Vulnerabilities > IBM > High

DATE CVE VULNERABILITY TITLE RISK
2023-05-12 CVE-2023-28522 Incorrect Permission Assignment for Critical Resource vulnerability in IBM API Connect 10.0.0.0/10.0.1.0/10.0.1.1
IBM API Connect V10 could allow an authenticated user to perform actions that they should not have access to.
network
low complexity
ibm CWE-732
8.8
2023-05-11 CVE-2023-27870 Unspecified vulnerability in IBM Spectrum Virtualize 8.5
IBM Spectrum Virtualize 8.5, under certain circumstances, could disclose sensitive credential information while a download from Fix Central is in progress.
network
low complexity
ibm
7.5
2023-05-06 CVE-2022-22313 Unspecified vulnerability in IBM Qradar Data Synchronization 1.0/3.0.1
IBM QRadar Data Synchronization App 1.0 through 3.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm
7.5
2023-05-05 CVE-2023-26285 Unspecified vulnerability in IBM MQ Appliance
IBM MQ 9.2 CD, 9.2 LTS, 9.3 CD, and 9.3 LTS could allow a remote attacker to cause a denial of service due to an error processing invalid data.
network
low complexity
ibm
7.5
2023-05-04 CVE-2023-23470 SQL Injection vulnerability in IBM I
IBM i 7.2, 7.3, 7.4, and 7.5 could allow an authenticated privileged administrator to gain elevated privileges in non-default configurations, as a result of improper SQL processing.
network
low complexity
ibm CWE-89
7.2
2023-05-04 CVE-2023-24958 Unspecified vulnerability in IBM products
A vulnerability in the IBM TS7700 Management Interface 8.51.2.12, 8.52.200.111, 8.52.102.13, and 8.53.0.63 could allow an authenticated user to submit a specially crafted URL leading to privilege escalation and remote code execution.
network
low complexity
ibm
8.8
2023-04-29 CVE-2023-30441 Unspecified vulnerability in IBM products
IBM Runtime Environment, Java Technology Edition IBMJCEPlus and JSSE 8.0.7.0 through 8.0.7.11 components could expose sensitive information using a combination of flaws and configurations.
network
low complexity
ibm
7.5
2023-04-29 CVE-2022-41736 Unspecified vulnerability in IBM Spectrum Scale Container Native Storage Access 5.1.2.1/5.1.4.1/5.1.6.0
IBM Spectrum Scale Container Native Storage Access 5.1.2.1 through 5.1.6.0 contains an unspecified vulnerability that could allow a local user to obtain root privileges.
local
low complexity
ibm
7.8
2023-04-28 CVE-2023-26021 Unspecified vulnerability in IBM DB2
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to a denial of service as the server may crash when compiling a specially crafted SQL query using a LIMIT clause.
network
low complexity
ibm
7.5
2023-04-28 CVE-2023-26022 Unspecified vulnerability in IBM DB2
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to a denial of service as the server may crash when an Out of Memory occurs using the DBMS_OUTPUT module.
network
low complexity
ibm
7.5