Vulnerabilities > IBM > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-22 | CVE-2023-47141 | Unspecified vulnerability in IBM DB2 IIBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 could allow an authenticated user with CONNECT privileges to cause a denial of service using a specially crafted query. | 6.5 |
2024-01-22 | CVE-2023-27859 | Unspecified vulnerability in IBM DB2 IBM Db2 10.1, 10.5, and 11.1 could allow a remote user to execute arbitrary code caused by installing like named jar files across multiple databases. | 6.5 |
2024-01-22 | CVE-2023-47158 | Unspecified vulnerability in IBM DB2 IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1 and 11.5 could allow an authenticated user with CONNECT privileges to cause a denial of service using a specially crafted query. | 6.5 |
2024-01-22 | CVE-2023-47747 | Unspecified vulnerability in IBM DB2 IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.1, 10.5, and 11.1 could allow an authenticated user with CONNECT privileges to cause a denial of service using a specially crafted query. | 6.5 |
2024-01-22 | CVE-2023-47746 | Unspecified vulnerability in IBM DB2 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 could allow an authenticated user with CONNECT privileges to cause a denial of service using a specially crafted query. | 6.5 |
2024-01-22 | CVE-2023-50308 | Unspecified vulnerability in IBM DB2 IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5 under certain circumstances could allow an authenticated user to the database to cause a denial of service when a statement is run on columnar tables. | 6.5 |
2024-01-19 | CVE-2023-32337 | Server-Side Request Forgery (SSRF) vulnerability in IBM Maximo Application Suite and Maximo Asset Management IBM Maximo Spatial Asset Management 8.10 is vulnerable to server-side request forgery (SSRF). | 5.4 |
2024-01-19 | CVE-2023-50963 | Unspecified vulnerability in IBM Storage Defender Data Protect 1.4.1 IBM Storage Defender - Data Protect 1.0.0 through 1.4.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. | 5.4 |
2024-01-19 | CVE-2023-35020 | Unspecified vulnerability in IBM Sterling Control Center 6.3.0 IBM Sterling Control Center 6.3.0 could allow a remote attacker to traverse directories on the system. | 5.3 |
2024-01-17 | CVE-2023-50950 | Unspecified vulnerability in IBM Qradar Security Information and Event Manager 7.5.0 IBM QRadar SIEM 7.5 could disclose sensitive email information in responses from offense rules. | 5.3 |