CVE-2024-45636

The CVE-2024-45636 entry concerns IBM Security QRadar EDR. Affected: QRadar EDR 3.12–3.12.24. Issue: credentials are stored in plaintext, readable by a local privileged user (CWE-256). Impact: potential exposure of sensitive credentials on the host; CVSS v3.1 base score 4.1 (L, H, N) with Local a...

CVE-2024-45636 IBM Security QRadar EDR Software has a vulnerability where user credentials may be stored in plain text, potentially exposing sensitive information.

IBM Security QRadar EDR 3.12 through 3.12.24 stores user credentials in plain text which can be read by a local privileged user...

EUVD-2024-55619

IBM Security QRadar EDR 3.12 through 3.12.24 stores user credentials in plain text which can be read by a local privileged user...

IBM Security QRadar EDR 安全漏洞

IBM Security QRadar EDR is a terminal detection and response software developed by the American multinational company IBM. There are security vulnerabilities in versions 3.12 to 3.12.24 of IBM Security QRadar EDR. These vulnerabilities stem from the storage of user credentials in plain text, whic...

CVE-2025-36187 Multiple Security vulnerabilities affecting IBM Knowledge Catalog Standard Cartridge

IBM Knowledge Catalog Standard Cartridge 5.0.0, 5.0.1, 5.0.2, 5.0.3, 5.1, 5.1.1, 5,1.2, 5.1.3, 5.2.0, 5.2.1 stores potentially sensitive information in log files that could be read by a local privileged user...

EUVD-2025-208460

IBM Planning Analytics Advanced Certified Containers 3.1.0 through 3.1.4 could allow a local privileged user to obtain sensitive information from environment variables...

IBM Planning Analytics Advanced Certified Containers 安全漏洞

IBM Planning Analytics Advanced Certified Containers is a containerized enterprise planning and analysis software deployment component provided by the American multinational company IBM. Versions 3.1.0 to 3.1.4 of IBM Planning Analytics Advanced Certified Containers contain security...

Acronis Cyber Protect和Acronis Cyber Protect Cloud Agent 安全漏洞

Acronis Cyber Protect and Acronis Cyber Protect Cloud Agent are products developed by Acronis AG from Switzerland. Acronis Cyber Protect is an integrated network protection solution for businesses and enterprises. It combines features such as backup, anti-malware, network security, and endpoint...

CVE-2025-13925

IBM Aspera Console 3.4.7 stores potentially sensitive information in log files that could be read by a local privileged user. Affected product: IBM Aspera Console 3.4.7. Root cause: log files may contain sensitive data, enabling read access by an unauthorized local user. Remediation: upgrade to I...

EUVD-2007-5473

Malware in sbrugna...

EUVD-2017-14933

Malware in sbrugna...

Access Control Bypass

Overview Affected versions of this package are vulnerable to Access Control Bypass via the process handling user data. An attacker can execute arbitrary code, access sensitive information, or cause a denial of service by leveraging local access with high privileges. Remediation A fix was pushed...

CVE-2024-45638

IBM Security QRadar 3.12 EDR stores user credentials in plain text which can be read by a local privileged user...

PT-2024-33693 · Ibm · Ibm Security Guardium Key Lifecycle Manager

Name of the Vulnerable Software and Affected Versions: IBM Security Guardium Key Lifecycle Manager versions 4.1, 4.1.1, 4.2.0, and 4.2.1 Description: The issue concerns the storage of potentially sensitive information in log files by IBM Security Guardium Key Lifecycle Manager. This information...

CVE-2024-28799

IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 displays sensitive data improperly to a local privileged user, in non default configurations, during back-end commands which may result in the unexpected disclosure of this information...

PT-2024-37955 · Zowe Cli · Zowe Cli

Name of the Vulnerable Software and Affected Versions: Zowe CLI affected versions not specified Description: A vulnerability in Zowe CLI allows local, privileged actors to display securely stored properties in cleartext within a terminal using the '--show-inputs-only' flag. Recommendations: At th...

CVE-2024-0340

CVE-2024-0340 is confirmed in the Linux kernel, affecting the vhost_new_msg path in drivers/vhost/vhost.c. The issue arises from memory not being properly initialized when building messages exchanged between virtual guests and the host via /dev/vhost-net, enabling local privileged users to read k...

CVE-2024-0340

A vulnerability was found in vhostnewmsg in drivers/vhost/vhost.c in the Linux kernel, which does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhostnewmsg function. This issue can allow local privileged users to read...

UBUNTU-CVE-2023-4394

A use-after-free flaw was found in btrfsgetdevargsfrompath in fs/btrfs/volumes.c in btrfs file-system in the Linux Kernel. This flaw allows a local attacker with special privileges to cause a system crash or leak internal kernel information...

Path traversal

A CWE-427 - Uncontrolled Search Path Element vulnerability exists that could allow an attacker with a local privileged account to place a specially crafted file on the target machine, which may give the attacker the ability to execute arbitrary code during the installation process initiated by a...