Vulnerabilities > IBM
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-22 | CVE-2023-50308 | Unspecified vulnerability in IBM DB2 IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5 under certain circumstances could allow an authenticated user to the database to cause a denial of service when a statement is run on columnar tables. | 6.5 |
| 2024-01-19 | CVE-2023-32337 | Server-Side Request Forgery (SSRF) vulnerability in IBM Maximo Application Suite and Maximo Asset Management IBM Maximo Spatial Asset Management 8.10 is vulnerable to server-side request forgery (SSRF). | 5.4 |
| 2024-01-19 | CVE-2023-47718 | Unspecified vulnerability in IBM Maximo Application Suite and Maximo Asset Management IBM Maximo Asset Management 7.6.1.3 and Manage Component 8.10 through 8.11 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2024-01-19 | CVE-2023-50963 | Unspecified vulnerability in IBM Storage Defender Data Protect 1.4.1 IBM Storage Defender - Data Protect 1.0.0 through 1.4.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. | 5.4 |
| 2024-01-19 | CVE-2023-35020 | Unspecified vulnerability in IBM Sterling Control Center 6.3.0 IBM Sterling Control Center 6.3.0 could allow a remote attacker to traverse directories on the system. | 5.3 |
| 2024-01-19 | CVE-2023-38738 | Unspecified vulnerability in IBM Openpages With Watson 9.0 IBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in a OpenPages environment using Native authentication. | 8.1 |
| 2024-01-19 | CVE-2023-40683 | Unspecified vulnerability in IBM Openpages With Watson 9.0 IBM OpenPages with Watson 8.3 and 9.0 could allow remote attacker to bypass security restrictions, caused by insufficient authorization checks. | 8.8 |
| 2024-01-18 | CVE-2024-22317 | Unspecified vulnerability in IBM APP Connect Enterprise IBM App Connect Enterprise 11.0.0.1 through 11.0.0.24 and 12.0.1.0 through 12.0.11.0 could allow a remote attacker to obtain sensitive information or cause a denial of service due to improper restriction of excessive authentication attempts. | 9.1 |
| 2024-01-17 | CVE-2023-50950 | Unspecified vulnerability in IBM Qradar Security Information and Event Manager 7.5.0 IBM QRadar SIEM 7.5 could disclose sensitive email information in responses from offense rules. | 5.3 |
| 2024-01-11 | CVE-2023-31001 | Unspecified vulnerability in IBM products IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.6.1) temporarily stores sensitive information in files that could be accessed by a local user. | 5.5 |