Vulnerabilities > IBM > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-28 | CVE-2024-35116 | Allocation of Resources Without Limits or Throttling vulnerability in IBM MQ IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS, and 9.3 CD is vulnerable to a denial of service attack caused by an error applying configuration changes. | 7.5 |
| 2024-06-28 | CVE-2024-38322 | Information Exposure Through Discrepancy vulnerability in IBM Storage Defender Resiliency Service IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 agent username and password error response discrepancy exposes product to brute force enumeration. | 7.5 |
| 2024-06-28 | CVE-2024-31912 | Unspecified vulnerability in IBM MQ 9.3.0 IBM MQ 9.3 LTS and 9.3 CD could allow an authenticated user to escalate their privileges under certain configurations due to incorrect privilege assignment. | 8.8 |
| 2024-06-28 | CVE-2024-31919 | Unspecified vulnerability in IBM MQ IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS and 9.3 CD, in certain configurations, is vulnerable to a denial of service attack caused by an error processing messages when an API Exit using MQBUFMH is used. | 7.5 |
| 2024-06-27 | CVE-2023-30997 | Unspecified vulnerability in IBM Security Access Manager 10.0.0.0/10.0.7.1 IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain root access due to improper access controls. | 7.8 |
| 2024-06-27 | CVE-2023-30998 | Unspecified vulnerability in IBM Security Access Manager 10.0.0.0/10.0.7.1 IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain root access due to improper access controls. | 7.8 |
| 2024-06-27 | CVE-2023-38371 | Unspecified vulnerability in IBM Security Access Manager 10.0.0.0/10.0.7.1 IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
| 2024-06-27 | CVE-2024-31916 | Missing Authentication for Critical Function vulnerability in IBM Openbmc IBM OpenBMC FW1050.00 through FW1050.10 BMCWeb HTTPS server component could disclose sensitive URI content to an unauthorized actor that bypasses authentication channels. | 7.5 |
| 2024-06-20 | CVE-2024-37532 | Improper Verification of Cryptographic Signature vulnerability in IBM Websphere Application Server 8.5.0.0/9.0.0.0 IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to identity spoofing by an authenticated user due to improper signature validation. | 8.8 |
| 2024-06-19 | CVE-2024-38329 | Unspecified vulnerability in IBM Storage Protect for Virtual Environments IBM Storage Protect for Virtual Environments: Data Protection for VMware 8.1.0.0 through 8.1.22.0 could allow a remote authenticated attacker to bypass security restrictions, caused by improper validation of user permission. | 7.7 |