Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-37407
IBM Aspera Orchestrator 4.0.1 could allow a remote authenticated malicious user to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 260116.
NA
CVE-2024-25047
IBM Cognos Analytics 11.2.0 up to and including 11.2.4 and 12.0.0 up to and including 12.0.2 is vulnerable to injection attacks in application logging by not sanitizing user provided data. This could lead to further attacks against the system. IBM X-Force ID: 282956.
NA
CVE-2023-47727
IBM Cloud Pak for Security 1.10.0.0 up to and including 1.10.11.0 and IBM QRadar Suite Software 1.10.12.0 up to and including 1.10.20.0 could allow an authenticated user to modify dashboard parameters due to improper input validation. IBM X-Force ID: 272089.
NA
CVE-2024-28764
IBM WebSphere Automation 1.7.0 could allow an attacker with privileged access to the network to conduct a CSV injection. An attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 285623.
NA
CVE-2024-25015
IBM MQ 9.2 LTS, 9.3 LTS, and 9.3 CD Internet Pass-Thru could allow a remote user to cause a denial of service by sending HTTP requests that would consume all available resources. IBM X-Force ID: 281278.
NA
CVE-2022-38386
IBM Cloud Pak for Security (CP4S) 1.10.0.0 up to and including 1.10.11.0 and IBM QRadar Suite for Software 1.10.12.0 up to and including 1.10.19.0 does not set the SameSite attribute for sensitive cookies which could allow an malicious user to obtain sensitive information using m...
NA
CVE-2024-28775
IBM WebSphere Automation 1.7.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: ...
NA
CVE-2024-26957
In the Linux kernel, the following vulnerability has been resolved: s390/zcrypt: fix reference counting on zcrypt card objects Tests with hot-plugging crytpo cards on KVM guests with debug kernel build revealed an use after free for the load field of the struct zcrypt_card. The r...
NA
CVE-2023-38002
IBM Storage Scale 5.1.0.0 up to and including 5.1.9.2 could allow an authenticated user to steal or manipulate an active session to gain access to the system. IBM X-Force ID: 260208.
NA
CVE-2024-25050
IBM i 7.2, 7.3, 7.4, 7.5 and IBM Rational Development Studio for i 7.2, 7.3, 7.4, 7.5 networking and compiler infrastructure could allow a local user to gain elevated privileges due to an unqualified library call. A malicious actor could cause user-controlled code to run with adm...
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »