Vulnerabilities > IBM > High

DATE CVE VULNERABILITY TITLE RISK
2023-11-24 CVE-2023-26279 Improper Encoding or Escaping of Output vulnerability in IBM Qradar Wincollect 10.0/10.0.1/10.1.6
IBM QRadar WinCollect Agent 10.0 through 10.1.7 could allow a local user to perform unauthorized actions due to improper encoding.
local
low complexity
ibm CWE-116
7.8
2023-11-22 CVE-2022-35638 Unspecified vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
low complexity
ibm
8.8
2023-11-18 CVE-2023-38361 Unspecified vulnerability in IBM Cics TX 10.1
IBM CICS TX Advanced 10.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm
7.5
2023-11-03 CVE-2023-46176 Unspecified vulnerability in IBM MQ Appliance 9.3.0.0
IBM MQ Appliance 9.3 CD could allow a local attacker to gain elevated privileges on the system, caused by improper validation of security keys.
local
low complexity
ibm
7.8
2023-11-03 CVE-2023-42027 Cross-Site Request Forgery (CSRF) vulnerability in IBM Cics TX and Txseries for Multiplatforms
IBM CICS TX Standard 11.1, Advanced 10.1, 11.1, and TXSeries for Multiplatforms 8.1, 8.2, 9.1 are vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
low complexity
ibm CWE-352
8.8
2023-11-03 CVE-2023-43018 Improper Privilege Management vulnerability in IBM Cics TX 10.1/11.1
IBM CICS TX Standard 11.1 and Advanced 10.1, 11.1 performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.
network
low complexity
ibm CWE-269
7.5
2023-10-29 CVE-2023-40685 Improper Privilege Management vulnerability in IBM I
Management Central as part of IBM i 7.2, 7.3, 7.4, and 7.5 Navigator contains a local privilege escalation vulnerability.
local
low complexity
ibm CWE-269
7.8
2023-10-29 CVE-2023-40686 Improper Privilege Management vulnerability in IBM I
Management Central as part of IBM i 7.2, 7.3, 7.4, and 7.5 Navigator contains a local privilege escalation vulnerability.
local
low complexity
ibm CWE-269
7.8
2023-10-23 CVE-2023-33837 Unspecified vulnerability in IBM Security Verify Governance 10.0
IBM Security Verify Governance 10.0 does not encrypt sensitive or critical information before storage or transmission.
network
low complexity
ibm
7.5
2023-10-23 CVE-2023-33839 OS Command Injection vulnerability in IBM Security Verify Governance 10.0/10.0.1
IBM Security Verify Governance 10.0 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request.
network
low complexity
ibm CWE-78
8.8