Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-12 | CVE-2024-31881 | Unspecified vulnerability in IBM DB2 10.5/11.1/11.5 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a denial of service as the server may crash when using a specially crafted query on certain columnar tables by an authenticated user. | 6.5 |
| 2024-06-12 | CVE-2024-28762 | Allocation of Resources Without Limits or Throttling vulnerability in IBM DB2 10.5/11.1/11.5 IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query under certain conditions. | 6.5 |
| 2024-06-07 | CVE-2024-31878 | Unspecified vulnerability in IBM I IBM i 7.2, 7.3, 7.4, and 7.5 Service Tools Server (SST) is vulnerable to SST user enumeration by a remote attacker. | 5.3 |
| 2024-06-06 | CVE-2024-22326 | Missing Authentication for Critical Function vulnerability in IBM Ds8900F Firmware IBM System Storage DS8900F 89.22.19.0, 89.30.68.0, 89.32.40.0, 89.33.48.0, 89.40.83.0, and 89.40.93.0 could allow a remote user to create an LDAP connection with a valid username and empty password to establish an anonymous connection. | 6.3 |
| 2024-05-31 | CVE-2024-31889 | Unspecified vulnerability in IBM Planning Analytics Local 2.0.0/2.1.0 IBM Planning Analytics Local 2.0 and 2.1 is vulnerable to cross-site scripting. | 5.4 |
| 2024-05-31 | CVE-2024-31907 | Unspecified vulnerability in IBM Planning Analytics Local 2.0.0/2.1.0 IBM Planning Analytics Local 2.0 and 2.1 is vulnerable to cross-site scripting. | 5.4 |
| 2024-05-31 | CVE-2024-31908 | Unspecified vulnerability in IBM Planning Analytics Local 2.0.0/2.1.0 IBM Planning Analytics Local 2.0 and 2.1 is vulnerable to stored cross-site scripting. | 5.4 |
| 2024-05-30 | CVE-2022-43384 | Unspecified vulnerability in IBM Aspera Console 3.4.0/3.4.1/3.4.2 IBM Aspera Console 3.4.0 through 3.4.2 PL5 is vulnerable to cross-site scripting. | 5.4 |
| 2024-05-30 | CVE-2022-43575 | Unspecified vulnerability in IBM Aspera Console 3.4.0/3.4.1/3.4.2 IBM Aspera Console 3.4.0 through 3.4.2 PL5 is vulnerable to cross-site scripting. | 5.4 |
| 2024-05-28 | CVE-2023-37411 | Unspecified vulnerability in IBM Aspera Faspex IBM Aspera Faspex 5.0.0 through 5.0.6 is vulnerable to cross-site scripting. | 5.4 |