Vulnerabilities > IBM
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-20 | CVE-2023-47161 | Unspecified vulnerability in IBM Urbancode Deploy IBM UrbanCode Deploy (UCD) 7.1 through 7.1.2.14, 7.2 through 7.2.3.7, and 7.3 through 7.3.2.2 may mishandle input validation of an uploaded archive file leading to a denial of service due to resource exhaustion. | 6.5 |
| 2023-12-19 | CVE-2023-45172 | Unspecified vulnerability in IBM AIX and Vios IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in AIX windows to cause a denial of service. | 5.5 |
| 2023-12-19 | CVE-2023-47146 | Unspecified vulnerability in IBM Qradar Security Information and Event Manager 7.5.0 IBM Qradar SIEM 7.5 could allow a privileged user to obtain sensitive domain information due to data being misidentified. | 6.5 |
| 2023-12-19 | CVE-2023-42015 | Cross-site Scripting vulnerability in IBM Urbancode Deploy IBM UrbanCode Deploy (UCD) 7.1 through 7.1.2.14, 7.2 through 7.2.3.7, and 7.3 through 7.3.2.2 is vulnerable to HTML injection. | 4.3 |
| 2023-12-18 | CVE-2023-40691 | Unspecified vulnerability in IBM Cloud PAK for Business Automation IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 may reveal sensitive information contained in application configuration to developer and administrator users. | 4.9 |
| 2023-12-18 | CVE-2023-47741 | Insufficiently Protected Credentials vulnerability in IBM DB2 Mirror for I and I IBM i 7.3, 7.4, 7.5, IBM i Db2 Mirror for i 7.4 and 7.5 web browser clients may leave clear-text passwords in browser memory that can be viewed using common browser tools before the memory is garbage collected. | 5.3 |
| 2023-12-18 | CVE-2023-46177 | Unspecified vulnerability in IBM MQ Appliance 9.3.0.0 IBM MQ Appliance 9.3 LTS and 9.3 CD could allow a remote attacker to traverse directories on the system. | 7.5 |
| 2023-12-14 | CVE-2023-45182 | Unspecified vulnerability in IBM I Access Client Solutions IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 is vulnerable to having its key for an encrypted password decoded. | 6.5 |
| 2023-12-14 | CVE-2023-45185 | Unspecified vulnerability in IBM I Access Client Solutions IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 could allow an attacker to execute remote code. | 8.8 |
| 2023-12-14 | CVE-2023-45184 | Insecure Storage of Sensitive Information vulnerability in IBM I Access Client Solutions IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 could allow an attacker to obtain a decryption key due to improper authority checks. | 7.5 |