Vulnerabilities > IBM
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-03-04 | CVE-2023-32331 | Classic Buffer Overflow vulnerability in IBM Sterling Connect:Express for Unix 1.5.0 IBM Connect:Express for UNIX 1.5.0 is vulnerable to a buffer overflow that could allow a remote attacker to cause a denial of service through its browser UI. | 7.5 |
| 2024-03-04 | CVE-2023-38360 | Unspecified vulnerability in IBM Cics TX 10.1 IBM CICS TX Advanced 10.1 is vulnerable to cross-site scripting. | 6.1 |
| 2024-03-04 | CVE-2023-38362 | Information Exposure Through Discrepancy vulnerability in IBM Cics TX 10.1 IBM CICS TX Advanced 10.1 could disclose sensitive information to a remote attacker due to observable discrepancy in HTTP responses. | 5.3 |
| 2024-03-03 | CVE-2023-27291 | Unspecified vulnerability in IBM Watson Cp4D Data Stores IBM Watson CP4D Data Stores 4.6.0, 4.6.1, 4.6.2, and 4.6.3 does not encrypt sensitive or critical information before storage or transmission which could allow an attacker to obtain sensitive information. | 7.5 |
| 2024-03-03 | CVE-2023-28512 | Unspecified vulnerability in IBM Watson Cp4D Data Stores 4.6.0/4.6.1/4.6.2 IBM Watson CP4D Data Stores 4.6.0, 4.6.1, and 4.6.2 could allow an attacker with specific knowledge about the system to manipulate data due to improper input validation. | 5.9 |
| 2024-03-03 | CVE-2023-43054 | Unspecified vulnerability in IBM Engineering Test Management 7.0.2/7.0.3 IBM Engineering Test Management 7.0.2 and 7.0.3 is vulnerable to stored cross-site scripting. | 5.4 |
| 2024-03-03 | CVE-2024-22355 | Unspecified vulnerability in IBM Cloud PAK for Security and Qradar Suite IBM QRadar Suite Products 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. | 5.9 |
| 2024-03-03 | CVE-2023-47745 | Unspecified vulnerability in IBM MQ Operator IBM MQ Operator 2.0.0 LTS, 2.0.18 LTS, 3.0.0 CD, 3.0.1 CD, 2.4.0 through 2.4.7, 2.3.0 through 2.3.3, 2.2.0 through 2.2.2, and 2.3.0 through 2.3.3 stores or transmits user credentials in plain clear text which can be read by a local user using a trace command. | 5.5 |
| 2024-03-03 | CVE-2024-27255 | Unspecified vulnerability in IBM MQ Operator IBM MQ Operator 2.0.0 LTS, 2.0.18 LTS, 3.0.0 CD, 3.0.1 CD, 2.4.0 through 2.4.7, 2.3.0 through 2.3.3, 2.2.0 through 2.2.2, and 2.3.0 through 2.3.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
| 2024-03-01 | CVE-2023-28525 | Unspecified vulnerability in IBM products IBM Engineering Requirements Management 9.7.2.7 is vulnerable to cross-site scripting. | 4.8 |