CVSS: 6.2EPSS: 0%CPEs: 3EXPL: 0CVE-2023-28527 – IBM Informix Dynamic Server buffer overflow
https://notcve.org/view.php?id=CVE-2023-28527
09 Dec 2023 — IBM Informix Dynamic Server 12.10 and 14.10 cdr is vulnerable to a heap buffer overflow, caused by improper bounds checking which could allow a local user to cause a segmentation fault. IBM X-Force ID: 251206. IBM Informix Dynamic Server 12.10 y 14.10 cdr es vulnerable a un desbordamiento de búfer de almacenamiento dinámico, causado por una verificación de los límites incorrecta que podría permitir que un usuario local cause un error de segmentación. ID de IBM X-Force: 251206. • https://exchange.xforce.ibmcloud.com/vulnerabilities/251206 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-26024 – IBM Planning Analytics on Cloud Pak for Data information disclosure
https://notcve.org/view.php?id=CVE-2023-26024
01 Dec 2023 — IBM Planning Analytics on Cloud Pak for Data 4.0 could allow an attacker on a shared network to obtain sensitive information caused by insecure network communication. IBM X-Force ID: 247898. IBM Planning Analytics on Cloud Pak for Data 4.0 podría permitir que un atacante en una red compartida obtenga información confidencial causada por una comunicación de red insegura. ID de IBM X-Force: 247898. • https://exchange.xforce.ibmcloud.com/vulnerabilities/247898 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-38735 – IBM Cognos Dashboards improper authentication
https://notcve.org/view.php?id=CVE-2023-38735
22 Oct 2023 — IBM Cognos Dashboards on Cloud Pak for Data 4.7.0 could allow a remote attacker to bypass security restrictions, caused by a reverse tabnabbing flaw. An attacker could exploit this vulnerability and redirect a victim to a phishing site. IBM X-Force ID: 262482. IBM Cognos Dashboards en Cloud Pak for Data 4.7.0 podría permitir a un atacante remoto omitir las restricciones de seguridad, causadas por una falla de tabulación inversa. Un atacante podría aprovechar esta vulnerabilidad y redirigir a la víctima a un... • https://exchange.xforce.ibmcloud.com/vulnerabilities/262482 • CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-38276 – IBM Cognos Dashboards information disclosure
https://notcve.org/view.php?id=CVE-2023-38276
22 Oct 2023 — IBM Cognos Dashboards on Cloud Pak for Data 4.7.0 exposes sensitive information in environment variables which could aid in further attacks against the system. IBM X-Force ID: 260736. IBM Cognos Dashboards en Cloud Pak for Data 4.7.0 expone información confidencial en variables de entorno que podrían ayudar en futuros ataques contra el system. ID de IBM X-Force: 260736. • https://exchange.xforce.ibmcloud.com/vulnerabilities/260736 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-38275 – IBM Cognos Dashboards information disclosure
https://notcve.org/view.php?id=CVE-2023-38275
22 Oct 2023 — IBM Cognos Dashboards on Cloud Pak for Data 4.7.0 exposes sensitive information in container images which could lead to further attacks against the system. IBM X-Force ID: 260730. IBM Cognos Dashboards en Cloud Pak for Data 4.7.0 expone información confidencial en imágenes de contenedores que podrían provocar más ataques contra el system. ID de IBM X-Force: 260730. • https://exchange.xforce.ibmcloud.com/vulnerabilities/260735 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-26026 – IBM Planning Analytics Cartridge for Cloud Pak for Data information disclosure
https://notcve.org/view.php?id=CVE-2023-26026
19 Jul 2023 — Planning Analytics Cartridge for Cloud Pak for Data 4.0 exposes sensitive information in logs which could lead an attacker to exploit this vulnerability to conduct further attacks. IBM X-Force ID: 247896. • https://exchange.xforce.ibmcloud.com/vulnerabilities/247896 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-26023 – IBM Planning Analytics Cartridge for Cloud Pak for Data information disclosure
https://notcve.org/view.php?id=CVE-2023-26023
19 Jul 2023 — Planning Analytics Cartridge for Cloud Pak for Data 4.0 exposes sensitive information in logs which could lead an attacker to exploit this vulnerability to conduct further attacks. IBM X-Force ID: 247896. • https://exchange.xforce.ibmcloud.com/vulnerabilities/247896 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27877 – IBM Planning Analytics Cartridge for Cloud Pak for Data information disclosure
https://notcve.org/view.php?id=CVE-2023-27877
19 Jul 2023 — IBM Planning Analytics Cartridge for Cloud Pak for Data 4.0 connects to a CouchDB server. An attacker can exploit an insecure password policy to the CouchDB server and collect sensitive information from the database. IBM X-Force ID: 247905. • https://exchange.xforce.ibmcloud.com/vulnerabilities/247905 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-287: Improper Authentication •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-28955 – IBM Watson Knowledge Catalog denial of service
https://notcve.org/view.php?id=CVE-2023-28955
10 Jul 2023 — IBM Watson Knowledge Catalog on Cloud Pak for Data 4.0 could allow an authenticated user send a specially crafted request that could cause a denial of service. IBM X-Force ID: 251704. • https://exchange.xforce.ibmcloud.com/vulnerabilities/251704 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-28958 – IBM Watson Knowledge Catalog CSV injection
https://notcve.org/view.php?id=CVE-2023-28958
10 Jul 2023 — IBM Watson Knowledge Catalog on Cloud Pak for Data 4.0 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 251782. • https://exchange.xforce.ibmcloud.com/vulnerabilities/251782 • CWE-1236: Improper Neutralization of Formula Elements in a CSV File •