Security
Headlines
HeadlinesLatestCVEs

Source

CVE

CVE-2023-22877: IBM InfoSphere Information Server CSV injection CVE-2023-22877 Vulnerability Report

IBM InfoSphere Information Server 11.7 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 244368.

CVE
Open in Source
#vulnerability#ibm
CVE-2023-24959: IBM InfoSphere Information Systems information disclosure CVE-2023-24959 Vulnerability Report

IBM InfoSphere Information Systems 11.7 could expose information about the host system and environment configuration. IBM X-Force ID: 246332.

CVE-2023-26272: IBM Guardium Data Encryption (GDE) has multiple security vulnerability (CVE-2023-26272,CVE-2023-26271,CVE-2023-26270)

IBM Security Guardium Data Encryption (IBM Guardium Cloud Key Manager (GCKM) 1.10.3)) could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 248133.

CVE-2023-4560: huntr – Security Bounties for any GitHub repository

Improper Authorization of Index Containing Sensitive Information in GitHub repository omeka/omeka-s prior to 4.0.4.

CVE-2023-4561: huntr – Security Bounties for any GitHub repository

Cross-site Scripting (XSS) - Stored in GitHub repository omeka/omeka-s prior to 4.0.4.

CVE-2022-43904

IBM Security Guardium 11.3 and 11.4 could disclose sensitive information to an attacker due to improper restriction of excessive authentication attempts. IBM X-Force ID: 240895.

CVE-2022-43909: IBM Security Guardium is affected by multiple vulnerabilities

IBM Security Guardium 11.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 240905.

CVE-2023-30436: IBM Security Guardium cross-site scripting CVE-2023-30436 Vulnerability Report

IBM Security Guardium 11.3, 11.4, and 11.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 252292.

CVE-2023-30435: IBM Security Guardium cross-site scripting CVE-2023-30435 Vulnerability Report

IBM Security Guardium 11.3, 11.4, and 11.5 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 252291.

CVE-2023-30437: IBM Security Guardium is affected by multiple vulnerabilities (CVE-2023-30435, CVE-2023-30436, CVE-2023-30437)

IBM Security Guardium 11.3, 11.4, and 11.5 could allow an unauthorized user to enumerate usernames by sending a specially crafted HTTP request. IBM X-Force ID: 252293.