.5,MEDIUM,0.0009500000160187483,false,,false,false,false,,,false,false,,2017-02-22T19:00:00.000Z,0
CVE-2016-3052,https://securityvulnerability.io/vulnerability/CVE-2016-3052,,"Under non-standard configurations, IBM WebSphere MQ might send password data in clear text over the network. This data could be intercepted using man in the middle techniques.",IBM Corporation,WebSphere MQ,5.9,MEDIUM,0.001550000044517219,false,,false,false,false,,,false,false,,2017-02-22T19:00:00.000Z,0
CVE-2016-3013,https://securityvulnerability.io/vulnerability/CVE-2016-3013,,IBM WebSphere MQ 8.0 could allow an authenticated user to crash the MQ channel due to improper data conversion handling. IBM Reference #: 1998661.,IBM Corporation,WebSphere MQ,6.5,MEDIUM,0.000699999975040555,false,,false,false,false,,,false,false,,2017-02-22T19:00:00.000Z,0
CVE-2016-0360,https://securityvulnerability.io/vulnerability/CVE-2016-0360,,"IBM Websphere MQ JMS 7.0.1, 7.1, 7.5, 8.0, and 9.0 client provides classes that deserialize objects from untrusted sources which could allow a malicious user to execute arbitrary Java code by adding vulnerable classes to the classpath. IBM Reference #: 1983457.",IBM Corporation,WebSphere MQ,9.8,CRITICAL,0.004739999771118164,false,,false,false,false,,,false,false,,2017-02-15T19:00:00.000Z,0
CVE-2016-0379,https://securityvulnerability.io/vulnerability/CVE-2016-0379,,"IBM WebSphere MQ 7.5 before 7.5.0.7 and 8.0 before 8.0.0.5 mishandles protocol flows, which allows remote authenticated users to cause a denial of service (channel outage) by leveraging queue-manager rights.",IBM,Websphere MQ,3.1,LOW,0.0010000000474974513,false,,false,false,false,,,false,false,,2016-09-26T01:00:00.000Z,0
CVE-2016-0260,https://securityvulnerability.io/vulnerability/CVE-2016-0260,,Memory leak in queue-manager agents in IBM WebSphere MQ 8.x before 8.0.0.5 allows remote attackers to cause a denial of service (heap memory consumption) by triggering many errors.,IBM,Websphere MQ,7.5,HIGH,0.001930000027641654,false,,false,false,false,,,false,false,,2016-06-29T01:00:00.000Z,0
CVE-2015-7473,https://securityvulnerability.io/vulnerability/CVE-2015-7473,,runmqsc in IBM WebSphere MQ 8.x before 8.0.0.5 allows local users to bypass intended queue-manager command access restrictions by leveraging authority for +connect and +dsp.,IBM,Websphere MQ,2.5,LOW,0.0004199999966658652,false,,false,false,false,,,false,false,,2016-06-26T14:00:00.000Z,0
CVE-2016-0259,https://securityvulnerability.io/vulnerability/CVE-2016-0259,,runmqsc in IBM WebSphere MQ 8.x before 8.0.0.5 allows local users to bypass an intended +dsp authority requirement and obtain sensitive information via unspecified display commands.,IBM,Websphere MQ,2.5,LOW,0.0004199999966658652,false,,false,false,false,,,false,false,,2016-06-26T14:00:00.000Z,0
CVE-2015-7462,https://securityvulnerability.io/vulnerability/CVE-2015-7462,,IBM WebSphere MQ 8.0.0.4 on IBM i platforms allows local users to discover cleartext certificate-keystore passwords within MQ trace output by leveraging administrator privileges to execute the mqcertck program.,IBM,Websphere MQ,4.4,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2016-06-19T20:00:00.000Z,0
CVE-2015-2012,https://securityvulnerability.io/vulnerability/CVE-2015-2012,,"The MQXR service in WMQ Telemetry in IBM WebSphere MQ 7.1 before 7.1.0.7, 7.5 through 7.5.0.5, and 8.0 before 8.0.0.4 uses world-readable permissions for a cleartext file containing the SSL keystore password, which allows local users to obtain sensitive information by reading this file.",IBM,Websphere MQ,4,MEDIUM,0.000699999975040555,false,,false,false,false,,,false,false,,2016-02-08T16:00:00.000Z,0
CVE-2015-4942,https://securityvulnerability.io/vulnerability/CVE-2015-4942,,"IBM WebSphere MQ Light 1.x before 1.0.2 allows remote attackers to cause a denial of service (MQXR service crash) via a series of connect and disconnect actions, a different vulnerability than CVE-2015-4943.",IBM,Websphere MQ Light,5.3,MEDIUM,0.001930000027641654,false,,false,false,false,,,false,false,,2016-01-18T02:00:00.000Z,0