Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-04-12 | CVE-2024-22334 | Unspecified vulnerability in IBM Urbancode Deploy IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM DevOps Deploy 8.0 through 8.0.0.1 could be vulnerable to incomplete revocation of permissions when deleting a custom security resource type. | 4.4 |
| 2024-04-12 | CVE-2024-22339 | Unspecified vulnerability in IBM Urbancode Deploy IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM DevOps Deploy 8.0 through 8.0.0.1 is vulnerable to a sensitive information due to insufficient obfuscation of sensitive values from some log files. | 4.3 |
| 2024-04-12 | CVE-2024-22359 | Unspecified vulnerability in IBM Urbancode Deploy IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM DevOps Deploy 8.0 through 8.0.0.1 are vulnerable to cross-site scripting. | 6.1 |
| 2024-04-10 | CVE-2024-31874 | Use of Uninitialized Resource vulnerability in IBM Security Verify Access IBM Security Verify Access Appliance 10.0.0 through 10.0.7 uses uninitialized variables when deploying that could allow a local user to cause a denial of service. | 5.5 |
| 2024-04-03 | CVE-2023-38729 | Unspecified vulnerability in IBM DB2 10.5/11.1/11.5 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to sensitive information disclosure when using ADMIN_CMD with IMPORT or EXPORT. | 6.5 |
| 2024-04-03 | CVE-2023-52296 | Unspecified vulnerability in IBM DB2 11.5 IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to denial of service when querying a specific UDF built-in function concurrently. | 5.3 |
| 2024-04-03 | CVE-2024-22360 | Unspecified vulnerability in IBM DB2 11.5 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to a denial of service with a specially crafted query on certain columnar tables. | 6.5 |
| 2024-04-03 | CVE-2024-25030 | Unspecified vulnerability in IBM DB2 11.1 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 stores potentially sensitive information in log files that could be read by a local user. | 5.5 |
| 2024-04-03 | CVE-2024-25046 | Unspecified vulnerability in IBM DB2 11.1/11.5 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to a denial of service by an authenticated user using a specially crafted query. | 6.5 |
| 2024-04-03 | CVE-2024-27254 | Unspecified vulnerability in IBM DB2 10.5/11.1/11.5 IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5, 11.1, and 11.5 federated server is vulnerable to denial of service with a specially crafted query under certain conditions. | 6.5 |