Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-03-31 | CVE-2023-50959 | Unspecified vulnerability in IBM Cloud PAK for Business Automation IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2,19.0.1, 19.0.2, 19.0.3,20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1,2 2.0.2, 23.0.1, and 23.0.2 may allow end users to query more documents than expected from a connected Enterprise Content Management system when configured to use a system account. | 6.5 |
| 2024-03-31 | CVE-2024-25027 | Unspecified vulnerability in IBM Security Verify Access 10.0.6 IBM Security Verify Access 10.0.6 could disclose sensitive snapshot information due to missing encryption. | 5.5 |
| 2024-03-27 | CVE-2023-50961 | Unspecified vulnerability in IBM Qradar Security Information and Event Manager 7.5.0 IBM QRadar SIEM 7.5 is vulnerable to stored cross-site scripting. | 5.4 |
| 2024-03-27 | CVE-2024-27270 | Unspecified vulnerability in IBM Websphere Application Server 24.0.0.3 IBM WebSphere Application Server Liberty 23.0.0.3 through 24.0.0.3 is vulnerable to cross-site scripting. | 6.1 |
| 2024-03-27 | CVE-2024-28784 | Cross-site Scripting vulnerability in IBM Qradar Security Information and Event Manager 7.5.0 IBM QRadar SIEM 7.5 is vulnerable to cross-site scripting. | 5.4 |
| 2024-03-26 | CVE-2024-22356 | Improper Encoding or Escaping of Output vulnerability in IBM APP Connect Enterprise and Integration BUS IBM App Connect Enterprise 11.0.0.1 through 11.0.0.23, 12.0.1.0 through 12.0.9.0 and IBM Integration Bus for z/OS 10.1 through 10.1.0.2store potentially sensitive information in log or trace files that could be read by a privileged user. | 4.9 |
| 2024-03-22 | CVE-2022-32751 | Unspecified vulnerability in IBM Security Verify Directory 10.0.0 IBM Security Verify Directory 10.0.0 could disclose sensitive server information that could be used in further attacks against the system. | 5.3 |
| 2024-03-22 | CVE-2022-32753 | Unspecified vulnerability in IBM Security Verify Directory 10.0.0 IBM Security Verify Directory 10.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. low complexity ibm | 6.5 |
| 2024-03-22 | CVE-2022-32754 | Unspecified vulnerability in IBM Security Verify Directory 10.0.0 IBM Security Verify Directory 10.0.0 is vulnerable to cross-site scripting. | 4.8 |
| 2024-03-21 | CVE-2024-27277 | Unspecified vulnerability in IBM Storage Protect Plus 10.1.0 The private key for the IBM Storage Protect Plus Server 10.1.0 through 10.1.16 certificate can be disclosed, undermining the security of the certificate. | 5.5 |