Vulnerabilities > IBM > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-12-22 CVE-2023-45165 Unspecified vulnerability in IBM AIX 7.2/7.3
IBM AIX 7.2 and 7.3 could allow a non-privileged local user to exploit a vulnerability in the AIX SMB client to cause a denial of service.
local
low complexity
ibm
5.5
2023-12-20 CVE-2023-47703 Information Exposure Through an Error Message vulnerability in IBM Security Guardium KEY Lifecycle Manager 4.2.0
IBM Security Guardium Key Lifecycle Manager 4.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.
network
low complexity
ibm CWE-209
5.3
2023-12-20 CVE-2023-47705 Improper Input Validation vulnerability in IBM Security Guardium KEY Lifecycle Manager 4.2.0
IBM Security Guardium Key Lifecycle Manager 4.3 could allow an authenticated user to manipulate username data due to improper input validation.
network
low complexity
ibm CWE-20
4.3
2023-12-20 CVE-2023-47707 Cross-site Scripting vulnerability in IBM Security Guardium KEY Lifecycle Manager 4.2.0
IBM Security Guardium Key Lifecycle Manager 4.3 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2023-12-20 CVE-2023-42012 Unspecified vulnerability in IBM Urbancode Deploy
An IBM UrbanCode Deploy Agent 7.2 through 7.2.3.7, and 7.3 through 7.3.2.2 installed as a Windows service in a non-standard location could be subject to a denial of service attack by local accounts.
local
low complexity
ibm
5.5
2023-12-20 CVE-2023-42013 Information Exposure Through an Error Message vulnerability in IBM Urbancode Deploy
IBM UrbanCode Deploy (UCD) 7.1 through 7.1.2.14, 7.2 through 7.2.3.7, and 7.3 through 7.3.2.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.
network
low complexity
ibm CWE-209
5.3
2023-12-20 CVE-2023-47161 Improper Input Validation vulnerability in IBM Urbancode Deploy
IBM UrbanCode Deploy (UCD) 7.1 through 7.1.2.14, 7.2 through 7.2.3.7, and 7.3 through 7.3.2.2 may mishandle input validation of an uploaded archive file leading to a denial of service due to resource exhaustion.
network
low complexity
ibm CWE-20
6.5
2023-12-19 CVE-2023-45172 Unspecified vulnerability in IBM AIX and Vios
IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in AIX windows to cause a denial of service.
local
low complexity
ibm
5.5
2023-12-19 CVE-2023-47146 Unspecified vulnerability in IBM Qradar Security Information and Event Manager 7.5.0
IBM Qradar SIEM 7.5 could allow a privileged user to obtain sensitive domain information due to data being misidentified.
network
low complexity
ibm
6.5
2023-12-19 CVE-2023-42015 Cross-site Scripting vulnerability in IBM Urbancode Deploy
IBM UrbanCode Deploy (UCD) 7.1 through 7.1.2.14, 7.2 through 7.2.3.7, and 7.3 through 7.3.2.2 is vulnerable to HTML injection.
network
low complexity
ibm CWE-79
4.3