ReportizFlow
Filtered by vendor Ibm
Subscriptions
Total
7353 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-41773 | 1 Ibm | 1 Global Configuration Management | 2024-08-26 | 6.5 Medium |
| IBM Global Configuration Management 7.0.2 and 7.0.3 could allow an authenticated user to archive a global baseline due to improper access controls. | ||||
| CVE-2024-41774 | 1 Ibm | 1 Common Licensing | 2024-08-24 | 4.8 Medium |
| IBM Common Licensing 9.0 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 350348. | ||||
| CVE-2023-50314 | 1 Ibm | 1 Websphere Application Server | 2024-08-23 | 5.3 Medium |
| IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.8 could allow an attacker with access to the network to conduct spoofing attacks. An attacker could exploit this vulnerability using a certificate issued by a trusted authority to obtain sensitive information. IBM X-Force ID: 274713. | ||||
| CVE-2024-35152 | 1 Ibm | 1 Db2 | 2024-08-23 | 6.5 Medium |
| IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 could allow an authenticated user to cause a denial of service with a specially crafted query due to improper memory allocation. IBM X-Force ID: 292639. | ||||
| CVE-2024-37529 | 1 Ibm | 1 Db2 | 2024-08-23 | 6.5 Medium |
| IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 could allow an authenticated user to cause a denial of service with a specially crafted query due to improper memory allocation. IBM X-Force ID: 294295. | ||||
| CVE-2024-35151 | 1 Ibm | 2 Openpages Grc Platform, Openpages With Watson | 2024-08-23 | 6.5 Medium |
| IBM OpenPages with Watson 8.3 and 9.0 could allow authenticated users access to sensitive information through improper authorization controls on APIs. | ||||
| CVE-2024-39744 | 3 Ibm, Linux, Microsoft | 5 Aix, Sterling Connect, Sterling Connect Direct Web Services and 2 more | 2024-08-23 | 4.3 Medium |
| IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | ||||
| CVE-2024-39745 | 3 Ibm, Linux, Microsoft | 5 Aix, Sterling Connect, Sterling Connect Direct Web Services and 2 more | 2024-08-23 | 5.9 Medium |
| IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | ||||
| CVE-2024-39746 | 3 Ibm, Linux, Microsoft | 5 Aix, Sterling Connect, Sterling Connect Direct Web Services and 2 more | 2024-08-23 | 5.9 Medium |
| IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. | ||||
| CVE-2024-35124 | 1 Ibm | 1 Openbmc | 2024-08-22 | 7.5 High |
| A vulnerability in the combination of the OpenBMC's FW1050.00 through FW1050.10, FW1030.00 through FW1030.50, and FW1020.00 through FW1020.60 default password and session management allow an attacker to gain administrative access to the BMC. IBM X-Force ID: 290674. | ||||
| CVE-2024-40697 | 1 Ibm | 1 Common Licensing | 2024-08-22 | 7.5 High |
| IBM Common Licensing 9.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 297895. | ||||
| CVE-2024-40705 | 1 Ibm | 1 Infosphere Information Server | 2024-08-19 | 6.5 Medium |
| IBM InfoSphere Information Server could allow an authenticated user to consume file space resources due to unrestricted file uploads. IBM X-Force ID: 298279. | ||||
| CVE-2024-40704 | 1 Ibm | 1 Infosphere Information Server | 2024-08-15 | 4.9 Medium |
| IBM InfoSphere Information Server 11.7 could allow a privileged user to obtain sensitive information from authentication request headers. IBM X-Force ID: 298277. | ||||