Shodan
Vulnerabilities
Vulnerable Software
Ibm:  >> Aix  Security Vulnerabilities
CVE-2019-4322
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. IBM X-Force ID: 161202.
CVSS Score
8.4
EPSS Score
0.001
Published
2019-07-01
CVE-2019-4377
IBM Sterling B2B Integrator 6.0.0.0 and 6.0.0.1 reveals sensitive information from a stack trace that could be used in further attacks against the system. IBM X-Force ID: 162803.
CVSS Score
4.3
EPSS Score
0.002
Published
2019-06-25
CVE-2018-1845
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 150905.
CVSS Score
7.1
EPSS Score
0.005
Published
2019-06-17
CVE-2018-1853
IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 151014.
CVSS Score
6.1
EPSS Score
0.001
Published
2019-04-08
CVE-2018-1882
In a certain atypical IBM Spectrum Protect 7.1 and 8.1 configurations, the node password could be displayed in plain text in the IBM Spectrum Protect client trace file. IBM X-Force ID: 151968.
CVSS Score
4.7
EPSS Score
0.0
Published
2019-04-08
CVE-2018-1751
IBM Security Key Lifecycle Manager 3.0 through 3.0.0.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 148512.
CVSS Score
5.9
EPSS Score
0.002
Published
2019-01-23
CVE-2015-9281
Logon Manager in SAS Web Infrastructure Platform before 9.4M3 allows reflected XSS on the Timeout page.
CVSS Score
6.1
EPSS Score
0.003
Published
2019-01-17
CVE-2018-20732
SAS Web Infrastructure Platform before 9.4M6 allows remote attackers to execute arbitrary code via a Java deserialization variant.
CVSS Score
9.8
EPSS Score
0.043
Published
2019-01-17
CVE-2018-20733
BI Web Services in SAS Web Infrastructure Platform before 9.4M6 allows XXE.
CVSS Score
7.5
EPSS Score
0.003
Published
2019-01-17
CVE-2018-1655
IBM AIX 5.3, 6.1, 7.1, and 7.2 contains a vulnerability in the rmsock command that may be used to expose kernel memory. IBM X-Force ID: 144748.
CVSS Score
4.0
EPSS Score
0.001
Published
2018-06-22


Products
Pricing
Contact Us

Shodan ® - All rights reserved