CVSS: 6.2EPSS: 0%CPEs: 4EXPL: 0CVE-2022-43381 – IBM AIX denial of service
https://notcve.org/view.php?id=CVE-2022-43381
23 Dec 2022 — IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1could allow a non-privileged local user to exploit a vulnerability in the AIX SMB client to cause a denial of service. IBM X-Force ID: 238639. IBM AIX 7.1, 7.2, 7.3 y VIOS 3.1 podrían permitir que un usuario local sin privilegios aproveche una vulnerabilidad en el cliente SMB de AIX para provocar una denegación de servicio. ID de IBM X-Force: 238639. • https://exchange.xforce.ibmcloud.com/vulnerabilities/238639 • CWE-399: Resource Management Errors •
CVSS: 5.9EPSS: 0%CPEs: 5EXPL: 0CVE-2022-35646 – IBM Security Verify Governance, Identity Manager security bypass
https://notcve.org/view.php?id=CVE-2022-35646
22 Dec 2022 — IBM Security Verify Governance, Identity Manager 10.0.1 software component could allow an authenticated user to modify or cancel any other user's access request using man-in-the-middle techniques. IBM X-Force ID: 231096. El componente de software IBM Security Verify Governance, Identity Manager 10.0.1 podría permitir que un usuario autenticado modifique o cancele la solicitud de acceso de cualquier otro usuario utilizando técnicas de intermediario. ID de IBM X-Force: 231096. • https://exchange.xforce.ibmcloud.com/vulnerabilities/231096 • CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-38391 – IBM Spectrum Control information disclosure
https://notcve.org/view.php?id=CVE-2022-38391
20 Dec 2022 — IBM Spectrum Control 5.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 233982. IBM Spectrum Control 5.4 utiliza algoritmos criptográficos más débiles de lo esperado que podrían permitir a un atacante descifrar información altamente confidencial. ID de IBM X-Force: 233982. • https://exchange.xforce.ibmcloud.com/vulnerabilities/233982 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 6.2EPSS: 0%CPEs: 4EXPL: 0CVE-2022-43382 – IBM AIX denial of service
https://notcve.org/view.php?id=CVE-2022-43382
20 Dec 2022 — IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1could allow a local user with elevated privileges to exploit a vulnerability in the lpd daemon to cause a denial of service. IBM X-Force ID: 238641. IBM AIX 7.1, 7.2, 7.3 y VIOS 3.1 podrían permitir que un usuario local con privilegios elevados aproveche una vulnerabilidad en el lpd daemon para provocar una Denegación de Servicio (DoS). ID de IBM X-Force: 238641. • https://exchange.xforce.ibmcloud.com/vulnerabilities/238641 • CWE-399: Resource Management Errors •
CVSS: 6.2EPSS: 0%CPEs: 4EXPL: 0CVE-2022-43875 – IBM Financial Transaction Manager for SWIFT Services for Multiplatforms denial of service
https://notcve.org/view.php?id=CVE-2022-43875
20 Dec 2022 — IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 could allow an authenticated user to lock additional RM authorizations, resulting in a denial of service on displaying or managing these authorizations. IBM X-Force ID: 240034. IBM Financial Transaction Manager para SWIFT Services for Multiplatforms 3.2.4 podría permitir que un usuario autenticado bloquee autorizaciones RM adicionales, lo que resultaría en una Denegación de Servicio (DoS) al mostrar o administrar estas autorizacio... • https://exchange.xforce.ibmcloud.com/vulnerabilities/240034 • CWE-20: Improper Input Validation •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2022-43872 – IBM Financial Transaction Manager information disclosure
https://notcve.org/view.php?id=CVE-2022-43872
20 Dec 2022 — IBM Financial Transaction Manager 3.2.4 authorization checks are done incorrectly for some HTTP requests which allows getting unauthorized technical information (e.g. event log entries) about the FTM SWIFT system. IBM X-Force ID: 239708. Las comprobaciones de autorización de IBM Financial Transaction Manager 3.2.4 se realizan incorrectamente para algunas solicitudes HTTP, lo que permite obtener información técnica no autorizada (por ejemplo, entradas de registro de eventos) sobre el sistema FTM SWIFT. ID de... • https://exchange.xforce.ibmcloud.com/vulnerabilities/239708 • CWE-863: Incorrect Authorization •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-34361 – IBM Sterling Secure Proxy information disclosure
https://notcve.org/view.php?id=CVE-2022-34361
06 Dec 2022 — IBM Sterling Secure Proxy 6.0.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 230522. IBM Sterling Secure Proxy 6.0.3 utiliza algoritmos criptográficos más débiles de lo esperado que podrían permitir a un atacante descifrar información altamente confidencial. ID de IBM X-Force: 230522. • https://exchange.xforce.ibmcloud.com/vulnerabilities/230522 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0CVE-2022-40752
https://notcve.org/view.php?id=CVE-2022-40752
16 Nov 2022 — IBM InfoSphere DataStage 11.7 is vulnerable to a command injection vulnerability due to improper neutralization of special elements. IBM X-Force ID: 236687. IBM InfoSphere DataStage 11.7 es vulnerable a una vulnerabilidad de inyección de comandos debido a una neutralización inadecuada de elementos especiales. ID de IBM X-Force: 236687. • https://exchange.xforce.ibmcloud.com/vulnerabilities/236687 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 6.8EPSS: 0%CPEs: 13EXPL: 0CVE-2022-31772 – IBM MQ denial of service
https://notcve.org/view.php?id=CVE-2022-31772
11 Nov 2022 — IBM MQ 8.0, 9.0 LTS, 9.1 CD, 9.1 LTS, 9.2 CD, and 9.2 LTS could allow an authenticated and authorized user to cause a denial of service to the MQTT channels. IBM X-Force ID: 228335. IBM MQ 8.0, 9.0 LTS, 9.1 CD, 9.1 LTS, 9.2 CD y 9.2 LTS podrían permitir que un usuario autenticado y autorizado provoque una denegación de servicio a los canales MQTT. ID de IBM X-Force: 228335. • https://exchange.xforce.ibmcloud.com/vulnerabilities/228335 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-40753 – IBM InfoSphere Information Server cross-site scripting
https://notcve.org/view.php?id=CVE-2022-40753
11 Nov 2022 — IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 236688. IBM InfoSphere Information Server 11.7 es vulnerable a Cross-Site Scripting (XSS). Esta vulnerabilidad permite a los usuarios incrustar código JavaScript arbitrario en la interfaz de usuario web, alterando así la fun... • https://exchange.xforce.ibmcloud.com/vulnerabilities/236688 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •