Vulnerabilities > IBM > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-03 | CVE-2023-45178 | Unspecified vulnerability in IBM DB2 11.5 IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5 CLI is vulnerable to a denial of service when a specially crafted request is used. | 7.5 |
| 2023-12-01 | CVE-2023-40699 | Unspecified vulnerability in IBM Infosphere Information Server 11.7.1 IBM InfoSphere Information Server 11.7 could allow a remote attacker to cause a denial of service due to improper input validation. | 7.5 |
| 2023-12-01 | CVE-2023-38268 | Unspecified vulnerability in IBM Infosphere Information Server 11.7.1 IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2023-12-01 | CVE-2023-45168 | Unspecified vulnerability in IBM AIX and Vios IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the invscout command to execute arbitrary commands. | 7.8 |
| 2023-11-28 | CVE-2023-42004 | Unspecified vulnerability in IBM Security Guardium 11.3/11.4/11.5 IBM Security Guardium 11.3, 11.4, and 11.5 is potentially vulnerable to CSV injection. | 8.8 |
| 2023-11-24 | CVE-2023-26279 | Improper Encoding or Escaping of Output vulnerability in IBM Qradar Wincollect 10.0/10.0.1/10.1.6 IBM QRadar WinCollect Agent 10.0 through 10.1.7 could allow a local user to perform unauthorized actions due to improper encoding. | 7.8 |
| 2023-11-22 | CVE-2022-35638 | Unspecified vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2023-11-18 | CVE-2023-38361 | Unspecified vulnerability in IBM Cics TX 10.1 IBM CICS TX Advanced 10.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
| 2023-11-03 | CVE-2023-46176 | Unspecified vulnerability in IBM MQ Appliance 9.3.0.0 IBM MQ Appliance 9.3 CD could allow a local attacker to gain elevated privileges on the system, caused by improper validation of security keys. | 7.8 |
| 2023-11-03 | CVE-2023-42027 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Cics TX and Txseries for Multiplatforms IBM CICS TX Standard 11.1, Advanced 10.1, 11.1, and TXSeries for Multiplatforms 8.1, 8.2, 9.1 are vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |