Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-4877
IBM Cognos Controller 10.4.0, 10.4.1, and 10.4.2 could be vulnerable to unauthorized modifications by using public fields in public classes. IBM X-Force ID: 190843.
Ibm Cognos Controller 10.4.0
Ibm Cognos Controller 10.4.1
Ibm Cognos Controller 10.4.2
9.8
CVSSv3
CVE-2021-39052
IBM Spectrum Copy Data Management 2.2.13 and previous versions could allow a remote malicious user to access the Spring Boot console without authorization. IBM X-Force ID: 214523.
Ibm Spectrum Copy Data Management
9.8
CVSSv3
CVE-2021-39065
IBM Spectrum Copy Data Management 2.2.13 and previous versions could allow a remote malicious user to execute arbitrary commands on the system, caused by improper validation of user-supplied input by the Spectrum Copy Data Management Admin Console login and uploadcertificate func...
Ibm Spectrum Copy Data Management
9.8
CVSSv3
CVE-2021-41035
In Eclipse Openj9 before version 0.29.0, the JVM does not throw IllegalAccessError for MethodHandles that invoke inaccessible interface methods.
Eclipse Openj9
9.8
CVSSv3
CVE-2021-29908
The IBM TS7700 Management Interface is vulnerable to unauthenticated access. By accessing a specially-crafted URL, an attacker may gain administrative access to the Management Interface without authentication. IBM X-Force ID: 207747.
Ibm Ts7700 Firmware 8.51.0.63
Ibm Ts7700 Firmware 8.51.1.26
Ibm Ts7700 Firmware 8.52.100.32
9.8
CVSSv3
CVE-2021-29903
IBM Sterling B2B Integrator Standard Edition 5.2.6.0 up to and including 6.1.1.0 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the malicious user to view, add, modify or delete information in the back-end database...
Ibm Sterling B2b Integrator
9.8
CVSSv3
CVE-2021-29798
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 up to and including 6.1.1.0 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the malicious user to view, add, modify or delete information in the back-end database...
Ibm Sterling B2b Integrator
9.8
CVSSv3
CVE-2021-20578
IBM Cloud Pak for Security (CP4S) 1.7.0.0, 1.7.1.0, 1.7.2.0, and 1.8.0.0 could allow an malicious user to perform unauthorized actions due to improper or missing authentication controls. IBM X-Force ID: 199282.
Ibm Cloud Pak For Security 1.7.0.0
Ibm Cloud Pak For Security 1.7.1.0
Ibm Cloud Pak For Security 1.7.2.0
9.8
CVSSv3
CVE-2020-4690
IBM Security Guardium 11.3 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 186697.
Ibm Security Guardium 11.3
9.8
CVSSv3
CVE-2021-29772
IBM API Connect 5.0.0.0 up to and including 5.0.8.11 could allow a user to potentially inject code due to unsanitized user input. IBM X-Force ID: 202774.
Ibm Api Connect
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »