Ibm

Qradar Security Information And Event Manager

180 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
2.3

CVE-2025-0164

Media report
  • EPSS 0.01%
  • Published 14.09.2025 13:15:31
  • Last modified 20.09.2025 02:54:49

IBM QRadar SIEM 7.5 through 7.5 Update Pack 13 Independent Fix 01 could allow a local privileged user to perform unauthorized actions on configuration files due to improper permission assignment.

5.4

CVE-2025-36042

Media report
  • EPSS 0.03%
  • Published 22.08.2025 14:55:01
  • Last modified 15.09.2025 19:53:14

IBM QRadar SIEM 7.5 through 7.5.0 Dashboard is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to creden...

7.8

CVE-2025-33120

Media report
  • EPSS 0.02%
  • Published 22.08.2025 14:54:02
  • Last modified 15.09.2025 19:53:47

IBM QRadar SIEM 7.5 through 7.5.0 UP13 could allow an authenticated user to escalate their privileges via a misconfigured cronjob due to execution with unnecessary privileges.

5.4

CVE-2025-33118

  • EPSS 0.03%
  • Published 01.08.2025 17:21:16
  • Last modified 14.08.2025 18:49:42

IBM QRadar SIEM 7.5 through 7.5.0 Update Pack 12 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading...

5.4

CVE-2025-33097

  • EPSS 0.05%
  • Published 15.07.2025 14:29:54
  • Last modified 07.08.2025 00:46:30

IBM QRadar SIEM 7.5 - 7.5.0 UP12 IF02 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credent...

9.1

CVE-2025-33117

Media report
  • EPSS 0.08%
  • Published 19.06.2025 17:16:41
  • Last modified 25.07.2025 17:42:17

IBM QRadar SIEM 7.5 through 7.5.0 Update Package 12 could allow a privileged user to modify configuration files that would allow the upload of a malicious autoupdate file to execute arbitrary commands.

7.1

CVE-2025-33121

Media report
  • EPSS 0.34%
  • Published 19.06.2025 17:14:42
  • Last modified 25.07.2025 17:42:30

IBM QRadar SIEM 7.5 through 7.5.0 Update Package 12 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resourc...

6.2

CVE-2025-36050

Media report
  • EPSS 0.02%
  • Published 19.06.2025 17:13:40
  • Last modified 25.07.2025 17:42:38

IBM QRadar SIEM 7.5 through 7.5.0 Update Package 12 stores potentially sensitive information in log files that could be read by a local user.

4.8

CVE-2024-56463

  • EPSS 0.05%
  • Published 14.02.2025 17:15:16
  • Last modified 14.02.2025 17:15:16

IBM QRadar SIEM 7.5 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a tr...

6.5

CVE-2024-28786

  • EPSS 0.01%
  • Published 28.01.2025 00:15:06
  • Last modified 25.07.2025 18:51:27

IBM QRadar SIEM 7.5 transmits sensitive or security-critical data in cleartext in a communication channel that could be obtained by an unauthorized actor using man in the middle techniques.