Vulnerabilities > IBM > Cics TX
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-11-14 | CVE-2022-34319 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Cics TX 11.7 IBM CICS TX 11.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
2022-11-14 | CVE-2022-34329 | Unspecified vulnerability in IBM Cics TX 11.7 IBM CICS TX 11.7 could allow an attacker to obtain sensitive information from HTTP response headers. | 5.3 |
2022-11-14 | CVE-2022-38705 | Unspecified vulnerability in IBM Cics TX 11.1 IBM CICS TX 11.1 Standard and Advanced could allow a remote attacker to bypass security restrictions, caused by a reverse tabnabbing flaw. | 6.1 |
2022-10-07 | CVE-2022-34308 | Allocation of Resources Without Limits or Throttling vulnerability in IBM Cics TX 11.1 IBM CICS TX 11.1 could allow a local user to cause a denial of service due to improper load handling. | 5.5 |
2022-08-01 | CVE-2022-34307 | Missing Encryption of Sensitive Data vulnerability in IBM Cics TX 11.1 IBM CICS TX 11.1 does not set the secure attribute on authorization tokens or session cookies. | 4.3 |
2022-07-08 | CVE-2022-34160 | Cross-site Scripting vulnerability in IBM Cics TX 11.1 IBM CICS TX Standard and Advanced 11.1 is vulnerable to HTML injection. | 5.4 |
2022-07-08 | CVE-2022-34166 | Cross-site Scripting vulnerability in IBM Cics TX 11.1 IBM CICS TX Standard and Advanced 11.1 is vulnerable to cross-site scripting. | 3.5 |
2022-07-08 | CVE-2022-34167 | Cross-site Scripting vulnerability in IBM Cics TX 11.1 IBM CICS TX Standard and Advanced 11.1 is vulnerable to stored cross-site scripting. | 3.5 |
2022-07-08 | CVE-2022-34306 | Cross-site Scripting vulnerability in IBM Cics TX 11.1 IBM CICS TX Standard and Advanced 11.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. | 5.4 |
2022-06-24 | CVE-2022-31767 | OS Command Injection vulnerability in IBM Cics TX 11.1 IBM CICS TX Standard and Advanced 11.1 could allow a remote attacker to execute arbitrary commands on the system by sending a specially crafted request. | 10.0 |