IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to sensitive information disclosure when using ADMIN_CMD with IMPORT or EXPORT.
CVSS Score
6.8
EPSS Score
0.001
Published
2024-04-03
IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS and 9.3 CD is vulnerable to a denial-of-service attack due to an error within the MQ clustering logic. IBM X-Force ID: 268066.
CVSS Score
5.3
EPSS Score
0.001
Published
2024-03-20
IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server)
10.5, 11.1 and 11.5
could allow an authenticated user with CONNECT privileges to cause a denial of service using a specially crafted query. IBM X-Force ID: 270750.
CVSS Score
5.3
EPSS Score
0.0
Published
2024-01-22
IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.1, 10.5, and 11.1 could allow an authenticated user with CONNECT privileges to cause a denial of service using a specially crafted query. IBM X-Force ID: 272646.
CVSS Score
5.3
EPSS Score
0.0
Published
2024-01-22
IBM Db2 10.1, 10.5, and 11.1 could allow a remote user to execute arbitrary code caused by installing like named jar files across multiple databases. A user could exploit this by installing a malicious jar file that overwrites the existing like named jar file in another database. IBM X-Force ID: 249205.
CVSS Score
6.5
EPSS Score
0.001
Published
2024-01-22
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 could allow an authenticated user with CONNECT privileges to cause a denial of service using a specially crafted query. IBM X-Force ID: 272644.
CVSS Score
5.3
EPSS Score
0.0
Published
2024-01-22
A potential security vulnerability has been identified with HP-UX System Management Homepage (SMH). This vulnerability could be exploited locally or remotely to disclose information.
CVSS Score
7.2
EPSS Score
0.002
Published
2023-12-17
IBM CICS TX Standard 11.1, Advanced 10.1, 11.1, and TXSeries for Multiplatforms 8.1, 8.2, 9.1 are vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 266057.
CVSS Score
4.3
EPSS Score
0.0
Published
2023-11-03
IBM CICS TX Standard 11.1, Advanced 10.1, 11.1, and TXSeries for Multiplatforms 8.1, 8.2, 9.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 266059.
CVSS Score
4.8
EPSS Score
0.001
Published
2023-11-03
Insufficient Logging vulnerability in Hitachi HiRDB Server, HiRDB Server With Addtional Function, HiRDB Structured Data Access Facility.This issue affects HiRDB Server: before 09-60-39, before 09-65-23,
before 09-66-17,
before 10-01-10, before 10-03-12, before 10-04-06, before 10-05-06, before 10-06-02; HiRDB Server With Addtional Function: before 09-60-2M, before 09-65-/W
, before 09-66-/Q
; HiRDB Structured Data Access Facility: before 09-60-39, before 10-03-12, before 10-04-06, before 10-06-02.
CVSS Score
5.3
EPSS Score
0.002
Published
2023-08-29