Publish Advisories

advisory-database[bot] · advisory-database[bot] · commit 1c449ddaf9d7 · 2025-01-19T15:32:15.000Z
GHSA-4967-722p-c322 GHSA-6mh8-832j-gc49 GHSA-frrr-v394-xgfj GHSA-r8mh-xxfv-4jwj
diff --git a/advisories/unreviewed/2025/01/GHSA-4967-722p-c322/GHSA-4967-722p-c322.json b/advisories/unreviewed/2025/01/GHSA-4967-722p-c322/GHSA-4967-722p-c322.json
@@ -0,0 +1,36 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-4967-722p-c322",
+  "modified": "2025-01-19T15:30:46Z",
+  "published": "2025-01-19T15:30:46Z",
+  "aliases": [
+    "CVE-2024-41743"
+  ],
+  "details": "IBM TXSeries for Multiplatforms 10.1 could allow a remote attacker to cause a denial of service using persistent connections due to improper allocation of resources.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41743"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.ibm.com/support/pages/node/7172103"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-770"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-01-19T15:15:20Z"
+  }
+}
diff --git a/advisories/unreviewed/2025/01/GHSA-6mh8-832j-gc49/GHSA-6mh8-832j-gc49.json b/advisories/unreviewed/2025/01/GHSA-6mh8-832j-gc49/GHSA-6mh8-832j-gc49.json
@@ -0,0 +1,34 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-6mh8-832j-gc49",
+  "modified": "2025-01-19T15:30:46Z",
+  "published": "2025-01-19T15:30:46Z",
+  "aliases": [
+    "CVE-2024-41783"
+  ],
+  "details": "IBM Sterling Secure Proxy 6.0.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, 6.1.0.0, and 6.2.0.0 could allow a privileged user to inject commands into the underlying operating system due to improper validation of a specified type of input.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41783"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.ibm.com/support/pages/node/7176189"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [],
+    "severity": "CRITICAL",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-01-19T15:15:21Z"
+  }
+}
diff --git a/advisories/unreviewed/2025/01/GHSA-frrr-v394-xgfj/GHSA-frrr-v394-xgfj.json b/advisories/unreviewed/2025/01/GHSA-frrr-v394-xgfj/GHSA-frrr-v394-xgfj.json
@@ -0,0 +1,36 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-frrr-v394-xgfj",
+  "modified": "2025-01-19T15:30:45Z",
+  "published": "2025-01-19T15:30:45Z",
+  "aliases": [
+    "CVE-2024-38337"
+  ],
+  "details": "IBM Sterling Secure Proxy 6.0.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, 6.1.0.0, and 6.2.0.0 could allow an unauthorized attacker to retrieve or alter sensitive information contents due to incorrect permission assignments.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38337"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.ibm.com/support/pages/node/7179166"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-732"
+    ],
+    "severity": "CRITICAL",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-01-19T15:15:19Z"
+  }
+}
diff --git a/advisories/unreviewed/2025/01/GHSA-r8mh-xxfv-4jwj/GHSA-r8mh-xxfv-4jwj.json b/advisories/unreviewed/2025/01/GHSA-r8mh-xxfv-4jwj/GHSA-r8mh-xxfv-4jwj.json
@@ -0,0 +1,36 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-r8mh-xxfv-4jwj",
+  "modified": "2025-01-19T15:30:45Z",
+  "published": "2025-01-19T15:30:45Z",
+  "aliases": [
+    "CVE-2024-41742"
+  ],
+  "details": "IBM TXSeries for Multiplatforms 10.1 is vulnerable to a denial of service, caused by improper enforcement of the timeout on individual read operations. By conducting a slowloris-type attacks, a remote attacker could exploit this vulnerability to cause a denial of service.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41742"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.ibm.com/support/pages/node/7172103"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-770"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-01-19T15:15:20Z"
+  }
+}
