Vulnerabilities > IBM > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-16 | CVE-2023-38728 | Unspecified vulnerability in IBM DB2 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted XML query statement. | 7.5 |
| 2023-10-16 | CVE-2023-38740 | Unspecified vulnerability in IBM DB2 11.5/11.5.5.0/11.5.6 IBM Db2 for Linux, UNIX, and Windows (includes Db2 Connect Server) 11.5 is vulnerable to a denial of service with a specially crafted SQL statement. | 7.5 |
| 2023-10-16 | CVE-2023-30987 | Unspecified vulnerability in IBM DB2 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query on certain databases. | 7.5 |
| 2023-10-16 | CVE-2023-38720 | Unspecified vulnerability in IBM DB2 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 and 11.5 is vulnerable to denial of service with a specially crafted ALTER TABLE statement. | 7.5 |
| 2023-10-16 | CVE-2023-38280 | Improper Privilege Management vulnerability in IBM Hardware Management Console 10.1.1010.0/10.2.1030.0 IBM HMC (Hardware Management Console) 10.1.1010.0 and 10.2.1030.0 could allow a local user to escalate their privileges to root access on a restricted shell. | 7.8 |
| 2023-10-16 | CVE-2023-40377 | Unspecified vulnerability in IBM I 7.2/7.3/7.4 Backup, Recovery, and Media Services (BRMS) for IBM i 7.2, 7.3, and 7.4 contains a local privilege escalation vulnerability. | 7.8 |
| 2023-10-16 | CVE-2023-35018 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Security Verify Governance 10.0/10.0.1 IBM Security Verify Governance 10.0 could allow a privileged use to upload arbitrary files due to improper file validation. | 7.2 |
| 2023-10-15 | CVE-2023-40378 | Unspecified vulnerability in IBM I IBM Directory Server for IBM i contains a local privilege escalation vulnerability. | 7.8 |
| 2023-10-14 | CVE-2023-30994 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Qradar Security Information and Event Manager 7.5.0 IBM QRadar SIEM 7.5.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
| 2023-10-14 | CVE-2022-43740 | Resource Exhaustion vulnerability in IBM Security Verify Access Oidc Provider IBM Security Verify Access OIDC Provider could allow a remote user to cause a denial of service due to uncontrolled resource consumption. | 7.5 |