VYPR

Security ReaQta

by IBM

CVEs (9)

  • CVE-2025-36379Feb 17, 2026
    risk 0.00cvss epss 0.00

    IBM Security QRadar EDR 3.12 through 3.12.23 IBM Security ReaQta uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

  • CVE-2024-45641May 20, 2025
    risk 0.00cvss epss 0.00

    IBM Security ReaQta EDR 3.12 could allow an attacker to perform unauthorized actions due to improper SSL certificate validation.

  • CVE-2023-33861May 20, 2025
    risk 0.00cvss epss 0.00

    IBM Security ReaQta EDR 3.12 could allow an attacker to spoof a trusted entity by interfering with the communication path between the host and client.

  • CVE-2024-45644Mar 19, 2025
    risk 0.00cvss epss 0.00

    IBM Security ReaQta 3.12 allows a privileged user to upload or transfer files of dangerous types that can be automatically processed within the product's environment.

  • CVE-2024-45654Jan 19, 2025
    risk 0.00cvss epss 0.00

    IBM Security ReaQta 3.12 could allow an authenticated user to perform unauthorized actions due to reliance on untrusted inputs.

  • CVE-2024-45100Jan 7, 2025
    risk 0.00cvss epss 0.01

    IBM Security ReaQta 3.12 could allow a privileged user to cause a denial of service by sending multiple administration requests due to improper allocation of resources.

  • CVE-2024-45640Jan 7, 2025
    risk 0.00cvss epss 0.00

    IBM Security ReaQta 3.12 returns sensitive information in an HTTP response that could be used in further attacks against the system.

  • CVE-2024-45642Nov 14, 2024
    risk 0.00cvss epss 0.00

    IBM Security ReaQta 3.12 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

  • CVE-2024-45099Nov 14, 2024
    risk 0.00cvss epss 0.00

    IBM Security ReaQta 3.12 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.