Vulnerabilities > IBM > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-25 | CVE-2023-43064 | Unspecified vulnerability in IBM I Facsimile Support for IBM i 7.2, 7.3, 7.4, and 7.5 could allow a local user to gain elevated privileges due to an unqualified library call. | 7.8 |
| 2023-12-25 | CVE-2023-49880 | Unspecified vulnerability in IBM Financial Transaction Manager 3.2.4 In the Message Entry and Repair (MER) facility of IBM Financial Transaction Manager for SWIFT Services 3.2.4 the sending address and the message type of FIN messages are assumed to be immutable. | 7.5 |
| 2023-12-20 | CVE-2023-47704 | Unspecified vulnerability in IBM Security Guardium KEY Lifecycle Manager 4.2.0 IBM Security Guardium Key Lifecycle Manager 4.3 contains plain text hard-coded credentials or other secrets in source code repository. | 7.5 |
| 2023-12-20 | CVE-2023-47706 | Unspecified vulnerability in IBM Security Guardium KEY Lifecycle Manager 4.2.0 IBM Security Guardium Key Lifecycle Manager 4.3 could allow an authenticated user to upload files of a dangerous file type. | 8.8 |
| 2023-12-18 | CVE-2023-46177 | Unspecified vulnerability in IBM MQ Appliance 9.3.0.0 IBM MQ Appliance 9.3 LTS and 9.3 CD could allow a remote attacker to traverse directories on the system. | 7.5 |
| 2023-12-14 | CVE-2023-45185 | Unspecified vulnerability in IBM I Access Client Solutions IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 could allow an attacker to execute remote code. | 8.8 |
| 2023-12-14 | CVE-2023-45184 | Insecure Storage of Sensitive Information vulnerability in IBM I Access Client Solutions IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 could allow an attacker to obtain a decryption key due to improper authority checks. | 7.5 |
| 2023-12-14 | CVE-2022-43843 | Unspecified vulnerability in IBM Spectrum Scale 5.1.5.0/5.1.5.1 IBM Spectrum Scale 5.1.5.0 through 5.1.5.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
| 2023-12-14 | CVE-2023-43042 | Unspecified vulnerability in IBM Storage Virtualize 8.3 IBM SAN Volume Controller, IBM Storwize, IBM FlashSystem and IBM Storage Virtualize 8.3 products use default passwords for a privileged user. | 7.5 |
| 2023-12-13 | CVE-2023-45166 | Unspecified vulnerability in IBM AIX and Vios IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the piodmgrsu command to obtain elevated privileges. | 7.8 |