Vulnerabilities > IBM > Security Guardium > 11.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-05-14 | CVE-2023-47709 | Unspecified vulnerability in IBM Security Guardium IBM Security Guardium 11.3, 11.4, 11.5, and 12.0 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. | 8.8 |
| 2024-05-14 | CVE-2023-47711 | Unspecified vulnerability in IBM Security Guardium IBM Security Guardium 11.3, 11.4, 11.5, and 12.0 could allow an authenticated user to upload files that would cause a denial of service. | 6.5 |
| 2023-11-28 | CVE-2023-42004 | Unspecified vulnerability in IBM Security Guardium 11.3/11.4/11.5 IBM Security Guardium 11.3, 11.4, and 11.5 is potentially vulnerable to CSV injection. | 8.8 |
| 2023-09-05 | CVE-2022-43903 | Unspecified vulnerability in IBM Security Guardium 10.6/11.3/11.4 IBM Security Guardium 10.6, 11.3, and 11.4 could allow an authenticated user to cause a denial of service due to due to improper input validation. | 6.5 |
| 2023-08-28 | CVE-2022-43904 | Improper Restriction of Excessive Authentication Attempts vulnerability in IBM Security Guardium 11.3/11.4 IBM Security Guardium 11.3 and 11.4 could disclose sensitive information to an attacker due to improper restriction of excessive authentication attempts. | 7.5 |
| 2023-08-27 | CVE-2023-30435 | Cross-site Scripting vulnerability in IBM Security Guardium 11.3/11.4/11.5 IBM Security Guardium 11.3, 11.4, and 11.5 is vulnerable to stored cross-site scripting. | 5.4 |
| 2023-08-27 | CVE-2023-30436 | Cross-site Scripting vulnerability in IBM Security Guardium 11.3/11.4/11.5 IBM Security Guardium 11.3, 11.4, and 11.5 is vulnerable to cross-site scripting. | 5.4 |
| 2023-08-27 | CVE-2023-30437 | Unspecified vulnerability in IBM Security Guardium 11.3/11.4/11.5 IBM Security Guardium 11.3, 11.4, and 11.5 could allow an unauthorized user to enumerate usernames by sending a specially crafted HTTP request. | 5.3 |
| 2023-08-16 | CVE-2023-35893 | OS Command Injection vulnerability in IBM Security Guardium IBM Security Guardium 10.6, 11.3, 11.4, and 11.5 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. | 8.8 |
| 2023-07-19 | CVE-2022-43910 | Improper Preservation of Permissions vulnerability in IBM Security Guardium 11.3 IBM Security Guardium 11.3 could allow a local user to escalate their privileges due to improper permission controls. | 7.8 |