Vulnerabilities > IBM > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-02-06 CVE-2023-46183 Unspecified vulnerability in IBM Powervm Hypervisor
IBM PowerVM Hypervisor FW950.00 through FW950.90, FW1020.00 through FW1020.40, and FW1030.00 through FW1030.30 could allow a system administrator to obtain sensitive partition information.
local
low complexity
ibm
4.4
2024-02-04 CVE-2023-33851 Unspecified vulnerability in IBM Powervm Hypervisor
IBM PowerVM Hypervisor FW950.00 through FW950.90, FW1020.00 through FW1020.40, and FW1030.00 through FW1030.30 could reveal sensitive partition data to a system administrator.
network
low complexity
ibm
4.9
2024-02-04 CVE-2023-50947 Cross-site Scripting vulnerability in IBM products
IBM Business Automation Workflow 22.0.2, 23.0.1, and 23.0.2 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2024-02-03 CVE-2023-32329 Insufficient Verification of Data Authenticity vulnerability in IBM products
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) could allow a user to download files from an incorrect repository due to improper file validation.
local
low complexity
ibm CWE-345
5.5
2024-02-02 CVE-2023-47144 Cross-site Scripting vulnerability in IBM Tivoli Application Dependency Discovery Manager
IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.10 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
6.1
2024-02-02 CVE-2022-40744 Cross-site Scripting vulnerability in IBM Aspera Faspex
IBM Aspera Faspex 5.0.6 is vulnerable to stored cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2024-02-02 CVE-2023-38019 Path Traversal vulnerability in IBM Soar Qradar Plugin APP
IBM SOAR QRadar Plugin App 1.0 through 5.0.3 could allow a remote attacker to traverse directories on the system.
network
low complexity
ibm CWE-22
6.5
2024-02-02 CVE-2023-38020 Improper Output Neutralization for Logs vulnerability in IBM Soar Qradar Plugin APP
IBM SOAR QRadar Plugin App 1.0 through 5.0.3 could allow an authenticated user to manipulate output written to log files.
network
low complexity
ibm CWE-117
4.3
2024-02-02 CVE-2023-46159 Improper Input Validation vulnerability in IBM Storage Ceph 5.3Z1/5.3Z5/6.1Z1
IBM Storage Ceph 5.3z1, 5.3z5, and 6.1z1 could allow an authenticated user on the network to cause a denial of service from RGW.
network
low complexity
ibm CWE-20
6.5
2024-02-02 CVE-2023-50328 Exposure of Resource to Wrong Sphere vulnerability in IBM Powersc 1.3/2.0/2.1
IBM PowerSC 1.3, 2.0, and 2.1 may allow a remote attacker to view session identifiers passed via URL query strings.
network
low complexity
ibm CWE-668
5.3