Security
Headlines
HeadlinesLatestCVEs

Tag

#ibm

CVE-2023-46848

Squid is vulnerable to Denial of Service, where a remote attacker can perform DoS by sending ftp:// URLs in HTTP Request messages or constructing ftp:// URLs from FTP Native input.

CVE
Open in Source
#vulnerability#web#linux#red_hat#dos#nodejs#js#kubernetes#aws#auth#ibm#sap
CVE-2023-35896: IBM Content Navigator is vulnerable to Server Side Request Forgery leading to Arbitrary File Read due to Oracle Outside In Technology (CVE-2023-35896)

IBM Content Navigator 3.0.13 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 259247.

CVE-2023-46176: IBM MQ Appliance privilege escalation CVE-2023-46176 Vulnerability Report

IBM MQ Appliance 9.3 CD could allow a local attacker to gain elevated privileges on the system, caused by improper validation of security keys. IBM X-Force ID: 269535.

CVE-2023-42029: Security Bulletin: "Cross Site Scripting" affects IBM CICS TX Standard and IBM CICS TX Advanced

IBM CICS TX Standard 11.1, Advanced 10.1, 11.1, and TXSeries for Multiplatforms 8.1, 8.2, 9.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 266059.

CVE-2023-42027: Security Bulletin: "Cross Site Request Forgery" affects IBM CICS TX Advanced and IBM CICS TX Standard

IBM CICS TX Standard 11.1, Advanced 10.1, 11.1, and TXSeries for Multiplatforms 8.1, 8.2, 9.1 are vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 266057.

CVE-2023-43018: IBM CICS TX privilege escalation CVE-2023-43018 Vulnerability Report

IBM CICS TX Standard 11.1 and Advanced 10.1, 11.1 performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses. IBM X-Force ID: 266163.

CVE-2023-5408

A privilege escalation flaw was found in the node restriction admission plugin of the kubernetes api server of OpenShift. A remote attacker who modifies the node role label could steer workloads from the control plane and etcd nodes onto different worker nodes and gain broader access to the cluster.

Getting Smart With Cybersecurity: AI Can Help the Good Guys, Too

With the rapid advancement and adoption of artificial intelligence (AI) in cybersecurity, the benefits of speed and accuracy are becoming clearer every day.

CVE-2023-40685: IBM i privilege escalation CVE-2023-40685 Vulnerability Report

Management Central as part of IBM i 7.2, 7.3, 7.4, and 7.5 Navigator contains a local privilege escalation vulnerability. A malicious actor with command line access to the operating system can exploit this vulnerability to elevate privileges to gain root access to the operating system. IBM X-Force ID: 264116.

CVE-2023-43041: Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities in components.

IBM QRadar SIEM 7.5 is vulnerable to information exposure allowing a delegated Admin tenant user with a specific domain security profile assigned to see data from other domains. This vulnerability is due to an incomplete fix for CVE-2022-34352. IBM X-Force ID: 266808.