Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-08 | CVE-2023-33846 | Cross-site Scripting vulnerability in IBM Cics TX and Txseries for Multiplatform IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 is vulnerable to cross-site scripting. | 5.4 |
| 2023-06-07 | CVE-2023-33848 | Unspecified vulnerability in IBM Cics TX and Txseries for Multiplatforms IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 could allow a privileged user to obtain highly sensitive information by enabling debug mode. | 6.5 |
| 2023-06-05 | CVE-2023-27861 | Cleartext Transmission of Sensitive Information vulnerability in IBM Maximo Application Suite 8.8.0/8.9.0 IBM Maximo Application Suite - Manage Component 8.8.0 and 8.9.0 transmits sensitive information in cleartext that could be intercepted by an attacker using man in the middle techniques. | 5.9 |
| 2023-06-05 | CVE-2023-32334 | Unspecified vulnerability in IBM Maximo Application Suite and Maximo Asset Management IBM Maximo Asset Management 7.6.1.2, 7.6.1.3 and IBM Maximo Application Suite 8.8.0 stores sensitive information in URL parameters. | 5.3 |
| 2023-05-19 | CVE-2023-22878 | Cleartext Storage of Sensitive Information vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Information Server 11.7 stores user credentials in plain clear text which can be read by a local user. | 5.5 |
| 2023-05-19 | CVE-2023-28529 | Cross-site Scripting vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Information Server 11.7 is vulnerable to stored cross-site scripting. | 5.4 |
| 2023-05-19 | CVE-2023-28950 | Unspecified vulnerability in IBM MQ IBM MQ 8.0, 9.0, 9.1, 9.2, and 9.3 could disclose sensitive user information from a trace file if that functionality has been enabled. | 5.5 |
| 2023-05-19 | CVE-2023-28514 | Information Exposure Through an Error Message vulnerability in IBM MQ IBM MQ 8.0, 9.0, and 9.1 could allow a local user to obtain sensitive credential information when a detailed technical error message is returned in a stack trace. | 5.5 |
| 2023-05-12 | CVE-2023-27863 | Unspecified vulnerability in IBM Spectrum Protect 10.1.13 IBM Spectrum Protect Plus Server 10.1.13, under specific configurations, could allow an elevated user to obtain SMB credentials that may be used to access vSnap data stores. | 4.9 |
| 2023-05-12 | CVE-2023-28520 | Cross-site Scripting vulnerability in IBM Planning Analytics Local 2.0.0 IBM Planning Analytics Local 2.0 is vulnerable to stored cross-site scripting. | 5.4 |