Vulnerabilities > IBM
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-03-15 | CVE-2023-47147 | External Control of File Name or Path vulnerability in IBM Sterling Secure Proxy 6.0.3/6.1.0 IBM Sterling Secure Proxy 6.0.3 and 6.1.0 could allow an attacker to overwrite a log message under specific conditions. | 5.3 |
2024-03-15 | CVE-2023-47699 | Cross-site Scripting vulnerability in IBM Sterling Secure Proxy 6.0.3/6.1.0 IBM Sterling Secure Proxy 6.0.3 and 6.1.0 is vulnerable to cross-site scripting. | 6.1 |
2024-03-15 | CVE-2023-46179 | Sensitive Cookie in HTTPS Session Without 'Secure' Attribute vulnerability in IBM Sterling Secure Proxy 6.0.3/6.1.0 IBM Sterling Secure Proxy 6.0.3 and 6.1.0 does not set the secure attribute on authorization tokens or session cookies. | 4.3 |
2024-03-15 | CVE-2023-46182 | Cross-site Scripting vulnerability in IBM Sterling Secure Proxy 6.0.3/6.1.0 IBM Sterling Secure Proxy 6.0.3 and 6.1.0 is vulnerable to cross-site scripting. | 5.4 |
2024-03-15 | CVE-2023-47162 | Cross-site Scripting vulnerability in IBM Sterling Secure Proxy 6.0.3/6.1.0 IBM Sterling Secure Proxy 6.0.3 and 6.1.0 is vulnerable to cross-site scripting. | 6.1 |
2024-03-14 | CVE-2024-22346 | Unspecified vulnerability in IBM I Db2 for IBM i 7.2, 7.3, 7.4, and 7.5 infrastructure could allow a local user to gain elevated privileges due to an unqualified library call. | 7.8 |
2024-03-14 | CVE-2024-27265 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Integration BUS 10.1 IBM Integration Bus for z/OS 10.1 through 10.1.0.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 6.5 |
2024-03-14 | CVE-2024-27266 | XXE vulnerability in IBM Maximo Application Suite 7.6.1.3 IBM Maximo Application Suite 7.6.1.3 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. | 8.2 |
2024-03-01 | CVE-2023-28525 | Cross-site Scripting vulnerability in IBM products IBM Engineering Requirements Management 9.7.2.7 is vulnerable to cross-site scripting. | 4.8 |
2024-03-01 | CVE-2023-28949 | Cross-Site Request Forgery (CSRF) vulnerability in IBM products IBM Engineering Requirements Management DOORS 9.7.2.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 6.5 |