Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm i 7.4 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-23470
IBM i 7.2, 7.3, 7.4, and 7.5 could allow an authenticated privileged administrator to gain elevated privileges in non-default configurations, as a result of improper SQL processing. By using a specially crafted SQL operation, the administrator could exploit the vulnerability to p...
Ibm I 7.2
Ibm I 7.3
Ibm I 7.4
Ibm I 7.5
NA
CVE-2022-43928
The IBM Toolbox for Java (Db2 Mirror for i 7.4 and 7.5) could allow a user to obtain sensitive information, caused by utilizing a Java string for processing. Since Java strings are immutable, their contents exist in memory until garbage collected. This means sensitive data could ...
Ibm Db2 Mirror For I 7.5
Ibm Db2 Mirror For I 7.4
NA
CVE-2022-43860
IBM Navigator for i 7.3, 7.4, and 7.5 could allow an authenticated user to obtain sensitive information they are authorized to but not while using this interface. By performing an SQL injection an attacker could see user profile attributes through this interface. IBM X-Force ID: ...
Ibm I 7.3
Ibm I 7.4
Ibm I 7.5
NA
CVE-2022-43857
IBM Navigator for i 7.3, 7.4 and 7.5 could allow an authenticated user to access IBM Navigator for i log files they are authorized to but not while using this interface. The remote authenticated user can bypass the interface checks and download log files by modifying servlet filt...
Ibm I 7.3
Ibm I 7.4
Ibm I 7.5
NA
CVE-2022-43858
IBM Navigator for i 7.3, 7.4, and 7.5 could allow an authenticated user to access the file system and download files they are authorized to but not while using this interface. The remote authenticated user can bypass the interface checks by modifying a parameter thereby gaining a...
Ibm I 7.3
Ibm I 7.4
Ibm I 7.5
NA
CVE-2022-43859
IBM Navigator for i 7.3, 7.4, and 7.5 could allow an authenticated user to obtain sensitive information for an object they are authorized to but not while using this interface. By performing a UNION based SQL injection an attacker could see file permissions through this interface...
Ibm I 7.3
Ibm I 7.4
Ibm I 7.5
NA
CVE-2022-34358
IBM i 7.2, 7.3, 7.4, and 7.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 23...
Ibm I 7.2
Ibm I 7.3
Ibm I 7.4
Ibm I 7.5
580
VMScore
CVE-2022-22495
IBM i 7.3, 7.4, and 7.5 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the malicious user to view, add, modify or delete information in the back-end database. IBM X-Force ID: 226941.
Ibm I 7.3
Ibm I 7.4
Ibm I 7.5
446
VMScore
CVE-2022-22481
IBM Navigator for i 7.2, 7.3, and 7.4 (heritage version) could allow a remote malicious user to obtain access to the web interface without valid credentials. By modifying the sign on request, an attacker can gain visibility to the fully qualified domain name of the target system ...
Ibm I 7.2
Ibm I 7.3
Ibm I 7.4
356
VMScore
CVE-2021-39056
The IBM i 7.1, 7.2, 7.3, and 7.4 Extended Dynamic Remote SQL server (EDRSQL) could allow a remote authenticated user to send a specially crafted request and cause a denial of service. IBM X-Force ID: 214537.
Ibm I 7.2
Ibm I 7.1
Ibm I 7.3
Ibm I 7.4
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »