Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-50940
IBM PowerSC 1.3, 2.0, and 2.1 uses Cross-Origin Resource Sharing (CORS) which could allow an malicious user to carry out privileged actions and retrieve sensitive information as the domain name is not being limited to only trusted domains. IBM X-Force ID: 275130.
Ibm Powersc 2.0
Ibm Powersc 2.1
Ibm Powersc 1.3
9.8
CVSSv3
CVE-2024-23619
A hardcoded credential vulnerability exists in IBM Merge Healthcare eFilm Workstation. A remote, unauthenticated attacker can exploit this vulnerability to achieve information disclosure or remote code execution.
Ibm Merge Efilm Workstation
9.8
CVSSv3
CVE-2024-23621
A buffer overflow exists in IBM Merge Healthcare eFilm Workstation license server. A remote, unauthenticated attacker can exploit this vulnerability to achieve remote code execution.
Ibm Merge Efilm Workstation
9.8
CVSSv3
CVE-2024-23622
A stack-based buffer overflow exists in IBM Merge Healthcare eFilm Workstation license server. A remote, unauthenticated attacker can exploit this vulnerability to achieve remote code execution with SYSTEM privileges.
Ibm Merge Efilm Workstation
9.8
CVSSv3
CVE-2023-50948
IBM Storage Fusion HCI 2.1.0 up to and including 2.6.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 275671...
Ibm Storage Fusion Hci
9.8
CVSSv3
CVE-2023-42017
IBM Planning Analytics Local 2.0 could allow a remote malicious user to upload arbitrary files, caused by the improper validation of file extensions. By sending a specially crafted HTTP request, a remote attacker could exploit this vulnerability to upload a malicious script, whic...
Ibm Planning Analytics 2.0
9.8
CVSSv3
CVE-2023-35895
IBM Informix JDBC Driver 4.10 and 4.50 is susceptible to remote code execution attack via JNDI injection when passing an unchecked argument to a certain API. IBM X-Force ID: 259116.
Ibm Informix Jdbc 4.50
Ibm Informix Jdbc 4.10
9.8
CVSSv3
CVE-2023-46158
IBM WebSphere Application Server Liberty 23.0.0.9 up to and including 23.0.0.10 could provide weaker than expected security due to improper resource expiration handling. IBM X-Force ID: 268775.
Ibm Websphere Application Server Liberty
9.8
CVSSv3
CVE-2022-22466
IBM Security Verify Governance 10.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 225222.
Ibm Security Verify Governance
9.8
CVSSv3
CVE-2023-33836
IBM Security Verify Governance 10.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 256016.
Ibm Security Verify Governance
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »