Security
Headlines
HeadlinesLatestCVEs

Search

lenovo warranty check/lookup | check warranty status | lenovo support us

Found 10000 results in 71 ms.

CVE-2023-23481: Security Bulletin: IBM Sterling Partner Engagement Manager is vulnerable to cross-site scripting (CVE-2023-23481)

IBM Sterling Partner Engagement Manager 6.1, 6.2, and 6.2.1 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 245889.

CVE
Open in Source
#xss#vulnerability#web#linux#java#ibm
CVE-2023-23480: Security Bulletin: IBM Partner Engagement Manager is vulnerable to cross-site scripting (CVE-2023-23480)

IBM Sterling Partner Engagement Manager 6.1, 6.2, and 6.2.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 245885.

CVE-2023-28513: Security Bulletin: IBM MQ Appliance is affected by a denial of service vulnerability (CVE-2023-28513)

IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.2 CD, and 9.3 CD and IBM MQ Appliance 9.2 LTS, 9.3 LTS, 9.2 CD, and 9.2 LTS, under certain configurations, is vulnerable to a denial of service attack caused by an error processing messages. IBM X-Force ID: 250397.

CVE-2023-26273: Security Bulletin: IBM QRadar SIEM is vulnerable to Hazardous Input Validation (CVE-2023-26273)

IBM QRadar SIEM 7.5.0 could allow an authenticated user to perform unauthorized actions due to hazardous input validation. IBM X-Force ID: 248134.

CVE-2023-35896: IBM Content Navigator is vulnerable to Server Side Request Forgery leading to Arbitrary File Read due to Oracle Outside In Technology (CVE-2023-35896)

IBM Content Navigator 3.0.13 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 259247.

CVE-2022-34352: Security Bulletin: IBM QRadar SIEM is vulnerable to information disclosure between tenants (CVE-2022-34352)

IBM QRadar SIEM 7.5.0 is vulnerable to information exposure allowing a delegated Admin tenant user with a specific domain security profile assigned to see data from other domains. IBM X-Force ID: 230403.

CVE-2023-42006: Security Bulletin: IBM Administration Runtime Expert for i is vulnerable to an attacker obtaining sensitive information due to CVE-2023-42006

IBM Administration Runtime Expert for i 7.2, 7.3, 7.4, and 7.5 could allow a local user to obtain sensitive information caused by improper authority checks. IBM X-Force ID: 265266.

CVE-2023-42019: Security Bulletin: IBM InfoSphere Information Server is vulnerable to information disclosure (CVE-2023-42019)

IBM InfoSphere Information Server 11.7 could allow a remote attacker to cause a denial of service due to improper input validation. IBM X-Force ID: 265161.

CVE-2023-43015: Security Bulletin: IBM InfoSphere Information Server is vulnerable to cross-site scripting (CVE-2023-43015)

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 266064.

CVE-2023-35892: XML External Entity Injection vulnerability affects IBM Financial Transaction Manager for SWIFT Services (CVE-2023-35892)

IBM Financial Transaction Manager for SWIFT Services 3.2.4 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 258786.