Vulnerabilities > IBM > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-04-06 | CVE-2024-22328 | Unspecified vulnerability in IBM Maximo Application Suite 8.10/8.11 IBM Maximo Application Suite 8.10 and 8.11 could allow a remote attacker to traverse directories on the system. | 7.5 |
| 2024-04-04 | CVE-2024-27268 | Allocation of Resources Without Limits or Throttling vulnerability in IBM Websphere Application Server IBM WebSphere Application Server Liberty 18.0.0.2 through 24.0.0.4 is vulnerable to a denial of service, caused by sending a specially crafted request. | 7.5 |
| 2024-03-31 | CVE-2024-22353 | Unspecified vulnerability in IBM Websphere Application Server IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.4 is vulnerable to a denial of service, caused by sending a specially crafted request. | 7.5 |
| 2024-03-14 | CVE-2024-22346 | Unspecified vulnerability in IBM I Db2 for IBM i 7.2, 7.3, 7.4, and 7.5 infrastructure could allow a local user to gain elevated privileges due to an unqualified library call. | 7.8 |
| 2024-03-14 | CVE-2024-27266 | Unspecified vulnerability in IBM Maximo Application Suite 7.6.1.3 IBM Maximo Application Suite 7.6.1.3 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. | 8.2 |
| 2024-03-13 | CVE-2023-32335 | Unspecified vulnerability in IBM Maximo Application Suite and Maximo Asset Management IBM Maximo Application Suite 8.10, 8.11 and IBM Maximo Asset Management 7.6.1.3 stores sensitive information in URL parameters. | 7.5 |
| 2024-03-04 | CVE-2023-32331 | Classic Buffer Overflow vulnerability in IBM Sterling Connect:Express for Unix 1.5.0 IBM Connect:Express for UNIX 1.5.0 is vulnerable to a buffer overflow that could allow a remote attacker to cause a denial of service through its browser UI. | 7.5 |
| 2024-03-04 | CVE-2022-43890 | Unspecified vulnerability in IBM Security Verify Privilege On-Premises IBM Security Verify Privilege On-Premises 11.5 could disclose sensitive information through an HTTP request that could aid an attacker in further attacks against the system. | 7.5 |
| 2024-03-03 | CVE-2023-27291 | Unspecified vulnerability in IBM Watson Cp4D Data Stores IBM Watson CP4D Data Stores 4.6.0, 4.6.1, 4.6.2, and 4.6.3 does not encrypt sensitive or critical information before storage or transmission which could allow an attacker to obtain sensitive information. | 7.5 |
| 2024-03-03 | CVE-2024-27255 | Unspecified vulnerability in IBM MQ Operator IBM MQ Operator 2.0.0 LTS, 2.0.18 LTS, 3.0.0 CD, 3.0.1 CD, 2.4.0 through 2.4.7, 2.3.0 through 2.3.3, 2.2.0 through 2.2.2, and 2.3.0 through 2.3.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |