CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-28958 – IBM Watson Knowledge Catalog CSV injection
https://notcve.org/view.php?id=CVE-2023-28958
IBM Watson Knowledge Catalog on Cloud Pak for Data 4.0 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 251782. • https://exchange.xforce.ibmcloud.com/vulnerabilities/251782 https://www.ibm.com/support/pages/node/7009747 • CWE-1236: Improper Neutralization of Formula Elements in a CSV File •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-27540 – IBM Watson CP4D Data Stores denial of service
https://notcve.org/view.php?id=CVE-2023-27540
IBM Watson CP4D Data Stores 4.6.0 does not properly allocate resources without limits or throttling which could allow a remote attacker with information specific to the system to cause a denial of service. IBM X-Force ID: 248924. • https://exchange.xforce.ibmcloud.com/vulnerabilities/248924 https://www.ibm.com/support/pages/node/7009883 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-28953 – IBM Cognos Analytics on Cloud Pak for Data improper access control
https://notcve.org/view.php?id=CVE-2023-28953
IBM Cognos Analytics on Cloud Pak for Data 4.0 could allow an attacker to make system calls that might compromise the security of the containers due to misconfigured security context. IBM X-Force ID: 251465. • https://exchange.xforce.ibmcloud.com/vulnerabilities/251465 https://security.netapp.com/advisory/ntap-20230814-0001 https://www.ibm.com/support/pages/node/7006413 •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2023-30442 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2023-30442
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 federated server is vulnerable to a denial of service as the server may crash when using a specially crafted wrapper using certain options. IBM X-Force ID: 253202. • https://exchange.xforce.ibmcloud.com/vulnerabilities/253202 https://security.netapp.com/advisory/ntap-20230731-0007 https://www.ibm.com/support/pages/node/7010561 • CWE-20: Improper Input Validation •
CVSS: 8.4EPSS: 0%CPEs: 8EXPL: 0CVE-2023-30431 – IBM Db2 buffer overflow
https://notcve.org/view.php?id=CVE-2023-30431
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 db2set is vulnerable to a buffer overflow, caused by improper bounds checking. An attacker could overflow the buffer and execute arbitrary code. IBM X-Force ID: 252184. • https://exchange.xforce.ibmcloud.com/vulnerabilities/252184 https://security.netapp.com/advisory/ntap-20230731-0007 https://www.ibm.com/support/pages/node/7010565 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •