CVSS: 5.4EPSS: 0%CPEs: 5EXPL: 0CVE-2022-43579 – IBM Sterling B2B Integrator Standard Edition cross-site scripting
https://notcve.org/view.php?id=CVE-2022-43579
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 and 6.1.0.0 through 6.1.2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 238684. • https://exchange.xforce.ibmcloud.com/vulnerabilities/238684 https://www.ibm.com/support/pages/node/6954765 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-40232 – IBM Sterling B2B Integrator Standard Edition improper access control
https://notcve.org/view.php?id=CVE-2022-40232
IBM Sterling B2B Integrator Standard Edition 6.1.0.0 through 6.1.1.1, and 6.1.2.0 could allow an authenticated user to perform actions they should not have access to due to improper permission controls. IBM X-Force ID: 235597. • https://exchange.xforce.ibmcloud.com/vulnerabilities/235597 https://www.ibm.com/support/pages/node/6954465 • CWE-276: Incorrect Default Permissions •
CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 0CVE-2022-43929 – IBM Db2 for Linux, UNIX and Windows denial of service
https://notcve.org/view.php?id=CVE-2022-43929
IBM Db2 for Linux, UNIX and Windows 11.1 and 11.5 may be vulnerable to a Denial of Service when executing a specially crafted 'Load' command. IBM X-Force ID: 241676. • https://exchange.xforce.ibmcloud.com/vulnerabilities/241676 https://www.ibm.com/support/pages/node/6953763 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 14EXPL: 0CVE-2022-43927 – IBM Db2 for Linux, UNIX and Windows information disclosure
https://notcve.org/view.php?id=CVE-2022-43927
IBM Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 is vulnerable to information Disclosure due to improper privilege management when a specially crafted table access is used. IBM X-Force ID: 241671. • https://exchange.xforce.ibmcloud.com/vulnerabilities/241671 https://www.ibm.com/support/pages/node/6953759 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-269: Improper Privilege Management •
CVSS: 6.2EPSS: 0%CPEs: 4EXPL: 0CVE-2023-24964 – IBM InfoSphere Information Server information disclosure
https://notcve.org/view.php?id=CVE-2023-24964
IBM InfoSphere Information Server 11.7 could allow a local user to obtain sensitive information from a log files. IBM X-Force ID: 246463. • https://exchange.xforce.ibmcloud.com/vulnerabilities/246463 https://www.ibm.com/support/pages/node/6953519 • CWE-312: Cleartext Storage of Sensitive Information •