Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-03-08 | CVE-2022-43855 | Unspecified vulnerability in IBM Spss Statistics 26.0.0.0/27.0.1.0/28.0.0.0 IBM SPSS Statistics 26.0, 27.0.1, and 28.0 could allow a local user to create multiple files that could exhaust the file handles capacity and cause a denial of service. | 5.5 |
| 2024-03-05 | CVE-2022-22399 | Improper Encoding or Escaping of Output vulnerability in IBM Aspera Faspex 5.0.0/5.0.1 IBM Aspera Faspex 5.0.0 and 5.0.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. | 6.5 |
| 2024-03-05 | CVE-2023-26282 | Unspecified vulnerability in IBM Watson Cp4D Data Stores IBM Watson CP4D Data Stores 4.6.0 through 4.6.3 could allow a user with physical access and specific knowledge of the system to modify files or data on the system. high complexity ibm | 4.2 |
| 2024-03-04 | CVE-2023-38360 | Unspecified vulnerability in IBM Cics TX 10.1 IBM CICS TX Advanced 10.1 is vulnerable to cross-site scripting. | 6.1 |
| 2024-03-04 | CVE-2023-38362 | Information Exposure Through Discrepancy vulnerability in IBM Cics TX 10.1 IBM CICS TX Advanced 10.1 could disclose sensitive information to a remote attacker due to observable discrepancy in HTTP responses. | 5.3 |
| 2024-03-03 | CVE-2023-28512 | Unspecified vulnerability in IBM Watson Cp4D Data Stores 4.6.0/4.6.1/4.6.2 IBM Watson CP4D Data Stores 4.6.0, 4.6.1, and 4.6.2 could allow an attacker with specific knowledge about the system to manipulate data due to improper input validation. | 5.9 |
| 2024-03-03 | CVE-2023-43054 | Unspecified vulnerability in IBM Engineering Test Management 7.0.2/7.0.3 IBM Engineering Test Management 7.0.2 and 7.0.3 is vulnerable to stored cross-site scripting. | 5.4 |
| 2024-03-03 | CVE-2024-22355 | Unspecified vulnerability in IBM Cloud PAK for Security and Qradar Suite IBM QRadar Suite Products 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. | 5.9 |
| 2024-03-03 | CVE-2023-47745 | Unspecified vulnerability in IBM MQ Operator IBM MQ Operator 2.0.0 LTS, 2.0.18 LTS, 3.0.0 CD, 3.0.1 CD, 2.4.0 through 2.4.7, 2.3.0 through 2.3.3, 2.2.0 through 2.2.2, and 2.3.0 through 2.3.3 stores or transmits user credentials in plain clear text which can be read by a local user using a trace command. | 5.5 |
| 2024-03-01 | CVE-2023-28525 | Unspecified vulnerability in IBM products IBM Engineering Requirements Management 9.7.2.7 is vulnerable to cross-site scripting. | 4.8 |