CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 0CVE-2023-29259 – IBM Sterling Connect:Express for UNIX information disclosure
https://notcve.org/view.php?id=CVE-2023-29259
IBM Sterling Connect:Express for UNIX 1.5 browser UI is vulnerable to attacks that rely on the use of cookies without the SameSite attribute. IBM X-Force ID: 252055. • https://exchange.xforce.ibmcloud.com/vulnerabilities/252055 https://www.ibm.com/support/pages/node/7010921 •
CVSS: 6.2EPSS: 0%CPEs: 5EXPL: 0CVE-2023-33832 – IBM Storage Protect denial of service
https://notcve.org/view.php?id=CVE-2023-33832
IBM Spectrum Protect 8.1.0.0 through 8.1.17.0 could allow a local user to cause a denial of service due to due to improper time-of-check to time-of-use functionality. IBM X-Force ID: 256012. • https://exchange.xforce.ibmcloud.com/vulnerabilities/256012 https://www.ibm.com/support/pages/node/7011761 • CWE-20: Improper Input Validation CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-35898 – IBM InfoSphere Information Server information disclosure
https://notcve.org/view.php?id=CVE-2023-35898
IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information due to an insecure security configuration in InfoSphere Data Flow Designer. IBM X-Force ID: 259352. IBM InfoSphere Information Server v11.7 podría permitir a un usuario autenticado obtener información confidencial debido a una configuración de seguridad insegura en "InfoSphere Data Flow Designer". IBM X-Force ID: 259352. • https://exchange.xforce.ibmcloud.com/vulnerabilities/259352 https://www.ibm.com/support/pages/node/7009205 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.7EPSS: 0%CPEs: 4EXPL: 0CVE-2023-35012 – IBM Db2 code execution
https://notcve.org/view.php?id=CVE-2023-35012
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 with a Federated configuration is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local user with SYSADM privileges could overflow the buffer and execute arbitrary code on the system. IBM X-Force ID: 257763. • https://exchange.xforce.ibmcloud.com/vulnerabilities/257763 https://security.netapp.com/advisory/ntap-20230818-0013 https://www.ibm.com/support/pages/node/7010747 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2023-33857 – IBM InfoSphere Information Server information disclosure
https://notcve.org/view.php?id=CVE-2023-33857
IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain system information using a specially crafted query that could aid in further attacks against the system. IBM X-Force ID: 257695. IBM InfoSphere Information Server v11.7 podría permitir a un atacante remoto obtener información del sistema utilizando una consulta especialmente manipulada que podría ayudar en futuros ataques contra el sistema. ID de IBM X-Force: 257695. • https://exchange.xforce.ibmcloud.com/vulnerabilities/257695 https://www.ibm.com/support/pages/node/7007059 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •