Vulnerabilities > IBM
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-03 | CVE-2023-46176 | Unspecified vulnerability in IBM MQ Appliance 9.3.0.0 IBM MQ Appliance 9.3 CD could allow a local attacker to gain elevated privileges on the system, caused by improper validation of security keys. | 7.8 |
| 2023-11-03 | CVE-2023-42027 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Cics TX and Txseries for Multiplatforms IBM CICS TX Standard 11.1, Advanced 10.1, 11.1, and TXSeries for Multiplatforms 8.1, 8.2, 9.1 are vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2023-11-03 | CVE-2023-42029 | Cross-site Scripting vulnerability in IBM Cics TX and Txseries for Multiplatforms IBM CICS TX Standard 11.1, Advanced 10.1, 11.1, and TXSeries for Multiplatforms 8.1, 8.2, 9.1 are vulnerable to cross-site scripting. | 5.4 |
| 2023-11-03 | CVE-2023-43018 | Improper Privilege Management vulnerability in IBM Cics TX 10.1/11.1 IBM CICS TX Standard 11.1 and Advanced 10.1, 11.1 performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses. | 7.5 |
| 2023-10-29 | CVE-2023-40685 | Improper Privilege Management vulnerability in IBM I Management Central as part of IBM i 7.2, 7.3, 7.4, and 7.5 Navigator contains a local privilege escalation vulnerability. | 7.8 |
| 2023-10-29 | CVE-2023-40686 | Improper Privilege Management vulnerability in IBM I Management Central as part of IBM i 7.2, 7.3, 7.4, and 7.5 Navigator contains a local privilege escalation vulnerability. | 7.8 |
| 2023-10-29 | CVE-2023-43041 | Unspecified vulnerability in IBM Qradar Security Information and Event Manager 7.5.0 IBM QRadar SIEM 7.5 is vulnerable to information exposure allowing a delegated Admin tenant user with a specific domain security profile assigned to see data from other domains. | 4.9 |
| 2023-10-25 | CVE-2023-42031 | Resource Exhaustion vulnerability in IBM Cics TX and Txseries for Multiplatforms IBM TXSeries for Multiplatforms, 8.1, 8.2, and 9.1, CICS TX Standard CICS TX Advanced 10.1 and 11.1 could allow a privileged user to cause a denial of service due to uncontrolled resource consumption. | 4.9 |
| 2023-10-25 | CVE-2023-46158 | Insufficient Session Expiration vulnerability in IBM Websphere Application Server Liberty 23.0.0.10/23.0.0.9 IBM WebSphere Application Server Liberty 23.0.0.9 through 23.0.0.10 could provide weaker than expected security due to improper resource expiration handling. | 9.8 |
| 2023-10-23 | CVE-2022-22466 | Use of Hard-coded Credentials vulnerability in IBM Security Verify Governance 10.0/10.0.1 IBM Security Verify Governance 10.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. | 9.8 |