Page 103 of 15189 results (0.016 seconds)

CVSS: 7.6EPSS: 0%CPEs: 2EXPL: 2

CVE-2023-5808 – System Management Unit (SMU) versions prior to 14.8.7825.01, used to manage Hitachi Vantara NAS products are susceptible to unintended information disclosure via unprivileged access to HNAS configuration backup and diagnostic data.

https://notcve.org/view.php?id=CVE-2023-5808

04 Dec 2023 — SMU versions prior to 14.8.7825.01 are susceptible to unintended information disclosure, through URL manipulation. Authenticated users in a Storage administrative role are able to access HNAS configuration backup and diagnostic data, that would normally be barred to that specific administrative role. La divulgación de información en SMU en Hitachi Vantara HNAS 14.8.7825.01 en Windows permite a los usuarios autenticados descargar archivos confidenciales a través de Insecure Direct Object Reference (IDOR). Hi... • https://packetstorm.news/files/id/177516 • CWE-285: Improper Authorization CWE-287: Improper Authentication •

CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0

CVE-2023-29258 – IBM Db2 denial of service

https://notcve.org/view.php?id=CVE-2023-29258

04 Dec 2023 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1, and 11.5 is vulnerable to a denial of service through a specially crafted federated query on specific federation objects. IBM X-Force ID: 252048. IBM Db2 para Linux, UNIX y Windows (incluye Db2 Connect Server) 11.1 y 11.5 es vulnerable a una denegación de servicio a través de una consulta federada especialmente manipulada en objetos de federación específicos. ID de IBM X-Force: 252048. • https://exchange.xforce.ibmcloud.com/vulnerabilities/252048 • CWE-20: Improper Input Validation •

CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0

CVE-2023-40687 – IBM Db2 denial of service

https://notcve.org/view.php?id=CVE-2023-40687

04 Dec 2023 — IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted RUNSTATS command on an 8TB table. IBM X-Force ID: 264809. IBM DB2 para Linux, UNIX y Windows (incluye Db2 Connect Server) 10.5, 11.1 y 11.5 es vulnerable a la denegación de servicio con un comando RUNSTATS especialmente manipulado en una tabla de 8 TB. ID de IBM X-Force: 264809. • https://exchange.xforce.ibmcloud.com/vulnerabilities/264809 • CWE-20: Improper Input Validation •

CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0

CVE-2023-38727 – IBM Db2 denial of service

https://notcve.org/view.php?id=CVE-2023-38727

04 Dec 2023 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted SQL statement. IBM X-Force ID: 262257. IBM Db2 para Linux, UNIX y Windows (incluye Db2 Connect Server) 10.5, 11.1 y 11.5 es vulnerable a la denegación de servicio con una declaración SQL especialmente manipulada. ID de IBM X-Force: 262257. • https://exchange.xforce.ibmcloud.com/vulnerabilities/262257 • CWE-20: Improper Input Validation •

CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0

CVE-2023-47701 – IBM Db2 denial of service

https://notcve.org/view.php?id=CVE-2023-47701

04 Dec 2023 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query. IBM X-Force ID: 266166. IBM Db2 para Linux, UNIX y Windows (incluye Db2 Connect Server) 10.5, 11.1 y 11.5 es vulnerable a la denegación de servicio con una consulta especialmente manipulada. ID de IBM X-Force: 266166. • https://exchange.xforce.ibmcloud.com/vulnerabilities/266166 • CWE-20: Improper Input Validation •

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0

CVE-2023-46167 – IBM Db2 denial of service

https://notcve.org/view.php?id=CVE-2023-46167

04 Dec 2023 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 federated server is vulnerable to a denial of service when a specially crafted cursor is used. IBM X-Force ID: 269367. El servidor federado IBM Db2 para Linux, UNIX y Windows (incluye Db2 Connect Server) 11.5 es vulnerable a una denegación de servicio cuando se utiliza un cursor especialmente manipulado. ID de IBM X-Force: 269367. • https://exchange.xforce.ibmcloud.com/vulnerabilities/269367 • CWE-20: Improper Input Validation •

CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0

CVE-2023-46174 – IBM InfoSphere Information Server cross-site scripting

https://notcve.org/view.php?id=CVE-2023-46174

01 Dec 2023 — IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 269506. IBM InfoSphere Information Server 11.7 es vulnerable a cross-site scripting. Esta vulnerabilidad permite a los usuarios incrustar código JavaScript arbitrario en la interfaz de usuario web, alterando así la funcional... • https://exchange.xforce.ibmcloud.com/vulnerabilities/269506 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.9EPSS: 0%CPEs: 5EXPL: 0

CVE-2023-42019 – IBM InfoSphere Information Server information disclosure

https://notcve.org/view.php?id=CVE-2023-42019

01 Dec 2023 — IBM InfoSphere Information Server 11.7 could allow a remote attacker to cause a denial of service due to improper input validation. IBM X-Force ID: 265161. IBM InfoSphere Information Server 11.7 podría permitir que un atacante remoto provoque una denegación de servicio debido a una validación de entrada incorrecta. ID de IBM X-Force: 265161. • https://exchange.xforce.ibmcloud.com/vulnerabilities/265569 • CWE-311: Missing Encryption of Sensitive Data •

CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0

CVE-2023-40699 – IBM InfoSphere Information Server denial of service

https://notcve.org/view.php?id=CVE-2023-40699

01 Dec 2023 — IBM InfoSphere Information Server 11.7 could allow a remote attacker to cause a denial of service due to improper input validation. IBM X-Force ID: 265161. IBM InfoSphere Information Server 11.7 podría permitir que un atacante remoto provoque una denegación de servicio debido a una validación de entrada incorrecta. ID de IBM X-Force: 265161. • https://exchange.xforce.ibmcloud.com/vulnerabilities/265161 • CWE-20: Improper Input Validation •

CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0

CVE-2023-42022 – IBM InfoSphere Information Server cross-site scripting

https://notcve.org/view.php?id=CVE-2023-42022

01 Dec 2023 — IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 265938. IBM InfoSphere Information Server 11.7 es vulnerable a cross-site scripting. Esta vulnerabilidad permite a los usuarios incrustar código JavaScript arbitrario en la interfaz de usuario web, alterando así la funcional... • https://exchange.xforce.ibmcloud.com/vulnerabilities/265938 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •