CVSS: 8.4EPSS: 0%CPEs: 3EXPL: 0CVE-2023-45168 – IBM AIX command execution
https://notcve.org/view.php?id=CVE-2023-45168
IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the invscout command to execute arbitrary commands. IBM X-Force ID: 267966. IBM AIX 7.2, 7.3 y VIOS 3.1 podrían permitir que un usuario local sin privilegios aproveche una vulnerabilidad en el comando invscout para ejecutar comandos arbitrarios. ID de IBM X-Force: 267966. • https://exchange.xforce.ibmcloud.com/vulnerabilities/267966 https://www.ibm.com/support/pages/node/7086090 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-42004 – IBM Security Guardium CSV injection
https://notcve.org/view.php?id=CVE-2023-42004
IBM Security Guardium 11.3, 11.4, and 11.5 is potentially vulnerable to CSV injection. A remote attacker could execute malicious commands due to improper validation of csv file contents. IBM X-Force ID: 265262. IBM Security Guardium 11.3, 11.4 y 11.5 es potencialmente vulnerable a la inyección de CSV. Un atacante remoto podría ejecutar comandos maliciosos debido a una validación inadecuada del contenido del archivo csv. • https://exchange.xforce.ibmcloud.com/vulnerabilities/265262 https://www.ibm.com/support/pages/node/7069241 • CWE-1236: Improper Neutralization of Formula Elements in a CSV File •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-26279 – IBM QRadar WinCollect Agent improper output encoding
https://notcve.org/view.php?id=CVE-2023-26279
IBM QRadar WinCollect Agent 10.0 through 10.1.7 could allow a local user to perform unauthorized actions due to improper encoding. IBM X-Force ID: 248160. IBM QRadar WinCollect Agent 10.0 a 10.1.7 podría permitir que un usuario local realice acciones no autorizadas debido a una codificación incorrecta. ID de IBM X-Force: 248160. • https://exchange.xforce.ibmcloud.com/vulnerabilities/213551 https://www.ibm.com/support/pages/node/7081403 • CWE-116: Improper Encoding or Escaping of Output •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2021-39008 – IBM QRadar WinCollect Agent information disclosure
https://notcve.org/view.php?id=CVE-2021-39008
IBM QRadar WinCollect Agent 10.0 through 10.1.7 could allow a privileged user to obtain sensitive information due to missing best practices. IBM X-Force ID: 213551. IBM QRadar WinCollect Agent 10.0 a 10.1.7 podría permitir que un usuario privilegiado obtenga información confidencial debido a la falta de mejores prácticas. ID de IBM X-Force: 213551. • https://exchange.xforce.ibmcloud.com/vulnerabilities/213551 https://www.ibm.com/support/pages/node/7081403 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.2EPSS: 0%CPEs: 2EXPL: 0CVE-2023-25682 – IBM Sterling B2B Integrator information disclosure
https://notcve.org/view.php?id=CVE-2023-25682
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.1 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 247034. IBM Sterling B2B Integrator Standard Edition 6.0.0.0 a 6.0.3.8 y 6.1.0.0 a 6.1.2.1 almacena información potencialmente confidencial en archivos de registro que un usuario local podría leer. ID de IBM X-Force: 247034. • https://exchange.xforce.ibmcloud.com/vulnerabilities/247034 https://www.ibm.com/support/pages/node/7080172 • CWE-532: Insertion of Sensitive Information into Log File •