EntireX
by IBM
CVEs (10)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-54170 | 0.00 | — | 0.00 | Feb 27, 2025 | IBM EntireX 11.1 could allow a local user to cause a denial of service due to use of a regular expression with an inefficient complexity that consumes excessive CPU cycles. | |||
| CVE-2024-54169 | 0.00 | — | 0.00 | Feb 27, 2025 | IBM EntireX 11.1 could allow an authenticated attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. | |||
| CVE-2025-0759 | 0.00 | — | 0.00 | Feb 27, 2025 | IBM EntireX 11.1 could allow a local user to unintentionally modify data timestamp integrity due to improper shared resource synchronization. | |||
| CVE-2024-56810 | 0.00 | — | 0.00 | Feb 27, 2025 | IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system. | |||
| CVE-2024-56496 | 0.00 | — | 0.00 | Feb 27, 2025 | IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system. | |||
| CVE-2024-56495 | 0.00 | — | 0.00 | Feb 27, 2025 | IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system. | |||
| CVE-2024-56811 | 0.00 | — | 0.00 | Feb 27, 2025 | IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system. | |||
| CVE-2024-56493 | 0.00 | — | 0.00 | Feb 27, 2025 | IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system. | |||
| CVE-2024-56494 | 0.00 | — | 0.00 | Feb 27, 2025 | IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system. | |||
| CVE-2024-56812 | 0.00 | — | 0.00 | Feb 27, 2025 | IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system. |
- CVE-2024-54170Feb 27, 2025risk 0.00cvss —epss 0.00
IBM EntireX 11.1 could allow a local user to cause a denial of service due to use of a regular expression with an inefficient complexity that consumes excessive CPU cycles.
- CVE-2024-54169Feb 27, 2025risk 0.00cvss —epss 0.00
IBM EntireX 11.1 could allow an authenticated attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system.
- CVE-2025-0759Feb 27, 2025risk 0.00cvss —epss 0.00
IBM EntireX 11.1 could allow a local user to unintentionally modify data timestamp integrity due to improper shared resource synchronization.
- CVE-2024-56810Feb 27, 2025risk 0.00cvss —epss 0.00
IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system.
- CVE-2024-56496Feb 27, 2025risk 0.00cvss —epss 0.00
IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system.
- CVE-2024-56495Feb 27, 2025risk 0.00cvss —epss 0.00
IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system.
- CVE-2024-56811Feb 27, 2025risk 0.00cvss —epss 0.00
IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system.
- CVE-2024-56493Feb 27, 2025risk 0.00cvss —epss 0.00
IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system.
- CVE-2024-56494Feb 27, 2025risk 0.00cvss —epss 0.00
IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system.
- CVE-2024-56812Feb 27, 2025risk 0.00cvss —epss 0.00
IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system.