Vulnerabilities > IBM > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-03 | CVE-2023-31004 | Man-in-the-Middle vulnerability in IBM products IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) could allow a remote attacker to gain access to the underlying system using man in the middle techniques. | 9.0 |
| 2024-02-02 | CVE-2023-47143 | Improper Encoding or Escaping of Output vulnerability in IBM Tivoli Application Dependency Discovery Manager IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.10 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. | 9.8 |
| 2024-02-02 | CVE-2024-22319 | Injection vulnerability in IBM Operational Decision Manager IBM Operational Decision Manager 8.10.3, 8.10.4, 8.10.5.1, 8.11, 8.11.0.1, 8.11.1 and 8.12.0.1 is susceptible to remote code execution attack via JNDI injection when passing an unchecked argument to a certain API. | 9.8 |
| 2024-02-02 | CVE-2023-32333 | Improper Access Control vulnerability in IBM Maximo Asset Management 7.6.1.3 IBM Maximo Asset Management 7.6.1.3 could allow a remote attacker to log into the admin panel due to improper access controls. | 9.8 |
| 2024-02-02 | CVE-2023-50940 | Incorrect Comparison vulnerability in IBM Powersc 1.3/2.0/2.1 IBM PowerSC 1.3, 2.0, and 2.1 uses Cross-Origin Resource Sharing (CORS) which could allow an attacker to carry out privileged actions and retrieve sensitive information as the domain name is not being limited to only trusted domains. | 9.8 |
| 2024-01-26 | CVE-2024-23619 | Use of Hard-coded Credentials vulnerability in IBM Merge Efilm Workstation 4.2 A hardcoded credential vulnerability exists in IBM Merge Healthcare eFilm Workstation. | 9.8 |
| 2024-01-26 | CVE-2024-23621 | Classic Buffer Overflow vulnerability in IBM Merge Efilm Workstation 4.2 A buffer overflow exists in IBM Merge Healthcare eFilm Workstation license server. | 9.8 |
| 2024-01-26 | CVE-2024-23622 | Out-of-bounds Write vulnerability in IBM Merge Efilm Workstation 4.2 A stack-based buffer overflow exists in IBM Merge Healthcare eFilm Workstation license server. | 9.8 |
| 2024-01-18 | CVE-2024-22317 | Improper Restriction of Excessive Authentication Attempts vulnerability in IBM APP Connect Enterprise IBM App Connect Enterprise 11.0.0.1 through 11.0.0.24 and 12.0.1.0 through 12.0.11.0 could allow a remote attacker to obtain sensitive information or cause a denial of service due to improper restriction of excessive authentication attempts. | 9.1 |
| 2024-01-08 | CVE-2023-50948 | Use of Hard-coded Credentials vulnerability in IBM Storage Fusion HCI 2.1.0/2.6.1 IBM Storage Fusion HCI 2.1.0 through 2.6.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. | 9.8 |