CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-50939 – IBM PowerSC information Disclosure
https://notcve.org/view.php?id=CVE-2023-50939
IBM PowerSC 1.3, 2.0, and 2.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 275129. IBM PowerSC 1.3, 2.0 y 2.1 utiliza algoritmos criptográficos más débiles de lo esperado que podrían permitir a un atacante descifrar información altamente confidencial. ID de IBM X-Force: 275129. • https://exchange.xforce.ibmcloud.com/vulnerabilities/275129 https://www.ibm.com/support/pages/node/7113759 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-43040 – IBM Spectrum Fusion HCI improper access control
https://notcve.org/view.php?id=CVE-2023-43040
IBM Spectrum Fusion HCI 2.5.2 through 2.7.2 could allow an attacker to perform unauthorized actions in RGW for Ceph due to improper bucket access. IBM X-Force ID: 266807. IBM Spectrum Fusion HCI 2.5.2 a 2.7.2 podría permitir que un atacante realice acciones no autorizadas en RGW para Ceph debido a un acceso inadecuado al depósito. ID de IBM X-Force: 266807. A flaw was found in rgw. • https://github.com/riza/CVE-2023-43040 https://exchange.xforce.ibmcloud.com/vulnerabilities/266807 https://www.ibm.com/support/pages/node/7151040 https://access.redhat.com/security/cve/CVE-2023-43040 https://bugzilla.redhat.com/show_bug.cgi?id=2216855 • CWE-1220: Insufficient Granularity of Access Control •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23622 – IBM Merge Healthcare eFilm Workstation License Server CopySLS_Request3 Buffer Overflow
https://notcve.org/view.php?id=CVE-2024-23622
A stack-based buffer overflow exists in IBM Merge Healthcare eFilm Workstation license server. A remote, unauthenticated attacker can exploit this vulnerability to achieve remote code execution with SYSTEM privileges. Existe un desbordamiento de búfer en la región stack de la memoria en el servidor de licencias de IBM Merge Healthcare eFilm Workstation. Un atacante remoto no autenticado puede aprovechar esta vulnerabilidad para lograr la ejecución remota de código con privilegios de SYSTEM. • https://blog.exodusintel.com/2024/01/25/ibm-merge-healthcare-efilm-workstation-license-server-copysls_request3-buffer-overflow • CWE-131: Incorrect Calculation of Buffer Size CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23621 – IBM Merge Healthcare eFilm Workstation License Server Buffer Overflow
https://notcve.org/view.php?id=CVE-2024-23621
A buffer overflow exists in IBM Merge Healthcare eFilm Workstation license server. A remote, unauthenticated attacker can exploit this vulnerability to achieve remote code execution. Existe un desbordamiento de búfer en el servidor de licencias de IBM Merge Healthcare eFilm Workstation. Un atacante remoto no autenticado puede aprovechar esta vulnerabilidad para lograr la ejecución remota de código. • https://blog.exodusintel.com/2024/01/25/ibm-merge-healthcare-efilm-workstation-license-server-buffer-overflow • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-131: Incorrect Calculation of Buffer Size •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23620 – IBM Merge Healthcare eFilm Workstation SYSTEM Privilege Escalation
https://notcve.org/view.php?id=CVE-2024-23620
An improper privilege management vulnerability exists in IBM Merge Healthcare eFilm Workstation. A local, authenticated attacker can exploit this vulnerability to escalate privileges to SYSTEM. Existe una vulnerabilidad de gestión de privilegios inadecuada en IBM Merge Healthcare eFilm Workstation. Un atacante local autenticado puede aprovechar esta vulnerabilidad para escalar privilegios al SISTEMA. • https://blog.exodusintel.com/2024/01/25/ibm-merge-healthcare-efilm-workstation-system-privilege-escalation • CWE-269: Improper Privilege Management •