Vulnerabilities > IBM > High

DATE CVE VULNERABILITY TITLE RISK
2023-08-27 CVE-2022-43907 OS Command Injection vulnerability in IBM Security Guardium 11.4
IBM Security Guardium 11.4 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request.
network
low complexity
ibm CWE-78
8.8
2023-08-27 CVE-2023-38730 Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Storage Copy Data Management
IBM Storage Copy Data Management 2.2.0.0 through 2.2.19.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm CWE-327
7.5
2023-08-22 CVE-2023-33850 Unspecified vulnerability in IBM Cics TX and Txseries for Multiplatform
IBM GSKit-Crypto could allow a remote attacker to obtain sensitive information, caused by a timing-based side channel in the RSA Decryption implementation.
network
low complexity
ibm
7.5
2023-08-16 CVE-2023-35893 OS Command Injection vulnerability in IBM Security Guardium
IBM Security Guardium 10.6, 11.3, 11.4, and 11.5 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request.
network
low complexity
ibm CWE-78
8.8
2023-08-16 CVE-2023-38737 Resource Exhaustion vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server Liberty 22.0.0.13 through 23.0.0.7 is vulnerable to a denial of service, caused by sending a specially-crafted request.
network
low complexity
ibm CWE-400
7.5
2023-08-14 CVE-2023-38721 Unspecified vulnerability in IBM I
The IBM i 7.2, 7.3, 7.4, and 7.5 product Facsimile Support for i contains a local privilege escalation vulnerability.
local
low complexity
ibm
7.8
2023-08-14 CVE-2023-38741 Unspecified vulnerability in IBM Txseries for Multiplatform 8.1/8.2/9.1
IBM TXSeries for Multiplatforms 8.1, 8.2, and 9.1 is vulnerable to a denial of service, caused by improper enforcement of the timeout on individual read operations.
network
low complexity
ibm
7.5
2023-07-31 CVE-2022-43831 Unspecified vulnerability in IBM Spectrum Scale Container Native Storage Access 5.1.2.1/5.1.4.1/5.1.6.0
IBM Storage Scale Container Native Storage Access 5.1.2.1 through 5.1.6.1 could allow a local user to obtain escalated privileges on a host without proper security context settings configured.
local
low complexity
ibm
7.8
2023-07-31 CVE-2023-35019 OS Command Injection vulnerability in IBM Security Verify Governance 10.0
IBM Security Verify Governance, Identity Manager 10.0 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request.
network
low complexity
ibm CWE-78
8.8
2023-07-19 CVE-2022-43910 Improper Preservation of Permissions vulnerability in IBM Security Guardium 11.3
IBM Security Guardium 11.3 could allow a local user to escalate their privileges due to improper permission controls.
local
low complexity
ibm CWE-281
7.8