CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

72 matches found

IBM Security Bulletins•added 2 days ago•3 views

Security Bulletin: Multiple security vulnerabilities have been found in IBM Security Directory Integrator

Summary Security vulnerabilities have been addressed in IBM Security Directory Integrator Vulnerability Details CVEID:CVE-2025-53066 DESCRIPTION: An unspecified vulnerability in Java SE related to the JAXP component could allow a remote attacker to cause high confidentiality impact, no integrity...

8.1CVSS6.6AI score0.02123EPSS

Exploits1Affected Software1

NVD•added 2026/05/27 2:16 p.m.•6 views

CVE-2024-28765

IBM SDI 7.2.0.0 through 7.2.0.14 and IBM Security Directory Integrator 10.0.0.0 through 10.0.0.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system...

5.3CVSS0.00041EPSS

Exploits0References1

EUVD•added 2026/05/27 1:47 p.m.•7 views

EUVD-2024-55599

5.3CVSS5.8AI score0.00041EPSS

Exploits0References1

CVE•added 2026/05/27 1:47 p.m.•9 views

CVE-2024-28765

IBM Security Directory Integrator (SDI) and Security Director/Directory Integrator components are affected: SDI 7.2.0.0–7.2.0.14 and IBM Security Directory Integrator 10.0.0.0–10.0.0.2 could allow a remote attacker to obtain sensitive information via a detailed error message returned in the brows...

5.3CVSS5.8AI score0.00041EPSS

Exploits0References1Affected Software1

RedhatCVE•added 2026/01/09 10:52 a.m.•5 views

CVE-2022-33167

IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain sensitive information from the...

7.5CVSS5.9AI score0.00086EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:43 a.m.•18 views

CVE-2022-33162

IBM Security Directory Integrator 7.2.0 and Security Verify Directory Integrator 10.0.0 does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources, at the privilege level of a standard unprivileged user. IBM X-Force I...

9.8CVSS6.7AI score0.00124EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-25853

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.00197EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2024-25858

Malicious code in bioql PyPI...

6.8CVSS6.6AI score0.0026EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2022-36212

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.00086EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2022-36207

Malicious code in bioql PyPI...

9.8CVSS6.5AI score0.00124EPSS

Exploits0References2

BDU FSTEC•added 2025/05/27 12:0 a.m.•3 views

The vulnerability of the IBM Security Directory Integrator, a software tool for synchronizing identity data, and the IBM Security Verify Directory Integrator, an integration tool, lies in their ability to disclose protected information by reading directory files.

The vulnerability of the IBM Security Directory Integrator and IBM Security Verify Directory Integrator software lies in their ability to disclose information by reading directory files. Exploiting this vulnerability allows a malicious actor to disclose protected information...

2.7CVSS5.4AI score0.00094EPSS

Exploits0References3Affected Software2

RedhatCVE•added 2025/05/23 7:45 a.m.•10 views

CVE-2024-28772

IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials...

6.8CVSS5.9AI score0.0026EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 6:28 a.m.•12 views

CVE-2024-28767

IBM Security Directory Integrator 7.2.0 through 7.2.0.13 and 10.0.0 through 10.0.3 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request...

8.8CVSS7.4AI score0.00197EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 1:12 a.m.•8 views

CVE-2022-32759

IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 uses insufficient session expiration which could allow an unauthorized user to obtain sensitive information. IBM X-Force ID: 228565...

7.5CVSS6.2AI score0.00108EPSS

Exploits0References1

IBM Security Bulletins•added 2025/04/15 3:26 a.m.•15 views

Security Bulletin: A Security Vulnerability was discovered in IBM Security Directory Integrator (CVE-2024-28767)

Summary A Security Vulnerability was adressed in IBM Security Directory Integrator. Vulnerability Details CVEID:CVE-2024-28767 DESCRIPTION: IBM Security Directory Integrator could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted...

8.8CVSS7.1AI score0.00197EPSS

Exploits0Affected Software1

BDU FSTEC•added 2025/02/03 12:0 a.m.•2 views

The vulnerability of the IBM Security Directory Integrator and the IBM Security Verify Directory Integrator data integration tools lies in the absence of a “Secure” flag in the session cookies. This allows attackers to gain unauthorized access to protected information.

The vulnerability of the IBM Security Directory Integrator and the IBM Security Verify Directory Integrator data integration tools is related to the absence of the “Secure” flag in the session cookies. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain...

4.9CVSS5.5AI score0.00043EPSS

Exploits0References3Affected Software2

NVD•added 2025/01/27 2:15 a.m.•9 views

CVE-2024-28766

IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 could disclose sensitive information about directory contents that could aid in further attacks against the system...

7.5CVSS0.00094EPSS

Exploits0References1

CVE•added 2025/01/27 1:14 a.m.•42 views

CVE-2024-28766

CVE-2024-28766 affects IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0. The issue is an information disclosure in which sensitive directory contents could be exposed, potentially aiding further attacks. The connected IBM bulletin confirms affected produ...

7.5CVSS3.3AI score0.00094EPSS

Exploits0References1Affected Software2