cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-49351,https://securityvulnerability.io/vulnerability/CVE-2024-49351,IBM Workload Scheduler Stores User Credentials in Plain Text,"IBM Workload Scheduler 9.5, 10.1, and 10.2 stores user credentials in plain text which can be read by a local user.",IBM,Workload Scheduler,5.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-11-26T03:11:52.593Z,0
CVE-2022-38389,https://securityvulnerability.io/vulnerability/CVE-2022-38389,IBM Tivoli Workload Scheduler XML external entity injection,"IBM Tivoli Workload Scheduler versions 9.4, 9.5, and 10.1 are susceptible to an XML External Entity Injection (XXE) attack that occurs when the software processes XML data. An attacker could exploit this vulnerability remotely, allowing them to expose sensitive information or deplete memory resources, leading to potential service disruption.",IBM,Tivoli Workload Scheduler,7.1,HIGH,0.001550000044517219,false,,false,false,false,,,false,false,,2023-02-03T00:15:00.000Z,0
CVE-2022-22486,https://securityvulnerability.io/vulnerability/CVE-2022-22486,IBM Tivoli Workload Scheduler XML external entity injection,"IBM Tivoli Workload Scheduler versions 9.4, 9.5, and 10.1 are susceptible to an XML External Entity Injection (XXE) attack, which can be exploited by a remote attacker. By sending specially crafted XML data, an attacker may gain access to sensitive information or exhaust system memory resources, leading to potential service disruptions or data breaches. This vulnerability necessitates immediate attention to mitigate risks associated with unauthorized access to data and denial of service.",IBM,Tivoli Workload Scheduler,10,CRITICAL,0.001550000044517219,false,,false,false,false,,,false,false,,2023-02-02T17:45:36.250Z,0
CVE-2022-22369,https://securityvulnerability.io/vulnerability/CVE-2022-22369,Local File Overwrite Vulnerability in IBM Workload Scheduler,"IBM Workload Scheduler versions 9.4 and 9.5 are susceptible to a local file overwrite vulnerability, allowing a local user to overwrite key system files. This action can lead to system instability and potential crashes, compromising the integrity and availability of the affected systems. It is essential for users to implement appropriate security measures to mitigate the risks associated with this vulnerability.",IBM,Workload Scheduler,6.2,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2022-08-10T17:15:00.000Z,0
CVE-2021-20349,https://securityvulnerability.io/vulnerability/CVE-2021-20349,Stack-based Buffer Overflow in IBM Tivoli Workload Scheduler,"IBM Tivoli Workload Scheduler versions 9.4 and 9.5 have a vulnerability that allows local attackers to exploit a stack-based buffer overflow due to improper bounds checking. This can enable unauthorized access to lower-level privileges, potentially compromising system integrity and security configurations. It is essential for users of the affected versions to apply the appropriate security updates to mitigate this risk.",IBM,Workload Scheduler,5.9,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-08-09T16:15:00.000Z,0
CVE-2020-4380,https://securityvulnerability.io/vulnerability/CVE-2020-4380,,IBM Workload Scheduler 9.3.0.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 179160.,IBM,Workload Scheduler,5.4,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2020-06-11T12:15:00.000Z,0
CVE-2019-4608,https://securityvulnerability.io/vulnerability/CVE-2019-4608,,IBM Tivoli Workload Scheduler 9.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 168508.,IBM,Workload Scheduler,5.4,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2020-03-10T12:15:00.000Z,0
CVE-2019-4031,https://securityvulnerability.io/vulnerability/CVE-2019-4031,,"IBM Workload Scheduler Distributed 9.2, 9.3, 9.4, and 9.5 contains a vulnerability that could allow a local user to write files as root in the file system, which could allow the attacker to gain root privileges. IBM X-Force ID: 155997.",IBM,Workload Scheduler Distributed,8.4,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2019-10-16T13:15:00.000Z,0
CVE-2018-1386,https://securityvulnerability.io/vulnerability/CVE-2018-1386,,"IBM Tivoli Workload Automation for AIX (IBM Workload Scheduler 8.6, 9.1, 9.2, 9.3, and 9.4) contains directories with improper permissions that could allow a local user to with special access to gain root privileges. IBM X-Force ID: 138208.",IBM,Workload Scheduler,7.4,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2018-03-14T00:29:00.000Z,0
CVE-2017-1716,https://securityvulnerability.io/vulnerability/CVE-2017-1716,,"IBM Tivoli Workload Scheduler 8.6.0, 9.1.0, and 9.2.0 could disclose sensitive information to a local attacker due to improper permission settings. IBM X-Force ID: 134638.",IBM,Tivoli Workload Scheduler,3.3,LOW,0.0004199999966658652,false,,false,false,false,,,false,false,,2017-12-13T18:29:00.000Z,0