Vulnerabilities > IBM
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-14 | CVE-2023-50314 | Unspecified vulnerability in IBM Websphere Application Server IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.8 could allow an attacker with access to the network to conduct spoofing attacks. | 7.5 |
| 2024-08-14 | CVE-2024-31882 | Injection vulnerability in IBM DB2 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to a denial of service, under specific non default configurations, as the server may crash when using a specially crafted SQL statement by an authenticated user. | 6.5 |
| 2024-08-14 | CVE-2024-35136 | Unspecified vulnerability in IBM DB2 IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) federated server 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query under certain non default conditions. | 6.5 |
| 2024-08-14 | CVE-2024-35152 | Unspecified vulnerability in IBM DB2 11.5.8/11.5.9 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 could allow an authenticated user to cause a denial of service with a specially crafted query due to improper memory allocation. | 6.5 |
| 2024-08-14 | CVE-2024-37529 | Unspecified vulnerability in IBM DB2 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 could allow an authenticated user to cause a denial of service with a specially crafted query due to improper memory allocation. | 6.5 |
| 2024-08-14 | CVE-2023-50315 | Unspecified vulnerability in IBM Websphere Application Server 8.5.0.0/9.0.0.0 IBM WebSphere Application Server 8.5 and 9.0 could allow an attacker with access to the network to conduct spoofing attacks. | 5.9 |
| 2024-08-14 | CVE-2024-27267 | Unspecified vulnerability in IBM Java SDK The Object Request Broker (ORB) in IBM SDK, Java Technology Edition 7.1.0.0 through 7.1.5.18 and 8.0.0.0 through 8.0.8.26 is vulnerable to remote denial of service, caused by a race condition in the management of ORB listener threads. | 5.9 |
| 2024-08-14 | CVE-2024-28799 | Unspecified vulnerability in IBM Cloud PAK for Security and Qradar Suite IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 displays sensitive data improperly to a local privileged user, in non default configurations, during back-end commands which may result in the unexpected disclosure of this information. | 7.5 |
| 2024-08-13 | CVE-2024-35124 | Missing Authentication for Critical Function vulnerability in IBM Openbmc A vulnerability in the combination of the OpenBMC's FW1050.00 through FW1050.10, FW1030.00 through FW1030.50, and FW1020.00 through FW1020.60 default password and session management allow an attacker to gain administrative access to the BMC. | 7.5 |
| 2024-08-13 | CVE-2024-40697 | Weak Password Requirements vulnerability in IBM Common Licensing 9.0 IBM Common Licensing 9.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. | 7.5 |