Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-27286
IBM Aspera Cargo 4.2.5 and IBM Aspera Connect 4.2.5 are vulnerable to a buffer overflow, caused by improper bounds checking. An attacker could overflow a buffer and execute arbitrary code on the system. IBM X-Force ID: 248616.
Ibm Aspera Connect
Ibm Aspera Cargo
9.8
CVSSv3
CVE-2023-25684
IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the malicious user to view, add, modify or delete information in the back-end database. IBM...
Ibm Security Key Lifecycle Manager 3.0
Ibm Security Key Lifecycle Manager 3.0.1
Ibm Security Key Lifecycle Manager 4.0
Ibm Security Key Lifecycle Manager 4.1.1
Ibm Security Key Lifecycle Manager 4.1
9.8
CVSSv3
CVE-2022-47986
IBM Aspera Faspex 4.4.2 Patch Level 1 and previous versions could allow a remote malicious user to execute arbitrary code on the system, caused by a YAML deserialization flaw. By sending a specially crafted obsolete API call, an attacker could exploit this vulnerability to execu...
Ibm Aspera Faspex
Ibm Aspera Faspex 4.4.2
4 Github repositories
1 Article
9.8
CVSSv3
CVE-2022-41731
IBM Watson Knowledge Catalog on Cloud Pak for Data 4.5.0 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the malicious user to view, add, modify or delete information in the back-end database. IBM X-Force ID: 237402...
Ibm Watson Knowledge Catalog On Cloud Pak For Data 4.5.0
9.8
CVSSv3
CVE-2023-23477
IBM WebSphere Application Server 8.5 and 9.0 traditional could allow a remote malicious user to execute arbitrary code on the system with a specially crafted sequence of serialized objects. IBM X-Force ID: 245513.
Ibm Websphere Application Server 8.5
Ibm Websphere Application Server 9.0
9.8
CVSSv3
CVE-2022-40615
IBM Sterling Partner Engagement Manager 6.1, 6.2, and 6.2.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the malicious user to view, add, modify or delete information in the back-end database. IBM X-Force ID: 23...
Ibm Sterling Partner Engagement Manager 6.1.2
Ibm Sterling Partner Engagement Manager 6.2.0
Ibm Sterling Partner Engagement Manager 6.2.1
9.8
CVSSv3
CVE-2022-22338
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 up to and including 6.1.2.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the malicious user to view, add, modify or delete information in the back-end database...
Ibm Sterling B2b Integrator
Ibm Sterling B2b Integrator 6.1.2.0
9.8
CVSSv3
CVE-2022-40752
IBM InfoSphere DataStage 11.7 is vulnerable to a command injection vulnerability due to improper neutralization of special elements. IBM X-Force ID: 236687.
Ibm Infosphere Information Server 11.7
Ibm Infosphere Information Server On Cloud 11.7
9.8
CVSSv3
CVE-2022-34331
After performing a sequence of Power FW950, FW1010 maintenance operations a SRIOV network adapter can be improperly configured leading to desired VEPA configuration being disabled. IBM X-Force ID: 229695.
Ibm Powervm Hypervisor Fw950
Ibm Powervm Hypervisor Fw1010
9.8
CVSSv3
CVE-2022-22425
"IBM InfoSphere Information Server 11.7 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 223598."
Ibm Infosphere Information Server 11.7
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
client side
CVE-2023-31889
template injection
CVE-2024-4304
CVE-2006-4304
CVE-2024-33272
type confusion
CVE-2024-21345
CVE-2024-33271
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »