Vulnerabilities > IBM
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-17 | CVE-2022-41734 | Cleartext Storage of Sensitive Information vulnerability in IBM Maximo Application Suite and Maximo Asset Management IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 7.5 |
| 2023-02-17 | CVE-2022-43930 | Information Exposure Through Log Files vulnerability in IBM DB2 10.5/11.1/11.5 IBM Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 is vulnerable to an Information Disclosure as sensitive information may be included in a log file. | 7.5 |
| 2023-02-17 | CVE-2022-36775 | Injection vulnerability in IBM products IBM Security Verify Access 10.0.0.0, 10.0.1.0, 10.0.2.0, 10.0.3.0, and10.0.4.0 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. | 6.5 |
| 2023-02-17 | CVE-2022-43927 | Improper Privilege Management vulnerability in IBM DB2 10.5/11.1/11.5 IBM Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 is vulnerable to information Disclosure due to improper privilege management when a specially crafted table access is used. | 7.5 |
| 2023-02-17 | CVE-2022-43929 | Unspecified vulnerability in IBM DB2 11.1/11.5 IBM Db2 for Linux, UNIX and Windows 11.1 and 11.5 may be vulnerable to a Denial of Service when executing a specially crafted 'Load' command. | 7.5 |
| 2023-02-17 | CVE-2023-22868 | Unspecified vulnerability in IBM Aspera Faspex 4.4.1 IBM Aspera Faspex 4.4.1 is vulnerable to cross-site scripting. | 5.4 |
| 2023-02-17 | CVE-2023-24964 | Unspecified vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Information Server 11.7 could allow a local user to obtain sensitive information from a log files. | 5.5 |
| 2023-02-17 | CVE-2022-47986 | Unspecified vulnerability in IBM Aspera Faspex 4.4.1/4.4.2 IBM Aspera Faspex 4.4.2 Patch Level 1 and earlier could allow a remote attacker to execute arbitrary code on the system, caused by a YAML deserialization flaw. | 9.8 |
| 2023-02-12 | CVE-2022-41731 | Unspecified vulnerability in IBM Watson Knowledge Catalog on Cloud PAK for Data 4.5.0 IBM Watson Knowledge Catalog on Cloud Pak for Data 4.5.0 is vulnerable to SQL injection. | 9.8 |
| 2023-02-12 | CVE-2022-42436 | Unspecified vulnerability in IBM MQ IBM MQ 8.0.0, 9.0.0, 9.1.0, 9.2.0, 9.3.0 Managed File Transfer could allow a local user to obtain sensitive information from diagnostic files. | 3.3 |