Lucene search
K

696 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 8:26 a.m.6 views

CVE-2024-49349

IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4.0 through 3.2.4.1 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading...

6.1CVSS6AI score0.00217EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:10 a.m.8 views

CVE-2024-49339

IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4.0 through 3.2.4.1 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading...

6.4CVSS6AI score0.00215EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 5:5 a.m.8 views

CVE-2023-49880

In the Message Entry and Repair MER facility of IBM Financial Transaction Manager for SWIFT Services 3.2.4 the sending address and the message type of FIN messages are assumed to be immutable. However, an attacker might modify these elements of a business transaction. IBM X-Force ID: 273183...

7.5CVSS6.4AI score0.0054EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 4:36 a.m.3 views

CVE-2023-35892

IBM Financial Transaction Manager for SWIFT Services 3.2.4 is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 258786...

9.1CVSS6.5AI score0.00816EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 1:24 a.m.5 views

CVE-2022-43872

IBM Financial Transaction Manager 3.2.4 authorization checks are done incorrectly for some HTTP requests which allows getting unauthorized technical information e.g. event log entries about the FTM SWIFT system. IBM X-Force ID: 239708...

5.3CVSS6.2AI score0.00491EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:57 a.m.9 views

CVE-2022-43871

IBM Financial Transaction Manager for SWIFT Services 3.2.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM...

5.4CVSS6.1AI score0.00371EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:57 a.m.8 views

CVE-2022-43875

IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 could allow an authenticated user to lock additional RM authorizations, resulting in a denial of service on displaying or managing these authorizations. IBM X-Force ID: 240034...

6.2CVSS6.4AI score0.00183EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:42 p.m.9 views

CVE-2020-5026

IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.2.0 through 3.2.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM...

7.5CVSS6AI score0.00746EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 5:42 p.m.3 views

CVE-2020-5001

IBM Financial Transaction Manager 3.2.0 through 3.2.7 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system. IBM X-Force ID: 192953...

7.5CVSS6.5AI score0.01019EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 5:8 p.m.8 views

CVE-2020-4556

IBM Financial Transaction Manager for High Value Payments for Multi-Platform 3.2.0 through 3.2.10 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 183329...

4CVSS5.8AI score0.00187EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 4:42 p.m.5 views

CVE-2020-5002

IBM Financial Transaction Manager 3.2.0 through 3.2.10 could allow an authenticated user to perform unauthorized actions due to improper validation. IBM X-Force ID: 192954...

8.8CVSS6.3AI score0.00583EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 4:18 a.m.5 views

CVE-2019-1219

An information disclosure vulnerability exists when the Windows Transaction Manager improperly handles objects in memory, aka 'Windows Transaction Manager Information Disclosure Vulnerability'...

5.5CVSS6.2AI score0.01699EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/26 3:36 a.m.80 views

Security Bulletin: Financial Transaction Manager for Digital Payments, High Value Payments and Corporate Payment Services are impacted by multiple vulnerabilities.

Summary The vulnerabilities addressed include access control, sensitive information disclosure, cross site scripting and directory traversal. Vulnerability Details CVEID:CVE-2020-5002 DESCRIPTION: IBM Financial Transaction Manager could allow an authenticated user to perform unauthorized actions...

9.1CVSS6.5AI score0.01836EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/26 3:35 a.m.23 views

Security Bulletin: IBM FTM for ACH Services and Check Services (v3.0.2.1 - v3.0.5) is impacted by a directory traversal vulnerability.

Summary The vulnerability addressed allowed a remote attacker to traverse server directories. Vulnerability Details CVEID:CVE-2020-5001 DESCRIPTION: IBM Financial Transaction Manager 3.2.0 through 3.2.7 could allow a remote attacker to traverse directories on the system. An attacker could send a...

7.5CVSS5.5AI score0.01019EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/26 2:49 a.m.47 views

Security Bulletin: Multiple Vulnerabilities Affect IBM Financial Transaction Manager for SWIFT Services (CVE-2022-4387, CVE-2022-43875)

Summary Multiple vulnerabilities affect IBM Financial Transaction Manager for SWIFT Services. These are addressed. Vulnerability Details CVEID:CVE-2022-43872 DESCRIPTION: IBM Financial Transaction Manager authorization checks are done incorrectly for some HTTP requests which allows getting...

6.2CVSS5.7AI score0.00491EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/04 8:59 p.m.32 views

Security Bulletin: Financial Transaction Manager for Digital Payments is impacted by multiple vulnerabilities in IBM Java SE

Summary Multiple vulnerabilities were addressed in Financial Transaction Manager 3.2.13 for Digital Payments, Corporate Payment Services and High Value Payments. Vulnerability Details CVEID:CVE-2024-21094 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow...

7.5CVSS7.5AI score0.01361EPSS
Exploits0Affected Software1
OSV
OSV
added 2025/01/31 5:15 p.m.5 views

CVE-2024-49339

IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4.0 through 3.2.4.1 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading...

5.4CVSS5.5AI score0.00215EPSS
Exploits0References1
NVD
NVD
added 2025/01/31 5:15 p.m.13 views

CVE-2024-49339

IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4.0 through 3.2.4.1 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading...

6.4CVSS0.00215EPSS
Exploits0References1
OSV
OSV
added 2025/01/31 5:15 p.m.5 views

CVE-2024-49349

IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4.0 through 3.2.4.1 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading...

5.4CVSS5.5AI score0.00217EPSS
Exploits0References1
NVD
NVD
added 2025/01/31 5:15 p.m.12 views

CVE-2024-49349

IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4.0 through 3.2.4.1 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading...

6.1CVSS0.00217EPSS
Exploits0References1
Rows per page
Query Builder