Ibm: Security Vulnerabilities
IBM Storage Virtualize vSphere Remote Plug-in 1.0 and 1.1 could allow a remote user to obtain sensitive credential information after deployment.
CVSS Score
6.8
EPSS Score
0.001
Published
2025-03-21
IBM InfoSphere Information Server 11.7 could allow a local user to execute privileged commands due to the improper handling of permissions.
CVSS Score
8.4
EPSS Score
0.0
Published
2025-03-19
IBM Security ReaQta 3.12 allows a privileged user to upload or transfer files of dangerous types that can be automatically processed within the product's environment.
CVSS Score
4.7
EPSS Score
0.001
Published
2025-03-19
IBM AIX 7.2 and 7.3 nimesis NIM master service could allow a remote attacker to execute arbitrary commands due to improper process controls.
CVSS Score
10.0
EPSS Score
0.002
Published
2025-03-18
IBM AIX 7.2 and 7.3 nimsh service SSL/TLS protection mechanisms could allow a remote attacker to execute arbitrary commands due to improper process controls.
CVSS Score
9.6
EPSS Score
0.001
Published
2025-03-18
IBM QRadar Advisor 1.0.0 through 2.6.5 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.
CVSS Score
4.1
EPSS Score
0.001
Published
2025-03-18
IBM Security QRadar 3.12 EDR stores user credentials in plain text which can be read by a local privileged user.
CVSS Score
4.1
EPSS Score
0.0
Published
2025-03-14
IBM Security QRadar 3.12 EDR uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt sensitive credential information.
CVSS Score
5.9
EPSS Score
0.0
Published
2025-03-14
A maliciously crafted QPY file can potential execute arbitrary-code embedded in the payload without privilege escalation when deserialising QPY formats < 13. A python process calling Qiskit 0.18.0 through 1.4.1's `qiskit.qpy.load()` function could potentially execute any arbitrary Python code embedded in the correct place in the binary file as part of specially constructed payload.
CVSS Score
9.8
EPSS Score
0.005
Published
2025-03-14
IBM App Connect Enterprise Certified Container 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, 12.7, and 12.8 could allow an authenticated user to cause a denial of service in the App Connect flow due to improper validation of server-side input.
CVSS Score
4.3
EPSS Score
0.001
Published
2025-03-12