Vulnerabilities > IBM
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-18 | CVE-2023-40363 | Incorrect Default Permissions vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Information Server 11.7 could allow an authenticated user to change installation files due to incorrect file permission settings. | 6.5 |
| 2023-11-13 | CVE-2023-38363 | Unspecified vulnerability in IBM Cics TX 10.1 IBM CICS TX Advanced 10.1 does not set the secure attribute on authorization tokens or session cookies. | 4.3 |
| 2023-11-13 | CVE-2023-38364 | Unspecified vulnerability in IBM Cics TX 10.1 IBM CICS TX Advanced 10.1 is vulnerable to cross-site scripting. | 6.1 |
| 2023-11-11 | CVE-2023-43057 | Unspecified vulnerability in IBM Qradar Security Information and Event Manager 7.5.0 IBM QRadar SIEM 7.5.0 is vulnerable to cross-site scripting. | 5.4 |
| 2023-11-10 | CVE-2023-45167 | Unspecified vulnerability in IBM AIX and Vios IBM AIX's 7.3 Python implementation could allow a non-privileged local user to exploit a vulnerability to cause a denial of service. | 5.5 |
| 2023-11-03 | CVE-2023-45189 | Unspecified vulnerability in IBM Robotic Process Automation for Cloud PAK A vulnerability in IBM Robotic Process Automation and IBM Robotic Process Automation for Cloud Pak 21.0.0 through 21.0.7.10, 23.0.0 through 23.0.10 may result in access to client vault credentials. | 6.5 |
| 2023-11-03 | CVE-2023-35896 | Server-Side Request Forgery (SSRF) vulnerability in IBM Content Navigator 3.0.13 IBM Content Navigator 3.0.13 is vulnerable to server-side request forgery (SSRF). | 5.4 |
| 2023-11-03 | CVE-2023-46176 | Unspecified vulnerability in IBM MQ Appliance 9.3.0.0 IBM MQ Appliance 9.3 CD could allow a local attacker to gain elevated privileges on the system, caused by improper validation of security keys. | 7.8 |
| 2023-11-03 | CVE-2023-42027 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Cics TX and Txseries for Multiplatforms IBM CICS TX Standard 11.1, Advanced 10.1, 11.1, and TXSeries for Multiplatforms 8.1, 8.2, 9.1 are vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2023-11-03 | CVE-2023-42029 | Cross-site Scripting vulnerability in IBM Cics TX and Txseries for Multiplatforms IBM CICS TX Standard 11.1, Advanced 10.1, 11.1, and TXSeries for Multiplatforms 8.1, 8.2, 9.1 are vulnerable to cross-site scripting. | 5.4 |