Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-03-13 | CVE-2023-28517 | Unspecified vulnerability in IBM Sterling Partner Engagement Manager 6.1.2/6.2.0/6.2.2 IBM Sterling Partner Engagement Manager 6.1.2, 6.2.0, and 6.2.2 is vulnerable to cross-site scripting. | 5.4 |
| 2024-03-13 | CVE-2023-38723 | Unspecified vulnerability in IBM Maximo Application Suite 7.6.1.3 IBM Maximo Application Suite 7.6.1.3 is vulnerable to stored cross-site scripting. | 6.4 |
| 2024-03-08 | CVE-2022-43855 | Unspecified vulnerability in IBM Spss Statistics 26.0.0.0/27.0.1.0/28.0.0.0 IBM SPSS Statistics 26.0, 27.0.1, and 28.0 could allow a local user to create multiple files that could exhaust the file handles capacity and cause a denial of service. | 5.5 |
| 2024-03-07 | CVE-2023-46169 | Unspecified vulnerability in IBM Ds8900F Firmware IBM DS8900F HMC 89.21.19.0, 89.21.31.0, 89.30.68.0, 89.32.40.0, and 89.33.48.0 could allow an authenticated user to arbitrarily delete a file. | 6.5 |
| 2024-03-07 | CVE-2023-46171 | Unspecified vulnerability in IBM Ds8900F Firmware IBM DS8900F HMC 89.21.19.0, 89.21.31.0, 89.30.68.0, 89.32.40.0, and 89.33.48.0 could allow an authenticated user to view sensitive log information after enumerating filenames. | 4.3 |
| 2024-03-05 | CVE-2022-22399 | Improper Encoding or Escaping of Output vulnerability in IBM Aspera Faspex 5.0.0/5.0.1 IBM Aspera Faspex 5.0.0 and 5.0.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. | 6.5 |
| 2024-03-05 | CVE-2023-25681 | Unspecified vulnerability in IBM Spectrum Virtualize 8.5.0.0 LDAP users on IBM Spectrum Virtualize 8.5 which are configured to require multifactor authentication can still authenticate to the CIM interface using only username and password. | 6.5 |
| 2024-03-05 | CVE-2023-26282 | Unspecified vulnerability in IBM Watson Cp4D Data Stores IBM Watson CP4D Data Stores 4.6.0 through 4.6.3 could allow a user with physical access and specific knowledge of the system to modify files or data on the system. high complexity ibm | 4.2 |
| 2024-03-04 | CVE-2023-38360 | Unspecified vulnerability in IBM Cics TX 10.1 IBM CICS TX Advanced 10.1 is vulnerable to cross-site scripting. | 6.1 |
| 2024-03-04 | CVE-2023-38362 | Information Exposure Through Discrepancy vulnerability in IBM Cics TX 10.1 IBM CICS TX Advanced 10.1 could disclose sensitive information to a remote attacker due to observable discrepancy in HTTP responses. | 5.3 |