Vulnerabilities > IBM
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-22 | CVE-2023-40370 | Unspecified vulnerability in IBM products IBM Robotic Process Automation 21.0.0 through 21.0.7.1 runtime is vulnerable to information disclosure of script content if the remote REST request computer policy is enabled. | 5.3 |
| 2023-08-22 | CVE-2023-33850 | Unspecified vulnerability in IBM Cics TX and Txseries for Multiplatform IBM GSKit-Crypto could allow a remote attacker to obtain sensitive information, caused by a timing-based side channel in the RSA Decryption implementation. | 7.5 |
| 2023-08-22 | CVE-2023-38732 | Information Exposure Through Log Files vulnerability in IBM products IBM Robotic Process Automation 21.0.0 through 21.0.7 server could allow an authenticated user to view sensitive information from application logs. | 4.3 |
| 2023-08-16 | CVE-2023-35009 | Information Exposure Through an Error Message vulnerability in IBM Cognos Analytics IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 could allow a remote attacker to obtain system information without authentication which could be used in reconnaissance to gather information that could be used for future attacks. | 5.3 |
| 2023-08-16 | CVE-2023-35011 | Server-Side Request Forgery (SSRF) vulnerability in IBM Cognos Analytics IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to server-side request forgery (SSRF). | 5.4 |
| 2023-08-16 | CVE-2023-35893 | OS Command Injection vulnerability in IBM Security Guardium IBM Security Guardium 10.6, 11.3, 11.4, and 11.5 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. | 8.8 |
| 2023-08-16 | CVE-2023-38737 | Resource Exhaustion vulnerability in IBM Websphere Application Server IBM WebSphere Application Server Liberty 22.0.0.13 through 23.0.0.7 is vulnerable to a denial of service, caused by sending a specially-crafted request. | 7.5 |
| 2023-08-14 | CVE-2023-38721 | Unspecified vulnerability in IBM I The IBM i 7.2, 7.3, 7.4, and 7.5 product Facsimile Support for i contains a local privilege escalation vulnerability. | 7.8 |
| 2023-08-14 | CVE-2023-38741 | Unspecified vulnerability in IBM Txseries for Multiplatform 8.1/8.2/9.1 IBM TXSeries for Multiplatforms 8.1, 8.2, and 9.1 is vulnerable to a denial of service, caused by improper enforcement of the timeout on individual read operations. | 7.5 |
| 2023-08-02 | CVE-2022-40609 | Deserialization of Untrusted Data vulnerability in IBM SDK IBM SDK, Java Technology Edition 7.1.5.18 and 8.0.8.0 could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw. | 9.8 |