| 2024-02-26 | CVE-2022-34357 | IBM Cognos Analytics Mobile Server 11.1.7, 11.2.4, and 12.0.0 is vulnerable to Denial of Service due to due to weak or absence of rate limiting. | 6.5 |
| 2024-02-26 | CVE-2023-30996 | IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 could be vulnerable to information leakage due to unverified sources in messages sent between Windows objects of different origins. | 5.3 |
| 2024-02-26 | CVE-2023-32344 | IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 is vulnerable to form action hijacking where it is possible to modify the form action to reference an arbitrary path. | 4.3 |
| 2024-02-26 | CVE-2023-38359 | IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 is vulnerable to cross-site scripting. | 6.1 |
| 2024-02-26 | CVE-2023-43051 | IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 is vulnerable to cross-site scripting. | 5.4 |
| 2024-02-23 | CVE-2022-43842 | Unspecified vulnerability in IBM Aspera Console 3.4.0/3.4.1/3.4.2
IBM Aspera Console 3.4.0 through 3.4.2 is vulnerable to SQL injection. network low complexity ibm critical | 9.1 |
| 2024-02-21 | CVE-2023-33843 | Unspecified vulnerability in IBM Infosphere Information Server 11.7
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. network low complexity ibm | 5.4 |
| 2024-02-21 | CVE-2023-50955 | Path Traversal vulnerability in IBM Infosphere Information Server 11.7
IBM InfoSphere Information Server 11.7 could allow an authenticated privileged user to obtain the absolute path of the web server installation which could aid in further attacks against the system. | 2.7 |
| 2024-02-20 | CVE-2023-50306 | Information Exposure Through Discrepancy vulnerability in IBM Common Licensing 9.0
IBM Common Licensing 9.0 could allow a local user to enumerate usernames due to an observable response discrepancy. | 3.3 |
| 2024-02-17 | CVE-2022-41737 | Unspecified vulnerability in IBM Spectrum Scale Container Native Storage Access 5.1.2.1/5.1.4.1/5.1.6.0
IBM Storage Scale Container Native Storage Access 5.1.2.1 through 5.1.7.0 could allow a local attacker to initiate connections from a container outside the current namespace. | 6.5 |