Vulnerabilities > IBM
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-27 | CVE-2023-30437 | Unspecified vulnerability in IBM Security Guardium 11.3/11.4/11.5 IBM Security Guardium 11.3, 11.4, and 11.5 could allow an unauthorized user to enumerate usernames by sending a specially crafted HTTP request. | 5.3 |
| 2023-08-27 | CVE-2023-33852 | SQL Injection vulnerability in IBM Security Guardium 11.4 IBM Security Guardium 11.4 is vulnerable to SQL injection. | 5.4 |
| 2023-08-27 | CVE-2023-38730 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Storage Copy Data Management IBM Storage Copy Data Management 2.2.0.0 through 2.2.19.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
| 2023-08-24 | CVE-2023-40371 | Unspecified vulnerability in IBM AIX and Vios IBM AIX 7.2, 7.3, VIOS 3.1's OpenSSH implementation could allow a non-privileged local user to access files outside of those allowed due to improper access controls. | 5.5 |
| 2023-08-22 | CVE-2023-38733 | Information Exposure Through Log Files vulnerability in IBM Robotic Process Automation IBM Robotic Process Automation 21.0.0 through 21.0.7.1 and 23.0.0 through 23.0.1 server could allow an authenticated user to view sensitive information from installation logs. | 4.3 |
| 2023-08-22 | CVE-2023-38734 | Improper Privilege Management vulnerability in IBM Robotic Process Automation IBM Robotic Process Automation 21.0.0 through 21.0.7.1 and 23.0.0 through 23.0.1 is vulnerable to incorrect privilege assignment when importing users from an LDAP directory. | 9.8 |
| 2023-08-22 | CVE-2023-40370 | Unspecified vulnerability in IBM products IBM Robotic Process Automation 21.0.0 through 21.0.7.1 runtime is vulnerable to information disclosure of script content if the remote REST request computer policy is enabled. | 5.3 |
| 2023-08-22 | CVE-2023-33850 | Unspecified vulnerability in IBM Cics TX and Txseries for Multiplatform IBM GSKit-Crypto could allow a remote attacker to obtain sensitive information, caused by a timing-based side channel in the RSA Decryption implementation. | 7.5 |
| 2023-08-22 | CVE-2023-38732 | Information Exposure Through Log Files vulnerability in IBM products IBM Robotic Process Automation 21.0.0 through 21.0.7 server could allow an authenticated user to view sensitive information from application logs. | 4.3 |
| 2023-08-16 | CVE-2023-35009 | Information Exposure Through an Error Message vulnerability in IBM Cognos Analytics IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 could allow a remote attacker to obtain system information without authentication which could be used in reconnaissance to gather information that could be used for future attacks. | 5.3 |