91
|
- |
|
-
|
-
|
IBM Security Guardium 11.3, 11.4, 11.5, and 12.0 could allow a local user to gain elevated privileges on the system due to improper permissions control. IBM X-Force ID: 271527.
Update
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2023-47712
|
2024-09-21 04:15 |
2024-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
92
|
- |
|
-
|
-
|
IBM QRadar Suite Products 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 could disclose sensitive information using man in the middle techniques due to not corr…
Update
|
CWE-295
Improper Certificate Validation
|
CVE-2023-47742
|
2024-09-21 04:15 |
2024-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
93
|
- |
|
-
|
-
|
IBM CP4BA - Filenet Content Manager Component 5.5.8.0, 5.5.10.0, and 5.5.11.0 could allow a user to gain the privileges of another user under unusual circumstances. IBM X-Force ID: 271656.
Update
|
CWE-863
Incorrect Authorization
|
CVE-2023-47716
|
2024-09-21 04:15 |
2024-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
94
|
7.2 |
HIGH
Network
|
ibm
|
storage_defender_resiliency_service
|
IBM Storage Defender - Resiliency Service 2.0 could allow a privileged user to perform unauthorized actions after obtaining encrypted data from clear text key storage. IBM X-Force ID: 275783.
Update
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2023-50957
|
2024-09-21 04:15 |
2024-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
95
|
8.8 |
HIGH
Adjacent
|
ibm
|
tivoli_application_dependency_discovery_manager
|
IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.10 could allow an attacker on the organization's local network to escalate their privileges due to unauthorized API access. …
Update
|
CWE-863
Incorrect Authorization
|
CVE-2023-47142
|
2024-09-21 04:15 |
2024-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
96
|
8.8 |
HIGH
Network
|
ibm
|
openpages_with_watson
|
IBM OpenPages with Watson 8.3 and 9.0 could allow remote attacker to bypass security restrictions, caused by insufficient authorization checks. By authenticating as an OpenPages user and using non-pu…
Update
|
CWE-285
Improper Authorization
|
CVE-2023-40683
|
2024-09-21 04:15 |
2024-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
97
|
5.5 |
MEDIUM
Local
|
ibm
|
aix vios
|
IBM AIX 7.2, 7.3, VIOS 3.1's OpenSSH implementation could allow a non-privileged local user to access files outside of those allowed due to improper access controls. IBM X-Force ID: 263476.
Update
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2023-40371
|
2024-09-21 04:15 |
2023-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
98
|
6.5 |
MEDIUM
Network
|
brainstormforce
|
starter_templates
|
Missing Authorization vulnerability in Brainstorm Force Premium Starter Templates, Brainstorm Force Starter Templates astra-sites.This issue affects Premium Starter Templates: from n/a through 3.2.5;…
Update
|
CWE-862
Missing Authorization
|
CVE-2023-41805
|
2024-09-21 04:07 |
2024-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
99
|
8.8 |
HIGH
Network
|
brainstormforce
|
astra
|
Missing Authorization vulnerability in Brainstorm Force Astra Bulk Edit.This issue affects Astra Bulk Edit: from n/a through 1.2.7.
Update
|
CWE-862
Missing Authorization
|
CVE-2023-44148
|
2024-09-21 04:05 |
2024-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
100
|
7.5 |
HIGH
Network
conduit
|
conduit
|
Lack of validation of origin in federation API in Conduit, allowing any remote server to impersonate any user from any server in most EDUs
Update
|
CWE-346
Origin Validation Error
|
CVE-2024-6301
|
2024-09-21 03:58 |
2024-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|