Page 123 of 7187 results (0.010 seconds)

CVSS: 8.4EPSS: 0%CPEs: 4EXPL: 0

IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the invscout command to execute arbitrary commands. IBM X-Force ID: 251207. • http://packetstormsecurity.com/files/172458/IBM-AIX-7.2-inscout-Privilege-Escalation.html https://exchange.xforce.ibmcloud.com/vulnerabilities/251207 https://www.ibm.com/support/pages/node/6983232 https://talosintelligence.com/vulnerability_reports/TALOS-2023-1691 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0

IBM Counter Fraud Management for Safer Payments 6.1.0.00 through 6.1.1.02, 6.2.0.00 through 6.2.2.02, 6.3.0.00 through 6.3.1.02, 6.4.0.00 through 6.4.2.01, and 6.5.0.00 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 249192. • https://exchange.xforce.ibmcloud.com/vulnerabilities/249192 https://www.ibm.com/support/pages/node/6985603 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •

CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0

IBM Counter Fraud Management for Safer Payments 5.7.0.00 through 5.7.0.10, 6.0.0.00 through 6.0.0.07, 6.1.0.00 through 6.1.0.05, and 6.2.0.00 through 6.2.1.00 could allow an authenticated attacker under special circumstances to send multiple specially crafted API requests that could cause the application to crash. IBM X-Force ID: 188052. • https://exchange.xforce.ibmcloud.com/vulnerabilities/188052 https://www.ibm.com/support/pages/node/6985595 •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

IBM Counter Fraud Management for Safer Payments 6.1.0.00, 6.2.0.00, 6.3.0.00 through 6.3.1.03, 6.4.0.00 through 6.4.2.02 and 6.5.0.00 does not properly allocate resources without limits or throttling which could allow a remote attacker to cause a denial of service. IBM X-Force ID: 249190. • https://exchange.xforce.ibmcloud.com/vulnerabilities/249190 https://www.ibm.com/support/pages/node/6985601 • CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0

IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 could disclose sensitive information in an error message. This information could be used in further attacks against the system. IBM X-Force ID: 249207. • https://exchange.xforce.ibmcloud.com/vulnerabilities/249207 https://www.ibm.com/support/pages/node/6985679 • CWE-209: Generation of Error Message Containing Sensitive Information •