Vulnerabilities > IBM > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-15 | CVE-2023-40378 | Unspecified vulnerability in IBM I IBM Directory Server for IBM i contains a local privilege escalation vulnerability. | 7.8 |
| 2023-10-14 | CVE-2023-30994 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Qradar Security Information and Event Manager 7.5.0 IBM QRadar SIEM 7.5.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
| 2023-10-14 | CVE-2022-43740 | Resource Exhaustion vulnerability in IBM Security Verify Access Oidc Provider IBM Security Verify Access OIDC Provider could allow a remote user to cause a denial of service due to uncontrolled resource consumption. | 7.5 |
| 2023-10-14 | CVE-2023-35024 | Cross-site Scripting vulnerability in IBM Cloud PAK for Business Automation IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 is vulnerable to cross-site scripting. | 7.6 |
| 2023-10-14 | CVE-2022-33165 | Path Traversal vulnerability in IBM Security Directory Integrator 7.2.0 IBM Security Directory Server 6.4.0 could allow a remote attacker to traverse directories on the system. | 7.5 |
| 2023-10-06 | CVE-2022-33160 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Security Directory Suite VA 8.0.1 IBM Security Directory Suite 8.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
| 2023-10-06 | CVE-2023-35897 | Uncontrolled Search Path Element vulnerability in IBM Storage Protect and Storage Protect Client IBM Spectrum Protect Client and IBM Storage Protect for Virtual Environments 8.1.0.0 through 8.1.19.0 could allow a local user to execute arbitrary code on the system using a specially crafted file, caused by a DLL hijacking flaw. | 7.8 |
| 2023-10-04 | CVE-2022-22447 | Unspecified vulnerability in IBM Disconnected LOG Collector 1.0/1.8.2 IBM Disconnected Log Collector 1.0 through 1.8.2 is vulnerable to potential security misconfigurations that could disclose unintended information. | 7.5 |
| 2023-09-28 | CVE-2023-40375 | Improper Privilege Management vulnerability in IBM I Integrated application server for IBM i 7.2, 7.3, 7.4, and 7.5 contains a local privilege escalation vulnerability. | 7.8 |
| 2023-09-28 | CVE-2023-43044 | Path Traversal vulnerability in IBM License Metric Tool IBM License Metric Tool 9.2 could allow a remote attacker to traverse directories on the system. | 7.5 |