Filtered by vendor Ibm
Subscriptions
Total
7152 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-23620 | 1 Ibm | 1 Merge Efilm Workstation | 2024-08-01 | 8.8 High |
An improper privilege management vulnerability exists in IBM Merge Healthcare eFilm Workstation. A local, authenticated attacker can exploit this vulnerability to escalate privileges to SYSTEM. | ||||
CVE-2024-23621 | 1 Ibm | 1 Merge Efilm Workstation | 2024-08-01 | 10 Critical |
A buffer overflow exists in IBM Merge Healthcare eFilm Workstation license server. A remote, unauthenticated attacker can exploit this vulnerability to achieve remote code execution. | ||||
CVE-2024-22353 | 1 Ibm | 1 Websphere Application Server | 2024-08-01 | 5.9 Medium |
IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.4 is vulnerable to a denial of service, caused by sending a specially crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources. IBM X-Force ID: 280400. | ||||
CVE-2024-22319 | 1 Ibm | 1 Operational Decision Manager | 2024-08-01 | 8.1 High |
IBM Operational Decision Manager 8.10.3, 8.10.4, 8.10.5.1, 8.11, 8.11.0.1, 8.11.1 and 8.12.0.1 is susceptible to remote code execution attack via JNDI injection when passing an unchecked argument to a certain API. IBM X-Force ID: 279145. | ||||
CVE-2024-22354 | 1 Ibm | 1 Websphere Application Server | 2024-08-01 | 7 High |
IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.5 are vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information, consume memory resources, or to conduct a server-side request forgery attack. IBM X-Force ID: 280401. | ||||
CVE-2024-22346 | 1 Ibm | 1 I | 2024-08-01 | 8.4 High |
Db2 for IBM i 7.2, 7.3, 7.4, and 7.5 infrastructure could allow a local user to gain elevated privileges due to an unqualified library call. A malicious actor could cause user-controlled code to run with administrator privilege. IBM X-Force ID: 280203. | ||||
CVE-2024-22317 | 1 Ibm | 1 App Connect Enterprise | 2024-08-01 | 9.1 Critical |
IBM App Connect Enterprise 11.0.0.1 through 11.0.0.24 and 12.0.1.0 through 12.0.11.0 could allow a remote attacker to obtain sensitive information or cause a denial of service due to improper restriction of excessive authentication attempts. IBM X-Force ID: 279143. | ||||
CVE-2024-22338 | 1 Ibm | 1 Security Verify Access Oidc Provider | 2024-08-01 | 4 Medium |
IBM Security Verify Access OIDC Provider 22.09 through 23.03 could disclose sensitive information to a local user due to hazardous input validation. IBM X-Force ID: 279978. | ||||
CVE-2024-22352 | 1 Ibm | 1 Infosphere Information Server | 2024-08-01 | 6.5 Medium |
IBM InfoSphere Information Server 11.7 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 280361. | ||||
CVE-2024-22332 | 1 Ibm | 1 Integration Bus | 2024-08-01 | 6.5 Medium |
The IBM Integration Bus for z/OS 10.1 through 10.1.0.2 AdminAPI is vulnerable to a denial of service due to file system exhaustion. IBM X-Force ID: 279972. | ||||
CVE-2024-22318 | 1 Ibm | 1 I Access Client Solutions | 2024-08-01 | 5.1 Medium |
IBM i Access Client Solutions (ACS) 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.4 is vulnerable to NT LAN Manager (NTLM) hash disclosure by an attacker modifying UNC capable paths within ACS configuration files to point to a hostile server. If NTLM is enabled, the Windows operating system will try to authenticate using the current user's session. The hostile server could capture the NTLM hash information to obtain the user's credentials. IBM X-Force ID: 279091. | ||||
CVE-2024-22313 | 1 Ibm | 1 Storage Defender Resiliency Service | 2024-08-01 | 6.2 Medium |
IBM Storage Defender - Resiliency Service 2.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 278749. | ||||
CVE-2024-22326 | 1 Ibm | 1 System Storage Ds8000 Management Console Firmware | 2024-08-01 | 5 Medium |
IBM System Storage DS8900F 89.22.19.0, 89.30.68.0, 89.32.40.0, 89.33.48.0, 89.40.83.0, and 89.40.93.0 could allow a remote user to create an LDAP connection with a valid username and empty password to establish an anonymous connection. IBM X-Force ID: 279518. | ||||
CVE-2024-22331 | 1 Ibm | 2 Devops Deploy, Urbancode Deploy | 2024-08-01 | 6.2 Medium |
IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.19, 7.1 through 7.1.2.15, 7.2 through 7.2.3.8, 7.3 through 7.3.2.3, and IBM UrbanCode Deploy (UCD) - IBM DevOps Deploy 8.0.0.0 could disclose sensitive user information when installing the Windows agent. IBM X-Force ID: 279971. | ||||
CVE-2024-22312 | 1 Ibm | 1 Storage Defender Resiliency Service | 2024-08-01 | 4.4 Medium |
IBM Storage Defender - Resiliency Service 2.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 278748. | ||||
CVE-1999-0022 | 6 Bsdi, Freebsd, Hp and 3 more | 7 Bsd Os, Freebsd, Hp-ux and 4 more | 2024-08-01 | 7.8 High |
Local user gains root privileges via buffer overflow in rdist, via expstr() function. | ||||
CVE-1999-1589 | 1 Ibm | 1 Aix | 2024-08-01 | N/A |
Unspecified vulnerability in crontab in IBM AIX 3.2 allows local users to gain root privileges via unknown attack vectors. | ||||
CVE-1999-1574 | 1 Ibm | 1 Aix | 2024-08-01 | N/A |
Buffer overflow in the lex routines of nslookup for AIX 4.3 may allow attackers to cause a core dump and possibly execute arbitrary code via "long input strings." | ||||
CVE-1999-1546 | 1 Ibm | 1 Navio Nc Browser | 2024-08-01 | N/A |
netstation.navio-com.rte 1.1.0.1 configuration script for Navio NC on IBM AIX exports /tmp over NFS as world-readable and world-writable. | ||||
CVE-1999-1583 | 1 Ibm | 1 Aix | 2024-08-01 | N/A |
Buffer overflow in nslookup for AIX 4.3 allows local users to execute arbitrary code via a long hostname command line argument. |