Lucene search
K

50 matches found

NVD
NVD
added 2026/06/11 4:16 p.m.13 views

CVE-2024-45636

IBM Security QRadar EDR 3.12 through 3.12.24 stores user credentials in plain text which can be read by a local privileged user...

4.4CVSS0.00094EPSS
Exploits0References1
CVE
CVE
added 2026/06/11 3:10 p.m.30 views

CVE-2024-45636

The CVE-2024-45636 entry concerns IBM Security QRadar EDR. Affected: QRadar EDR 3.12–3.12.24. Issue: credentials are stored in plaintext, readable by a local privileged user (CWE-256). Impact: potential exposure of sensitive credentials on the host; CVSS v3.1 base score 4.1 (L, H, N) with Local a...

4.4CVSS5.4AI score0.00094EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/06/11 3:10 p.m.11 views

EUVD-2024-55619

IBM Security QRadar EDR 3.12 through 3.12.24 stores user credentials in plain text which can be read by a local privileged user...

4.1CVSS5.4AI score0.00094EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/11 3:10 p.m.13 views

CVE-2024-45636 IBM Security QRadar EDR Software has a vulnerability where user credentials may be stored in plain text, potentially exposing sensitive information.

IBM Security QRadar EDR 3.12 through 3.12.24 stores user credentials in plain text which can be read by a local privileged user...

4.1CVSS5.4AI score0.00094EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/11 3:10 p.m.35 views

CVE-2024-45636 IBM Security QRadar EDR Software has a vulnerability where user credentials may be stored in plain text, potentially exposing sensitive information.

IBM Security QRadar EDR 3.12 through 3.12.24 stores user credentials in plain text which can be read by a local privileged user...

4.1CVSS0.00094EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.18 views

IBM Security QRadar EDR 安全漏洞

IBM Security QRadar EDR is a terminal detection and response software developed by the American multinational company IBM. There are security vulnerabilities in versions 3.12 to 3.12.24 of IBM Security QRadar EDR. These vulnerabilities stem from the storage of user credentials in plain text, whic...

4.4CVSS5.3AI score0.00094EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/02 8:49 a.m.19 views

Security Bulletin: Multiple vulnerabilities in IBM Security QRadar EDR Software

Summary Multiple vulnerabilities were addressed in IBM Security QRadar EDR Software version 3.12.25 Vulnerability Details CVEID:CVE-2026-30951 DESCRIPTION: Sequelize is a Node.js ORM tool. Prior to 6.37.8, there is SQL injection via unescaped cast type in JSON/JSONB where clause processing. The...

8.7CVSS7.5AI score0.02228EPSS
Exploits9Affected Software1
RedhatCVE
RedhatCVE
added 2026/02/19 1:27 a.m.15 views

CVE-2025-36377

IBM Security QRadar EDR 3.12 through 3.12.23 does not invalidate session after a session expiration which could allow an authenticated user to impersonate another user on the system...

8.8CVSS5.5AI score0.00185EPSS
Exploits0References1
OSV
OSV
added 2026/02/17 9:22 p.m.4 views

CVE-2025-36376

IBM Security QRadar EDR 3.12 through 3.12.23 does not invalidate session after a session expiration which could allow an authenticated user to impersonate another user on the system...

8.8CVSS5.8AI score0.00185EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/17 8:37 p.m.3 views

CVE-2025-36376 IBM Security QRadar EDR Software has multiple vulnerabilities

IBM Security QRadar EDR 3.12 through 3.12.23 does not invalidate session after a session expiration which could allow an authenticated user to impersonate another user on the system...

6.3CVSS5.5AI score0.00185EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/17 8:37 p.m.28 views

CVE-2025-36376 IBM Security QRadar EDR Software has multiple vulnerabilities

IBM Security QRadar EDR 3.12 through 3.12.23 does not invalidate session after a session expiration which could allow an authenticated user to impersonate another user on the system...

6.3CVSS0.00185EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/17 8:32 p.m.5 views

CVE-2025-36377

IBM Security QRadar EDR 3.12 through 3.12.23 does not invalidate session after a session expiration which could allow an authenticated user to impersonate another user on the system...

6.3CVSS5.5AI score0.00185EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/02/17 8:30 p.m.27 views

CVE-2025-36379 IBM Security QRadar EDR Software has multiple vulnerabilities

IBM Security QRadar EDR 3.12 through 3.12.23 IBM Security ReaQta uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

5.9CVSS0.00143EPSS
Exploits0References1
CVE
CVE
added 2026/02/17 8:30 p.m.12 views

CVE-2025-36379

IBM Security QRadar EDR and IBM Security ReaQta are affected by CVE-2025-36379, where weaker-than-expected cryptographic algorithms could allow decryption of sensitive information. Affected versions: QRadar EDR 3.12 through 3.12.23 (and ReaQta 3.12 through 3.12.23). Root cause: use of insufficien...

7.5CVSS5.5AI score0.00143EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/17 12:0 a.m.7 views

PT-2026-20250

Name of the Vulnerable Software and Affected Versions IBM Security QRadar EDR versions 3.12 through 3.12.23 Description IBM Security QRadar EDR does not invalidate sessions after they expire. This could allow an authenticated user to impersonate another user on the system. Recommendations Update...

6.3CVSS5.4AI score0.00185EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/17 12:0 a.m.21 views

PT-2026-20251

Name of the Vulnerable Software and Affected Versions IBM Security QRadar EDR versions 3.12 through 3.12.23 Description IBM Security QRadar EDR does not invalidate sessions after they expire. This could allow an authenticated user to impersonate another user on the system. Recommendations Update...

6.3CVSS5.4AI score0.00185EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/02/17 12:0 a.m.5 views

PT-2026-20252

Name of the Vulnerable Software and Affected Versions IBM Security QRadar EDR versions 3.12 through 3.12.23 IBM Security ReaQta versions 3.12 through 3.12.23 Description IBM Security QRadar EDR and IBM Security ReaQta utilize cryptographic algorithms that are considered insufficiently strong,...

5.9CVSS5.4AI score0.00143EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/11 4:52 p.m.14 views

Security Bulletin: Multiple vulnerabilities in IBM Security QRadar EDR Software

Summary Multiple vulnerabilities were addressed in IBM Security QRadar EDR Software version 3.12.24 Vulnerability Details CVEID:CVE-2026-21441 DESCRIPTION: urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by readi...

8.9CVSS5.9AI score0.02667EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/11 4:23 p.m.9 views

Security Bulletin: IBM Security QRadar EDR Software has multiple vulnerabilities

Summary IBM Security QRadar EDR Software is affected by multiple vulnerabilities that could allow an attacker to perform cross-site scripting XSS attacks or exploit weak cryptographic algorithms to decrypt sensitive information. These vulnerabilities have been addressed in version 3.12.24...

8.8CVSS4.7AI score0.00844EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/27 12:9 p.m.16 views

Security Bulletin: Multiple vulnerabilities in IBM Security QRadar EDR Software

Summary Multiple vulnerabilities were addressed in IBM Security QRadar EDR Software version 3.12.21 Vulnerability Details CVEID:CVE-2025-58369 DESCRIPTION: fs2 is a compositional, streaming I/O library for Scala. Versions up to and including 2.5.12, 3.0.0-M1 through 3.12.2, and 3.13.0-M1 through...

7.5CVSS6.4AI score0.02164EPSS
Exploits3Affected Software1
Rows per page
Query Builder