Headline

CVE-2022-40609: IBM SDK, Java Technology Edition code execution CVE-2022-40609 Vulnerability Report

IBM SDK, Java Technology Edition 7.1.5.18 and 8.0.8.0 could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw. By sending specially-crafted data, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 236069.

1 year ago

CVE

Open in Source

#vulnerability #java #ibm

IBM Security Verify Governance 10.0 does not encrypt sensitive or critical information before storage or transmission. IBM X-Force ID: 256020.

1 year ago

CVE

Open in Source

#sql #xss #vulnerability #web #android #windows #dos #apache #nodejs #js #git #java #oracle #perl #log4j #hard_coded_credentials #oauth #auth #ibm #postgres #ssl

CVE-2023-30994: Security Bulletin: IBM QRadar SIEM includes components with known vulnerabilities

IBM QRadar SIEM 7.5.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 254138

1 year ago

CVE

Open in Source

#sql #xss #vulnerability #web #mac #google #linux #dos #apache #js #git #java #oracle #ldap #vmware #graalvm #buffer_overflow #auth #ssh #ibm

CVE-2023-32338: Security Bulletin: IBM Sterling Secure Proxy is vulnerable to multiple issues

IBM Sterling Secure Proxy and IBM Sterling External Authentication Server 6.0.3 and 6.1.0 stores user credentials in plain clear text which can be read by a local user with container access. IBM X-Force ID: 255585.

1 year ago

CVE

Open in Source