Security
Headlines
HeadlinesLatestCVEs

Search

lenovo warranty check/lookup | check warranty status | lenovo support us

Found 10000 results in 89 ms.

CVE-2023-35898: Security Bulletin: IBM InfoSphere Information Server is affected by an information disclosure vulnerability (CVE-2023-35898)

IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information due to an insecure security configuration in InfoSphere Data Flow Designer. IBM X-Force ID: 259352.

CVE
Open in Source
#vulnerability#windows#linux#auth#ibm
CVE-2023-38361: Security Bulletin: "Weak or Unsupported ciphers" vulnerability may affect IBM CICS TX Advanced 10.1

IBM CICS TX Advanced 10.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 260770.

CVE-2023-42022: Security Bulletin: IBM InfoSphere Information Server is vulnerable to cross-site scripting (CVE-2023-42022)

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 265938.

CVE-2023-43021: IBM InfoSphere Information Server is affected by an information disclosure vulnerability (CVE-2023-43021)

IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 266167.

CVE-2023-46174: Security Bulletin: IBM InfoSphere Information Server is vulnerable to cross-site scripting (CVE-2023-46174)

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 269506.

CVE-2022-43903: IBM Security Guardium is affected by an Hazardous Input Validation vulnerability (CVE-2022-43903)

IBM Security Guardium 10.6, 11.3, and 11.4 could allow an authenticated user to cause a denial of service due to due to improper input validation. IBM X-Force ID: 240894.

CVE-2023-37404: Security Bulletin: IBM Instana Observability is vulnerable to arbitrary code execution

IBM Observability with Instana 1.0.243 through 1.0.254 could allow an attacker on the network to execute arbitrary code on the host after a successful DNS poisoning attack. IBM X-Force ID: 259789.

CVE-2022-43868: IBM Security Verify Access OpenID Connect Provider container has fixed multiple vulnerabilities (CVE-2022-43868, CVE-2022-43739, CVE-2022-43740)

IBM Security Verify Access OIDC Provider could disclose directory information that could aid attackers in further attacks against the system. IBM X-Force ID: 239445.

CVE-2023-35893: IBM Security Guardium is affected by a Command injection in CLI vulnerability [CVE-2023-35893]

IBM Security Guardium 10.6, 11.3, 11.4, and 11.5 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 258824.

CVE-2023-33852: IBM Security Guardium is affected by an SQL Injection vulnerability (CVE-2023-33852)

IBM Security Guardium 11.4 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 257614.