Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-22455
IBM Security Verify Governance Identity Manager 10.0 virtual appliance component performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses. IBM X-Force ID: 224989.
Ibm Security Verify Governance 10.0
9.8
CVSSv3
CVE-2021-39085
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 up to and including 6.0.3.5, 6.1.0.0 up to and including 6.1.0.4, and 6.1.1.0 up to and including 6.1.1.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the mali...
Ibm Sterling B2b Integrator
9.8
CVSSv3
CVE-2022-35280
IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 does not require that users should have strong passwords by default, which makes it easier for malicious users to compromise user accounts. IBM X-Force ID: 230634.
Ibm Robotic Process Automation For Cloud Pak 21.0.2
Ibm Robotic Process Automation For Cloud Pak 21.0.1
Ibm Robotic Process Automation For Cloud Pak 21.0.0
9.8
CVSSv3
CVE-2020-4150
IBM SiteProtector Appliance 3.1.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 174142.
Ibm Security Siteprotector System 3.1.1
9.8
CVSSv3
CVE-2022-22487
An IBM Spectrum Protect storage agent could allow a remote malicious user to perform a brute force attack by allowing unlimited attempts to login to the storage agent without locking the administrative ID. A remote attacker could exploit this vulnerability using brute force techn...
Ibm Spectrum Protect Server
9.8
CVSSv3
CVE-2022-31767
IBM CICS TX Standard and Advanced 11.1 could allow a remote malicious user to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 227980.
Ibm Cics Tx
Ibm Cics Tx 11.1
9.8
CVSSv3
CVE-2021-38945
IBM Cognos Analytics 11.2.1, 11.2.0, and 11.1.7 could allow a remote malicious user to upload arbitrary files, caused by improper content validation. IBM X-Force ID: 211238.
Ibm Cognos Analytics 11.1.7
Ibm Cognos Analytics
Ibm Cognos Analytics 11.2.0
Ibm Cognos Analytics 11.2.1
Netapp Oncommand Insight -
9.8
CVSSv3
CVE-2022-22317
IBM Curam Social Program Management 8.0.0 and 8.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 218281.
Ibm Curam Social Program Management 8.0.1
Ibm Curam Social Program Management 8.0.0
9.8
CVSSv3
CVE-2022-22318
IBM Curam Social Program Management 8.0.0 and 8.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.
Ibm Curam Social Program Management 8.0.1
Ibm Curam Social Program Management 8.0.0
9.8
CVSSv3
CVE-2022-22485
In some cases, an unsuccessful attempt to log into IBM Spectrum Protect Operations Center 8.1.0.000 up to and including 8.1.14.000 does not cause the administrator's invalid sign-on count to be incremented on the IBM Spectrum Protect Server. An attacker could exploit this vu...
Ibm Spectrum Protect Operations Center
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »