Total
14 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-43035 | 2025-04-11 | N/A | 4.0 MEDIUM | ||
| IBM Sterling Control Center 6.2.1, 6.3.1, and 6.4.0 allows web pages to be stored locally which can be read by another user on the system. | |||||
| CVE-2023-27545 | 1 Ibm | 1 Cloud Pak For Data | 2025-04-01 | N/A | 4.0 MEDIUM |
| IBM Watson CloudPak for Data Data Stores information disclosure 4.6.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 248947. | |||||
| CVE-2023-23469 | 1 Ibm | 1 Cloud Pak For Business Automation | 2025-03-26 | N/A | 4.0 MEDIUM |
| IBM ICP4A - Automation Decision Services 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 244504. | |||||
| CVE-2024-25142 | 1 Apache | 1 Airflow | 2025-03-20 | N/A | 5.5 MEDIUM |
| Use of Web Browser Cache Containing Sensitive Information vulnerability in Apache Airflow. Airflow did not return "Cache-Control" header for dynamic content, which in case of some browsers could result in potentially storing sensitive data in local cache of the browser. This issue affects Apache Airflow: before 2.9.2. Users are recommended to upgrade to version 2.9.2, which fixes the issue. | |||||
| CVE-2024-31906 | 2025-01-26 | N/A | 6.2 MEDIUM | ||
| IBM Automation Decision Services 23.0.2 allows web pages to be stored locally which can be read by another user on the system. | |||||
| CVE-2024-22349 | 2025-01-20 | N/A | 4.0 MEDIUM | ||
| IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity 4.0.0 through 4.0. 25 allows web pages to be stored locally which can be read by another user on the system. | |||||
| CVE-2024-22343 | 1 Ibm | 1 Txseries For Multiplatform | 2025-01-14 | N/A | 4.0 MEDIUM |
| IBM TXSeries for Multiplatforms 8.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 280190. | |||||
| CVE-2022-43841 | 1 Ibm | 1 Aspera Console | 2025-01-08 | N/A | 4.0 MEDIUM |
| IBM Aspera Console 3.4.0 through 3.4.2 PL9 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 239078. | |||||
| CVE-2024-30130 | 2024-11-21 | N/A | 3.7 LOW | ||
| HCL Nomad server on Domino is vulnerable to the cache containing sensitive information which could potentially give an attacker the ability to acquire the sensitive information. | |||||
| CVE-2024-22333 | 1 Ibm | 2 Maximo Application Suite, Maximo Asset Management | 2024-11-21 | N/A | 3.3 LOW |
| IBM Maximo Asset Management 7.6.1.3 and IBM Maximo Application Suite 8.10 and 8.11 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 279973. | |||||
| CVE-2023-46181 | 1 Ibm | 1 Sterling Secure Proxy | 2024-11-21 | N/A | 4.0 MEDIUM |
| IBM Sterling Secure Proxy 6.0.3 and 6.1.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 269686. | |||||
| CVE-2022-38383 | 1 Ibm | 2 Cloud Pak For Security, Qradar Suite | 2024-11-21 | N/A | 4.0 MEDIUM |
| IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.11.0 and IBM QRadar Software Suite 1.10.12.0 through 1.10.21.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 233673. | |||||
| CVE-2021-42015 | 1 Mendix | 1 Mendix | 2024-11-21 | 1.9 LOW | 5.5 MEDIUM |
| A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.26), Mendix Applications using Mendix 8 (All versions < V8.18.12), Mendix Applications using Mendix 9 (All versions < V9.6.1). Applications built with affected versions of Mendix Studio Pro do not prevent file documents from being cached when files are opened or downloaded using a browser. This could allow a local attacker to read those documents by exploring the browser cache. | |||||
| CVE-2024-45314 | 1 Dpgaspar | 1 Flask App Builder | 2024-09-12 | N/A | 3.6 LOW |
| Flask-AppBuilder is an application development framework. Prior to version 4.5.1, the auth DB login form default cache directives allows browser to locally store sensitive data. This can be an issue on environments using shared computer resources. Version 4.5.1 contains a patch for this issue. If upgrading is not possible, configure one's web server to send the specific HTTP headers for `/login` per the directions provided in the GitHub Security Advisory. | |||||