Vulnerabilities > IBM > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-08 | CVE-2024-38330 | Unspecified vulnerability in IBM I 7.2/7.3/7.4 IBM System Management for i 7.2, 7.3, and 7.4 could allow a local user to gain elevated privileges due to an unqualified library program call. | 7.8 |
| 2024-06-30 | CVE-2024-31902 | Unspecified vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2024-06-28 | CVE-2024-35116 | Allocation of Resources Without Limits or Throttling vulnerability in IBM MQ IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS, and 9.3 CD is vulnerable to a denial of service attack caused by an error applying configuration changes. | 7.5 |
| 2024-06-28 | CVE-2024-38322 | Information Exposure Through Discrepancy vulnerability in IBM Storage Defender Resiliency Service IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 agent username and password error response discrepancy exposes product to brute force enumeration. | 7.5 |
| 2024-06-28 | CVE-2024-31912 | Unspecified vulnerability in IBM MQ 9.3.0 IBM MQ 9.3 LTS and 9.3 CD could allow an authenticated user to escalate their privileges under certain configurations due to incorrect privilege assignment. | 8.8 |
| 2024-06-28 | CVE-2024-31919 | Unspecified vulnerability in IBM MQ IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS and 9.3 CD, in certain configurations, is vulnerable to a denial of service attack caused by an error processing messages when an API Exit using MQBUFMH is used. | 7.5 |
| 2024-06-27 | CVE-2023-30997 | Unspecified vulnerability in IBM Security Access Manager 10.0.0.0/10.0.7.1 IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain root access due to improper access controls. | 7.8 |
| 2024-06-27 | CVE-2023-30998 | Unspecified vulnerability in IBM Security Access Manager 10.0.0.0/10.0.7.1 IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain root access due to improper access controls. | 7.8 |
| 2024-06-27 | CVE-2023-38371 | Unspecified vulnerability in IBM Security Access Manager 10.0.0.0/10.0.7.1 IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
| 2024-06-27 | CVE-2024-31916 | Missing Authentication for Critical Function vulnerability in IBM Openbmc IBM OpenBMC FW1050.00 through FW1050.10 BMCWeb HTTPS server component could disclose sensitive URI content to an unauthorized actor that bypasses authentication channels. | 7.5 |