Vulnerabilities > IBM
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-26 | CVE-2022-41739 | Unspecified vulnerability in IBM Spectrum Scale Container Native Storage Access 5.1.2.1/5.1.4.1/5.1.6.0 IBM Spectrum Scale (IBM Spectrum Scale Container Native Storage Access 5.1.2.1 through 5.1.6.0) could allow programs running inside the container to overcome isolation mechanism and gain additional capabilities or access sensitive information on the host. | 8.4 |
| 2023-04-07 | CVE-2022-33959 | Unspecified vulnerability in IBM Sterling Order Management 10 IBM Sterling Order Management 10.0 could allow a user to bypass validation and perform unauthorized actions on behalf of other users. | 8.1 |
| 2023-04-07 | CVE-2022-43914 | Unspecified vulnerability in IBM Tririga Application Platform IBM TRIRIGA Application Platform 4.0 is vulnerable to cross-site scripting. | 5.4 |
| 2023-04-07 | CVE-2022-43928 | Unspecified vulnerability in IBM DB2 Mirror for I 7.4/7.5 The IBM Toolbox for Java (Db2 Mirror for i 7.4 and 7.5) could allow a user to obtain sensitive information, caused by utilizing a Java string for processing. | 6.5 |
| 2023-04-07 | CVE-2023-27876 | Unspecified vulnerability in IBM Tririga Application Platform 4.0 IBM TRIRIGA 4.0 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. | 7.1 |
| 2023-04-07 | CVE-2022-34333 | Unspecified vulnerability in IBM Sterling Order Management 10 IBM Sterling Order Management 10.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. | 7.5 |
| 2023-04-02 | CVE-2023-26283 | Unspecified vulnerability in IBM Websphere Application Server 9.0 IBM WebSphere Application Server 9.0 is vulnerable to cross-site scripting. | 5.4 |
| 2023-04-02 | CVE-2023-27284 | Unspecified vulnerability in IBM Aspera Cargo and Aspera Connect IBM Aspera Cargo 4.2.5 and IBM Aspera Connect 4.2.5 are vulnerable to a buffer overflow, caused by improper bounds checking. | 9.8 |
| 2023-04-02 | CVE-2023-27286 | Unspecified vulnerability in IBM Aspera Cargo and Aspera Connect IBM Aspera Cargo 4.2.5 and IBM Aspera Connect 4.2.5 are vulnerable to a buffer overflow, caused by improper bounds checking. | 9.8 |
| 2023-03-22 | CVE-2022-43863 | Improper Privilege Management vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.4 and 7.5 is vulnerable to privilege escalation, allowing a user with some admin capabilities to gain additional admin capabilities. | 7.2 |