Vulnerabilities > IBM

DATE CVE VULNERABILITY TITLE RISK
2024-01-11 CVE-2023-31003 Link Following vulnerability in IBM products
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.6.1) could allow a local user to obtain root access due to improper access controls.
local
low complexity
ibm CWE-59
7.8
7.8
2024-01-11 CVE-2023-38267 Unspecified vulnerability in IBM products
IBM Security Access Manager Appliance (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.6.1) could allow a local user to possibly elevate their privileges due to sensitive configuration information being exposed.
local
low complexity
ibm
5.5
5.5
2024-01-11 CVE-2023-45169 Unspecified vulnerability in IBM AIX and Vios
IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the pmsvcs kernel extension to cause a denial of service.
local
low complexity
ibm
5.5
5.5
2024-01-11 CVE-2023-45171 Unspecified vulnerability in IBM AIX and Vios
IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the kernel to cause a denial of service.
local
low complexity
ibm
5.5
5.5
2024-01-11 CVE-2023-45173 Unspecified vulnerability in IBM AIX and Vios
IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the NFS kernel extension to cause a denial of service.
local
low complexity
ibm
5.5
5.5
2024-01-11 CVE-2023-45175 Unspecified vulnerability in IBM AIX and Vios
IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the TCP/IP kernel extension to cause a denial of service.
local
low complexity
ibm
5.5
5.5
2024-01-08 CVE-2023-47140 Unspecified vulnerability in IBM Cics Transaction Gateway 9.3
IBM CICS Transaction Gateway 9.3 could allow a user to transfer or view files due to improper access controls.
network
low complexity
ibm
8.1
8.1
2024-01-08 CVE-2023-50948 Use of Hard-coded Credentials vulnerability in IBM Storage Fusion HCI 2.1.0/2.6.1
IBM Storage Fusion HCI 2.1.0 through 2.6.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.
network
low complexity
ibm CWE-798
critical
 9.8
9.8
2024-01-07 CVE-2023-47145 Unspecified vulnerability in IBM DB2
IBM Db2 for Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 could allow a local user to escalate their privileges to the SYSTEM user using the MSI repair functionality.
local
low complexity
ibm
7.8
7.8
2023-12-25 CVE-2021-38927 Unspecified vulnerability in IBM Aspera Console 3.4.0/3.4.1/3.4.2
IBM Aspera Console 3.4.0 is vulnerable to cross-site scripting.
network
low complexity
ibm
6.1
6.1