Vulnerabilities > IBM > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-05-12 | CVE-2023-28522 | Incorrect Permission Assignment for Critical Resource vulnerability in IBM API Connect 10.0.0.0/10.0.1.0/10.0.1.1 IBM API Connect V10 could allow an authenticated user to perform actions that they should not have access to. | 8.8 |
2023-05-11 | CVE-2023-27870 | Unspecified vulnerability in IBM Spectrum Virtualize 8.5 IBM Spectrum Virtualize 8.5, under certain circumstances, could disclose sensitive credential information while a download from Fix Central is in progress. | 7.5 |
2023-05-06 | CVE-2022-22313 | Unspecified vulnerability in IBM Qradar Data Synchronization 1.0/3.0.1 IBM QRadar Data Synchronization App 1.0 through 3.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
2023-05-05 | CVE-2023-26285 | Unspecified vulnerability in IBM MQ Appliance IBM MQ 9.2 CD, 9.2 LTS, 9.3 CD, and 9.3 LTS could allow a remote attacker to cause a denial of service due to an error processing invalid data. | 7.5 |
2023-05-04 | CVE-2023-23470 | SQL Injection vulnerability in IBM I IBM i 7.2, 7.3, 7.4, and 7.5 could allow an authenticated privileged administrator to gain elevated privileges in non-default configurations, as a result of improper SQL processing. | 7.2 |
2023-05-04 | CVE-2023-24958 | Unspecified vulnerability in IBM products A vulnerability in the IBM TS7700 Management Interface 8.51.2.12, 8.52.200.111, 8.52.102.13, and 8.53.0.63 could allow an authenticated user to submit a specially crafted URL leading to privilege escalation and remote code execution. | 8.8 |
2023-04-29 | CVE-2023-30441 | Unspecified vulnerability in IBM products IBM Runtime Environment, Java Technology Edition IBMJCEPlus and JSSE 8.0.7.0 through 8.0.7.11 components could expose sensitive information using a combination of flaws and configurations. | 7.5 |
2023-04-29 | CVE-2022-41736 | Unspecified vulnerability in IBM Spectrum Scale Container Native Storage Access 5.1.2.1/5.1.4.1/5.1.6.0 IBM Spectrum Scale Container Native Storage Access 5.1.2.1 through 5.1.6.0 contains an unspecified vulnerability that could allow a local user to obtain root privileges. | 7.8 |
2023-04-28 | CVE-2023-26021 | Unspecified vulnerability in IBM DB2 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to a denial of service as the server may crash when compiling a specially crafted SQL query using a LIMIT clause. | 7.5 |
2023-04-28 | CVE-2023-26022 | Unspecified vulnerability in IBM DB2 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to a denial of service as the server may crash when an Out of Memory occurs using the DBMS_OUTPUT module. | 7.5 |