Vulnerabilities > IBM > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-28 | CVE-2023-24959 | Unspecified vulnerability in IBM Infosphere Information Server 11.7.1 IBM InfoSphere Information Systems 11.7 could expose information about the host system and environment configuration. | 7.5 |
| 2023-08-28 | CVE-2023-26271 | Improper Restriction of Excessive Authentication Attempts vulnerability in IBM Guardium Cloud KEY Manager IBM Security Guardium Data Encryption (IBM Guardium Cloud Key Manager (GCKM) 1.10.3)) uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. | 7.5 |
| 2023-08-28 | CVE-2022-43904 | Improper Restriction of Excessive Authentication Attempts vulnerability in IBM Security Guardium 11.3/11.4 IBM Security Guardium 11.3 and 11.4 could disclose sensitive information to an attacker due to improper restriction of excessive authentication attempts. | 7.5 |
| 2023-08-27 | CVE-2022-43907 | OS Command Injection vulnerability in IBM Security Guardium 11.4 IBM Security Guardium 11.4 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. | 8.8 |
| 2023-08-27 | CVE-2023-38730 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Storage Copy Data Management IBM Storage Copy Data Management 2.2.0.0 through 2.2.19.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
| 2023-08-22 | CVE-2023-33850 | Unspecified vulnerability in IBM Cics TX and Txseries for Multiplatform IBM GSKit-Crypto could allow a remote attacker to obtain sensitive information, caused by a timing-based side channel in the RSA Decryption implementation. | 7.5 |
| 2023-08-16 | CVE-2023-35893 | OS Command Injection vulnerability in IBM Security Guardium IBM Security Guardium 10.6, 11.3, 11.4, and 11.5 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. | 8.8 |
| 2023-08-16 | CVE-2023-38737 | Resource Exhaustion vulnerability in IBM Websphere Application Server IBM WebSphere Application Server Liberty 22.0.0.13 through 23.0.0.7 is vulnerable to a denial of service, caused by sending a specially-crafted request. | 7.5 |
| 2023-08-14 | CVE-2023-38721 | Unspecified vulnerability in IBM I The IBM i 7.2, 7.3, 7.4, and 7.5 product Facsimile Support for i contains a local privilege escalation vulnerability. | 7.8 |
| 2023-08-14 | CVE-2023-38741 | Unspecified vulnerability in IBM Txseries for Multiplatform 8.1/8.2/9.1 IBM TXSeries for Multiplatforms 8.1, 8.2, and 9.1 is vulnerable to a denial of service, caused by improper enforcement of the timeout on individual read operations. | 7.5 |