2024-03-01 | CVE-2023-50305 | Unspecified vulnerability in IBM products IBM Engineering Requirements Management DOORS 9.7.2.7 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. local high complexity ibm | 5.1 |
2024-02-29 | CVE-2023-38367 | Unspecified vulnerability in IBM Cloud PAK for Business Automation IBM Cloud Pak Foundational Services Identity Provider (idP) API (IBM Cloud Pak for Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2) allows CRUD Operations with an invalid token. network low complexity ibm | 6.5 |
2024-02-28 | CVE-2023-50303 | Unspecified vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. network low complexity ibm | 6.1 |
2024-02-26 | CVE-2022-34357 | IBM Cognos Analytics Mobile Server 11.1.7, 11.2.4, and 12.0.0 is vulnerable to Denial of Service due to due to weak or absence of rate limiting. | 6.5 |
2024-02-26 | CVE-2023-30996 | IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 could be vulnerable to information leakage due to unverified sources in messages sent between Windows objects of different origins. | 5.3 |
2024-02-26 | CVE-2023-32344 | IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 is vulnerable to form action hijacking where it is possible to modify the form action to reference an arbitrary path. | 4.3 |
2024-02-26 | CVE-2023-38359 | IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 is vulnerable to cross-site scripting. | 6.1 |
2024-02-26 | CVE-2023-43051 | IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 is vulnerable to cross-site scripting. | 5.4 |
2024-02-21 | CVE-2023-33843 | Unspecified vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. network low complexity ibm | 5.4 |
2024-02-17 | CVE-2023-50951 | Unspecified vulnerability in IBM Cloud PAK for Security and Qradar Suite IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 in some circumstances will log some sensitive information about invalid authorization attempts. network low complexity ibm | 4.3 |