Vulnerabilities > IBM

DATE CVE VULNERABILITY TITLE RISK
2024-02-02 CVE-2023-50327 Interpretation Conflict vulnerability in IBM Powersc 1.3/2.0/2.1
IBM PowerSC 1.3, 2.0, and 2.1 uses insecure HTTP methods which could allow a remote attacker to perform unauthorized file request modification.
network
low complexity
ibm CWE-436
5.3
5.3
2024-02-02 CVE-2023-50933 Cross-site Scripting vulnerability in IBM Powersc 1.3/2.0/2.1
IBM PowerSC 1.3, 2.0, and 2.1 is vulnerable to HTML injection.
network
low complexity
ibm CWE-79
6.1
6.1
2024-02-02 CVE-2023-50936 Unspecified vulnerability in IBM Powersc 1.3/2.0/2.1
IBM PowerSC 1.3, 2.0, and 2.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.
network
low complexity
ibm
8.8
8.8
2024-02-02 CVE-2023-50937 Unspecified vulnerability in IBM Powersc 1.3/2.0/2.1
IBM PowerSC 1.3, 2.0, and 2.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm
7.5
7.5
2024-02-02 CVE-2023-50940 Incorrect Comparison vulnerability in IBM Powersc 1.3/2.0/2.1
IBM PowerSC 1.3, 2.0, and 2.1 uses Cross-Origin Resource Sharing (CORS) which could allow an attacker to carry out privileged actions and retrieve sensitive information as the domain name is not being limited to only trusted domains.
network
low complexity
ibm CWE-697
critical
 9.8
9.8
2024-02-02 CVE-2023-50939 Unspecified vulnerability in IBM Powersc 1.3/2.0/2.1
IBM PowerSC 1.3, 2.0, and 2.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm
7.5
7.5
2024-01-26 CVE-2024-23619 Use of Hard-coded Credentials vulnerability in IBM Merge Efilm Workstation 4.2
A hardcoded credential vulnerability exists in IBM Merge Healthcare eFilm Workstation.
network
low complexity
ibm CWE-798
critical
 9.8
9.8
2024-01-26 CVE-2024-23620 Improper Privilege Management vulnerability in IBM Merge Efilm Workstation 4.2
An improper privilege management vulnerability exists in IBM Merge Healthcare eFilm Workstation.
local
low complexity
ibm CWE-269
7.8
7.8
2024-01-26 CVE-2024-23621 Classic Buffer Overflow vulnerability in IBM Merge Efilm Workstation 4.2
A buffer overflow exists in IBM Merge Healthcare eFilm Workstation license server.
network
low complexity
ibm CWE-120
critical
 9.8
9.8
2024-01-26 CVE-2024-23622 Out-of-bounds Write vulnerability in IBM Merge Efilm Workstation 4.2
A stack-based buffer overflow exists in IBM Merge Healthcare eFilm Workstation license server.
network
low complexity
ibm CWE-787
critical
 9.8
9.8