CVEs and Security Vulnerabilities CVEs and Security Vulnerabilities

Filtered by vendor Ibm Subscriptions

Filtered by product Security Guardium Subscriptions

Total 105 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-49336	1 Ibm	1 Security Guardium	2024-12-20	6.5 Medium
IBM Security Guardium 11.5 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.
CVE-2022-22307	2 Ibm, Linux	2 Security Guardium, Linux Kernel	2024-12-13	4.4 Medium
IBM Security Guardium 11.3, 11.4, and 11.5 could allow a local user to obtain elevated privileges due to incorrect authorization checks. IBM X-Force ID: 216753.
CVE-2023-47717	1 Ibm	1 Security Guardium	2024-12-07	4.4 Medium
IBM Security Guardium 12.0 could allow a privileged user to perform unauthorized actions that could lead to a denial of service. IBM X-Force ID: 271690.
CVE-2023-42004	1 Ibm	1 Security Guardium	2024-11-21	8 High
IBM Security Guardium 11.3, 11.4, and 11.5 is potentially vulnerable to CSV injection. A remote attacker could execute malicious commands due to improper validation of csv file contents. IBM X-Force ID: 265262.
CVE-2023-47712	1 Ibm	1 Security Guardium	2024-11-21	7.8 High
IBM Security Guardium 11.3, 11.4, 11.5, and 12.0 could allow a local user to gain elevated privileges on the system due to improper permissions control. IBM X-Force ID: 271527.
CVE-2023-47710	1 Ibm	1 Security Guardium	2024-11-21	5.4 Medium
IBM Security Guardium 11.4, 11.5, and 12.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 271525.
CVE-2023-35893	2 Ibm, Linux	2 Security Guardium, Linux Kernel	2024-11-21	9.9 Critical
IBM Security Guardium 10.6, 11.3, 11.4, and 11.5 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 258824.
CVE-2023-33852	1 Ibm	1 Security Guardium	2024-11-21	7.6 High
IBM Security Guardium 11.4 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 257614.
CVE-2023-30437	1 Ibm	1 Security Guardium	2024-11-21	5.3 Medium
IBM Security Guardium 11.3, 11.4, and 11.5 could allow an unauthorized user to enumerate usernames by sending a specially crafted HTTP request. IBM X-Force ID: 252293.
CVE-2023-30436	1 Ibm	1 Security Guardium	2024-11-21	5.5 Medium
IBM Security Guardium 11.3, 11.4, and 11.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 252292.
CVE-2023-30435	1 Ibm	1 Security Guardium	2024-11-21	8.9 High
IBM Security Guardium 11.3, 11.4, and 11.5 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 252291.
CVE-2023-0041	2 Ibm, Linux	2 Security Guardium, Linux Kernel	2024-11-21	6.3 Medium
IBM Security Guardium 11.5 could allow a user to take over another user's session due to insufficient session expiration. IBM X-Force ID: 243657.
CVE-2022-43910	2 Ibm, Linux	2 Security Guardium, Linux Kernel	2024-11-21	8.4 High
IBM Security Guardium 11.3 could allow a local user to escalate their privileges due to improper permission controls. IBM X-Force ID: 240908.
CVE-2022-43909	1 Ibm	1 Security Guardium	2024-11-21	4.6 Medium
IBM Security Guardium 11.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 240905.
CVE-2022-43908	2 Ibm, Linux	2 Security Guardium, Linux Kernel	2024-11-21	4.3 Medium
IBM Security Guardium 11.3 could allow an authenticated user to cause a denial of service due to improper input validation. IBM X-Force ID: 240903.
CVE-2022-43907	1 Ibm	1 Security Guardium	2024-11-21	7.2 High
IBM Security Guardium 11.4 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 240901.
CVE-2022-43906	2 Ibm, Linux	2 Security Guardium, Linux Kernel	2024-11-21	3.1 Low
IBM Security Guardium 11.5 could disclose sensitive information due to a missing or insecure SameSite attribute for a sensitive cookie. IBM X-Force ID: 240897.
CVE-2022-43904	1 Ibm	1 Security Guardium	2024-11-21	7.5 High
IBM Security Guardium 11.3 and 11.4 could disclose sensitive information to an attacker due to improper restriction of excessive authentication attempts. IBM X-Force ID: 240895.
CVE-2022-43903	2 Ibm, Linux	2 Security Guardium, Linux Kernel	2024-11-21	4.3 Medium
IBM Security Guardium 10.6, 11.3, and 11.4 could allow an authenticated user to cause a denial of service due to due to improper input validation. IBM X-Force ID: 240894.
CVE-2022-39166	1 Ibm	1 Security Guardium	2024-11-21	4.4 Medium
IBM Security Guardium 11.4 could allow a privileged user to obtain sensitive information inside of an HTTP response. IBM X-Force ID: 235405.

Page 1 of 6. next last »