Vulnerabilities > IBM > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-10 | CVE-2021-38957 | Improper Input Validation vulnerability in IBM Security Verify Access 10.0.0/10.0.1.0/10.0.2.0 IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 could disclose sensitive information due to hazardous input validation during QR code generation. | 7.5 |
| 2022-01-10 | CVE-2021-38990 | Unspecified vulnerability in IBM AIX and Vios IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the mount command which could lead to code execution. | 7.8 |
| 2022-01-05 | CVE-2021-38918 | Unspecified vulnerability in IBM Powervm Hypervisor IBM PowerVM Hypervisor FW860, FW940, FW950, and FW1010, through a specific sequence of VM management operations could lead to a violation of the isolation between peer VMs. | 7.5 |
| 2021-12-14 | CVE-2021-38950 | Unspecified vulnerability in IBM MQ for HPE Nonstop 8.0.4/8.1.0 IBM MQ on HPE NonStop 8.0.4 and 8.1.0 is vulnerable to a privilege escalation attack when SharedBindingsUserId is set to effective. | 7.8 |
| 2021-12-13 | CVE-2021-39049 | Out-of-bounds Write vulnerability in IBM I2 Analysts Notebook IBM i2 Analyst's Notebook 9.2.0, 9.2.1, and 9.2.2 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. | 7.8 |
| 2021-12-13 | CVE-2021-39050 | Out-of-bounds Write vulnerability in IBM I2 Analysts Notebook IBM i2 Analyst's Notebook 9.2.0, 9.2.1, and 9.2.2 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. | 7.8 |
| 2021-12-13 | CVE-2021-39057 | Server-Side Request Forgery (SSRF) vulnerability in IBM Spectrum Protect Plus IBM Spectrum Protect Plus 10.1.0.0 through 10.1.8.x is vulnerable to server-side request forgery (SSRF). | 8.1 |
| 2021-12-13 | CVE-2021-38947 | Inadequate Encryption Strength vulnerability in IBM Spectrum Copy Data Management 2.2.0.0/2.2.13 IBM Spectrum Copy Data Management 2.2.13 and earlier uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
| 2021-12-13 | CVE-2021-39053 | Unspecified vulnerability in IBM Spectrum Copy Data Management 2.2.0.0/2.2.13 IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to obtain sensitive information, caused by the improper handling of requests for Spectrum Copy Data Management Admin Console. | 7.5 |
| 2021-12-13 | CVE-2021-39058 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Spectrum Copy Data Management 2.2.0.0/2.2.13 IBM Spectrum Copy Data Management 2.2.13 and earlier uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |