U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:2.3:o:ibm:aix:-:*:*:*:*:*:x86:*
  • CPE Name Search: true
There are 332 matching records.
Displaying matches 21 through 40.
Vuln ID Summary CVSS Severity
CVE-2023-40699

IBM InfoSphere Information Server 11.7 could allow a remote attacker to cause a denial of service due to improper input validation. IBM X-Force ID: 265161.

Published: December 01, 2023; 4:15:07 PM -0500
V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2023-43015

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 266064.

Published: December 01, 2023; 3:15:07 PM -0500
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2023-38268

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 260585.

Published: December 01, 2023; 3:15:07 PM -0500
V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2023-40363

IBM InfoSphere Information Server 11.7 could allow an authenticated user to change installation files due to incorrect file permission settings. IBM X-Force ID: 263332.

Published: November 18, 2023; 1:15:08 PM -0500
V3.1: 6.5 MEDIUM
V2.0:(not available)
CVE-2023-42029

IBM CICS TX Standard 11.1, Advanced 10.1, 11.1, and TXSeries for Multiplatforms 8.1, 8.2, 9.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 266059.

Published: November 02, 2023; 8:15:12 PM -0400
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2023-42027

IBM CICS TX Standard 11.1, Advanced 10.1, 11.1, and TXSeries for Multiplatforms 8.1, 8.2, 9.1 are vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 266057.

Published: November 02, 2023; 8:15:12 PM -0400
V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2023-42031

IBM TXSeries for Multiplatforms, 8.1, 8.2, and 9.1, CICS TX Standard CICS TX Advanced 10.1 and 11.1 could allow a privileged user to cause a denial of service due to uncontrolled resource consumption. IBM X-Force ID: 266016.

Published: October 25, 2023; 2:17:31 PM -0400
V3.1: 4.9 MEDIUM
V2.0:(not available)
CVE-2023-1995

Insufficient Logging vulnerability in Hitachi HiRDB Server, HiRDB Server With Addtional Function, HiRDB Structured Data Access Facility.This issue affects HiRDB Server: before 09-60-39, before 09-65-23, before 09-66-17, before 10-01-10, before 10-03-12, before 10-04-06, before 10-05-06, before 10-06-02; HiRDB Server With Addtional Function: before 09-60-2M, before 09-65-/W , before 09-66-/Q ; HiRDB Structured Data Access Facility: before 09-60-39, before 10-03-12, before 10-04-06, before 10-06-02.

Published: August 28, 2023; 10:15:07 PM -0400
V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2023-33850

IBM GSKit-Crypto could allow a remote attacker to obtain sensitive information, caused by a timing-based side channel in the RSA Decryption implementation. By sending an overly large number of trial messages for decryption, an attacker could exploit this vulnerability to obtain sensitive information. IBM X-Force ID: 257132.

Published: August 22, 2023; 5:15:07 PM -0400
V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2023-38741

IBM TXSeries for Multiplatforms 8.1, 8.2, and 9.1 is vulnerable to a denial of service, caused by improper enforcement of the timeout on individual read operations. By conducting a slowloris-type attacks, a remote attacker could exploit this vulnerability to cause a denial of service. IBM X-Force ID: 262905.

Published: August 14, 2023; 2:15:11 PM -0400
V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2023-29260

IBM Sterling Connect:Express for UNIX 1.5 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 252135.

Published: July 18, 2023; 10:15:09 PM -0400
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2023-29259

IBM Sterling Connect:Express for UNIX 1.5 browser UI is vulnerable to attacks that rely on the use of cookies without the SameSite attribute. IBM X-Force ID: 252055.

Published: July 18, 2023; 10:15:09 PM -0400
V3.1: 5.3 MEDIUM
V2.0:(not available)
CVE-2023-28513

IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.2 CD, and 9.3 CD and IBM MQ Appliance 9.2 LTS, 9.3 LTS, 9.2 CD, and 9.2 LTS, under certain configurations, is vulnerable to a denial of service attack caused by an error processing messages. IBM X-Force ID: 250397.

Published: July 18, 2023; 10:15:09 PM -0400
V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2021-38933

IBM Sterling Connect:Direct for UNIX 1.5 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 210574.

Published: July 18, 2023; 10:15:09 PM -0400
V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2023-35898

IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information due to an insecure security configuration in InfoSphere Data Flow Designer. IBM X-Force ID: 259352.

Published: July 18, 2023; 9:15:10 PM -0400
V3.1: 6.5 MEDIUM
V2.0:(not available)
CVE-2023-33832

IBM Spectrum Protect 8.1.0.0 through 8.1.17.0 could allow a local user to cause a denial of service due to due to improper time-of-check to time-of-use functionality. IBM X-Force ID: 256012.

Published: July 18, 2023; 9:15:10 PM -0400
V3.1: 4.7 MEDIUM
V2.0:(not available)
CVE-2023-35012

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 with a Federated configuration is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local user with SYSADM privileges could overflow the buffer and execute arbitrary code on the system. IBM X-Force ID: 257763.

Published: July 16, 2023; 9:15:08 PM -0400
V3.1: 6.7 MEDIUM
V2.0:(not available)
CVE-2023-33857

IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain system information using a specially crafted query that could aid in further attacks against the system. IBM X-Force ID: 257695.

Published: July 16, 2023; 8:15:09 PM -0400
V3.1: 5.3 MEDIUM
V2.0:(not available)
CVE-2023-30449

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query. IBM X-Force ID: 253439.

Published: July 10, 2023; 12:15:52 PM -0400
V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2023-30448

IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query on certain tables. IBM X-Force ID: 253437.

Published: July 10, 2023; 12:15:52 PM -0400
V3.1: 7.5 HIGH
V2.0:(not available)