Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-19 | CVE-2023-50963 | Open Redirect vulnerability in IBM Storage Defender Data Protect 1.4.1 IBM Storage Defender - Data Protect 1.0.0 through 1.4.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. | 5.4 |
| 2024-01-19 | CVE-2023-35020 | Path Traversal vulnerability in IBM Sterling Control Center 6.3.0 IBM Sterling Control Center 6.3.0 could allow a remote attacker to traverse directories on the system. | 5.3 |
| 2024-01-17 | CVE-2023-50950 | Unspecified vulnerability in IBM Qradar Security Information and Event Manager 7.5.0 IBM QRadar SIEM 7.5 could disclose sensitive email information in responses from offense rules. | 5.3 |
| 2024-01-11 | CVE-2023-31001 | Storing Passwords in a Recoverable Format vulnerability in IBM products IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.6.1) temporarily stores sensitive information in files that could be accessed by a local user. | 5.5 |
| 2024-01-11 | CVE-2023-38267 | Missing Encryption of Sensitive Data vulnerability in IBM products IBM Security Access Manager Appliance (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.6.1) could allow a local user to possibly elevate their privileges due to sensitive configuration information being exposed. | 5.5 |
| 2024-01-11 | CVE-2023-45169 | Unspecified vulnerability in IBM AIX and Vios IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the pmsvcs kernel extension to cause a denial of service. | 5.5 |
| 2024-01-11 | CVE-2023-45171 | Unspecified vulnerability in IBM AIX and Vios IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the kernel to cause a denial of service. | 5.5 |
| 2024-01-11 | CVE-2023-45173 | Unspecified vulnerability in IBM AIX and Vios IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the NFS kernel extension to cause a denial of service. | 5.5 |
| 2024-01-11 | CVE-2023-45175 | Unspecified vulnerability in IBM AIX and Vios IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the TCP/IP kernel extension to cause a denial of service. | 5.5 |
| 2023-12-25 | CVE-2021-38927 | Cross-site Scripting vulnerability in IBM Aspera Console 3.4.0/3.4.1/3.4.2 IBM Aspera Console 3.4.0 is vulnerable to cross-site scripting. | 6.1 |