Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-50307
IBM Sterling B2B Integrator 6.0.0.0 up to and including 6.0.3.9, 6.1.0.0 up to and including 6.1.2.3, and 6.2.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality poten...
NA
CVE-2024-22357
IBM Sterling B2B Integrator 6.0.0.0 up to and including 6.0.3.9, 6.1.0.0 up to and including 6.1.2.3, and 6.2.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality poten...
NA
CVE-2023-45186
IBM Sterling B2B Integrator 6.0.0.0 up to and including 6.0.3.9, 6.1.0.0 up to and including 6.1.2.3, and 6.2.0.0 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functio...
NA
CVE-2023-50949
IBM QRadar SIEM 7.5 could allow an unauthorized user to perform unauthorized actions due to improper certificate validation. IBM X-Force ID: 275706.
NA
CVE-2024-31871
IBM Security Verify Access Appliance 10.0.0 up to and including 10.0.7 could allow a malicious actor to conduct a man in the middle attack when deploying Python scripts due to improper certificate validation. IBM X-Force ID: 287306.
NA
CVE-2024-31872
IBM Security Verify Access Appliance 10.0.0 up to and including 10.0.7 could allow a malicious actor to conduct a man in the middle attack when deploying Open Source scripts due to missing certificate validation. IBM X-Force ID: 287316.
NA
CVE-2024-31873
IBM Security Verify Access Appliance 10.0.0 up to and including 10.0.7 contains hard-coded credentials which it uses for its own inbound authentication that could be obtained by a malicious actor. IBM X-Force ID: 287317.
NA
CVE-2024-31874
IBM Security Verify Access Appliance 10.0.0 up to and including 10.0.7 uses uninitialized variables when deploying that could allow a local user to cause a denial of service. IBM X-Force ID: 287318.
NA
CVE-2024-22328
IBM Maximo Application Suite 8.10 and 8.11 could allow a remote malicious user to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 2799...
1 Github repository
NA
CVE-2024-25029
IBM Personal Communications 14.0.6 up to and including 15.0.1 includes a Windows service that is vulnerable to remote code execution (RCE) and local privilege escalation (LPE). The vulnerability allows any unprivileged user with network access to a target computer to run commands...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675
CVE-2024-3400
CVE-2024-23557
mass assignment
CVE-2023-1389
local file inclusion
CVE-2024-32596
file upload
CVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »