Vulnerabilities > IBM
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-19 | CVE-2023-35898 | Unspecified vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information due to an insecure security configuration in InfoSphere Data Flow Designer. | 6.5 |
| 2023-07-19 | CVE-2023-35900 | Unspecified vulnerability in IBM products IBM Robotic Process Automation for Cloud Pak 21.0.0 through 21.0.7.4 and 23.0.0 through 23.0.5 is vulnerable to disclosing server version information which may be used to determine software vulnerabilities at the operating system level. | 5.3 |
| 2023-07-17 | CVE-2023-35012 | Unspecified vulnerability in IBM DB2 11.5 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 with a Federated configuration is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. | 6.7 |
| 2023-07-17 | CVE-2023-33857 | Unspecified vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain system information using a specially crafted query that could aid in further attacks against the system. | 5.3 |
| 2023-07-17 | CVE-2023-35901 | Improper Authentication vulnerability in IBM products IBM Robotic Process Automation 21.0.0 through 21.0.7.6 and 23.0.0 through 23.0.6 is vulnerable to client side validation bypass which could allow invalid changes or values in some fields. | 5.3 |
| 2023-07-16 | CVE-2023-30988 | Unspecified vulnerability in IBM I The IBM i 7.2, 7.3, 7.4, and 7.5 product Facsimile Support for i contains a local privilege escalation vulnerability. | 7.8 |
| 2023-07-16 | CVE-2023-30989 | Unspecified vulnerability in IBM I IBM Performance Tools for i 7.2, 7.3, 7.4, and 7.5 contains a local privilege escalation vulnerability. | 7.8 |
| 2023-07-10 | CVE-2023-23487 | Unspecified vulnerability in IBM DB2 11.1/11.5 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to insufficient audit logging. | 4.3 |
| 2023-07-10 | CVE-2023-27540 | Allocation of Resources Without Limits or Throttling vulnerability in IBM Cloud PAK for Data and Watson Cp4D Data Stores IBM Watson CP4D Data Stores 4.6.0 does not properly allocate resources without limits or throttling which could allow a remote attacker with information specific to the system to cause a denial of service. | 7.5 |
| 2023-07-10 | CVE-2023-27558 | Improper Privilege Management vulnerability in IBM DB2 10.5.0.11/11.1.4.7/11.5 IBM Db2 on Windows 10.5, 11.1, and 11.5 may be vulnerable to a privilege escalation caused by at least one installed service using an unquoted service path. | 7.8 |