Vulnerabilities > IBM
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-11 | CVE-2023-45171 | Unspecified vulnerability in IBM AIX and Vios IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the kernel to cause a denial of service. | 5.5 |
| 2024-01-11 | CVE-2023-45173 | Unspecified vulnerability in IBM AIX and Vios IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the NFS kernel extension to cause a denial of service. | 5.5 |
| 2024-01-11 | CVE-2023-45175 | Unspecified vulnerability in IBM AIX and Vios IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the TCP/IP kernel extension to cause a denial of service. | 5.5 |
| 2024-01-08 | CVE-2023-47140 | Unspecified vulnerability in IBM Cics Transaction Gateway 9.3 IBM CICS Transaction Gateway 9.3 could allow a user to transfer or view files due to improper access controls. | 8.1 |
| 2024-01-08 | CVE-2023-50948 | Use of Hard-coded Credentials vulnerability in IBM Storage Fusion HCI 2.1.0/2.6.1 IBM Storage Fusion HCI 2.1.0 through 2.6.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. | 9.8 |
| 2024-01-07 | CVE-2023-47145 | Unspecified vulnerability in IBM DB2 IBM Db2 for Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 could allow a local user to escalate their privileges to the SYSTEM user using the MSI repair functionality. | 7.8 |
| 2023-12-25 | CVE-2021-38927 | Unspecified vulnerability in IBM Aspera Console 3.4.0/3.4.1/3.4.2 IBM Aspera Console 3.4.0 is vulnerable to cross-site scripting. | 6.1 |
| 2023-12-25 | CVE-2023-43064 | Unspecified vulnerability in IBM I Facsimile Support for IBM i 7.2, 7.3, 7.4, and 7.5 could allow a local user to gain elevated privileges due to an unqualified library call. | 7.8 |
| 2023-12-25 | CVE-2023-49880 | Unspecified vulnerability in IBM Financial Transaction Manager 3.2.4 In the Message Entry and Repair (MER) facility of IBM Financial Transaction Manager for SWIFT Services 3.2.4 the sending address and the message type of FIN messages are assumed to be immutable. | 7.5 |
| 2023-12-22 | CVE-2023-42017 | Unspecified vulnerability in IBM Planning Analytics 2.0 IBM Planning Analytics Local 2.0 could allow a remote attacker to upload arbitrary files, caused by the improper validation of file extensions. | 9.8 |