ibm

8,286 tracked vulnerabilities.

CVE-2023-32333 MEDIUM
IBM Maximo Asset Management 7.6.1.3 - Unauthenticated Admin Panel Access
Feb 02, 2024
CVSS 6.5
EPSS 0.01
CVE-2023-50940 MEDIUM
IBM PowerSC 1.3, 2.0, 2.1 - Permissive Cross-domain Security Policy with Untrusted Domains
Feb 02, 2024
CVSS 5.3
EPSS 0.00
CVE-2023-50937 MEDIUM
IBM PowerSC 1.3, 2.0, and 2.1 - Use of a Broken or Risky Cryptographic Algorithm
Feb 02, 2024
CVSS 5.9
EPSS 0.00
CVE-2023-50936 MEDIUM
IBM PowerSC 1.3, 2.0, and 2.1 - Authenticated Session Fixation via Insufficient Session Expiration
Feb 02, 2024
CVSS 6.3
EPSS 0.00
CVE-2023-50933 MEDIUM
IBM PowerSC 1.3, 2.0, and 2.1 - HTML Injection
Feb 02, 2024
CVSS 6.1
EPSS 0.00
CVE-2023-50327 MEDIUM
IBM PowerSC 1.3, 2.0, and 2.1 - Unauthorized File Request Modification via Insecure HTTP Methods
Feb 02, 2024
CVSS 5.3
EPSS 0.00
CVE-2023-50326 HIGH
IBM PowerSC 1.3, 2.0, and 2.1 - Inadequate Account Lockout Setting
Feb 02, 2024
CVSS 7.5
EPSS 0.01
CVE-2023-50939 MEDIUM
IBM PowerSC 1.3, 2.0, and 2.1 - Use of a Broken or Risky Cryptographic Algorithm
Feb 02, 2024
CVSS 5.9
EPSS 0.00
CVE-2023-47141 MEDIUM
IBM Db2 < 11.5.9 - Authenticated Denial of Service via Crafted Query
Jan 22, 2024
CVSS 5.3
EPSS 0.01
CVE-2023-47747 MEDIUM
IBM DB2 10.5.0.0-10.5.0.10 - Authenticated Denial of Service via Crafted Query
Jan 22, 2024
CVSS 5.3
EPSS 0.01
CVE-2023-47158 MEDIUM
IBM DB2 10.5-11.5 - Authenticated Denial of Service via Crafted Query
Jan 22, 2024
CVSS 5.3
EPSS 0.01
CVE-2023-47152 MEDIUM
IBM Db2 < 11.5.9 - Information Disclosure via Stack Trace
Jan 22, 2024
CVSS 5.9
EPSS 0.01
CVE-2023-27859 MEDIUM
IBM Db2 10.5.0.0-10.5.0.10 - Uncontrolled Search Path Element via Malicious JAR File Installation
Jan 22, 2024
CVSS 6.5
EPSS 0.01
CVE-2023-50308 MEDIUM
IBM Db2 < 11.5.9 - Authenticated Denial of Service via Columnar Table Statement
Jan 22, 2024
CVSS 6.5
EPSS 0.01
CVE-2023-47746 MEDIUM
IBM Db2 10.5.0.0-10.5.0.10 - Authenticated Denial of Service via Crafted Query
Jan 22, 2024
CVSS 5.3
EPSS 0.01
CVE-2023-45193 MEDIUM
IBM Db2 < 11.5.9 - Denial of Service via Specially Crafted Cursor
Jan 22, 2024
CVSS 5.9
EPSS 0.01
CVE-2023-50963 MEDIUM
IBM Storage Defender - Data Protect 1.0.0-1.4.1 - HTTP Header Injection via HOST Header
Jan 19, 2024
CVSS 6.5
EPSS 0.00
CVE-2023-47718 MEDIUM
IBM Maximo Asset Management 7.6.1.3 and Maximo Application Suite 8.10-8.11 - Cross-Site Request Forgery
Jan 19, 2024
CVSS 4.3
EPSS 0.00
CVE-2023-32337 MEDIUM
IBM Maximo Spatial Asset Management 8.10 - Authenticated Server-Side Request Forgery
Jan 19, 2024
CVSS 5.4
EPSS 0.00
CVE-2023-40683 HIGH
IBM OpenPages with Watson <9.0 - Auth Bypass
Jan 19, 2024
CVSS 8.8
EPSS 0.01
CVE-2023-38738 MEDIUM
IBM OpenPages with Watson <9.0 - Privilege Escalation
Jan 19, 2024
CVSS 6.8
EPSS 0.01
CVE-2023-35020 MEDIUM
IBM Sterling Control Center 6.3.0 - Path Traversal via URL Request
Jan 19, 2024
CVSS 5.4
EPSS 0.01
CVE-2023-50950 LOW
IBM QRadar SIEM 7.5 - Unauthorized Sensitive Email Information Exposure via Offense Rule Responses
Jan 17, 2024
CVSS 3.7
EPSS 0.00
CVE-2023-45171 MEDIUM
IBM AIX 7.2-7.3 and VIOS 3.1 - Denial of Service via Kernel Input Validation
Jan 11, 2024
CVSS 6.2
EPSS 0.00
CVE-2023-45169 MEDIUM
IBM AIX 7.2-7.3 and VIOS 3.1 - Denial of Service via pmsvcs Kernel Extension
Jan 11, 2024
CVSS 6.2
EPSS 0.00