Show filters
196 Total Results
Displaying 21-30 of 196
Sort by:
Attacker Value
Unknown
CVE-2023-47706
Disclosure Date: December 20, 2023 (last updated December 22, 2023)
IBM Security Guardium Key Lifecycle Manager 4.3 could allow an authenticated user to upload files of a dangerous file type. IBM X-Force ID: 271341.
0
Attacker Value
Unknown
CVE-2023-47704
Disclosure Date: December 20, 2023 (last updated December 22, 2023)
IBM Security Guardium Key Lifecycle Manager 4.3 contains plain text hard-coded credentials or other secrets in source code repository. IBM X-Force ID: 271220.
0
Attacker Value
Unknown
CVE-2023-42004
Disclosure Date: November 28, 2023 (last updated December 05, 2023)
IBM Security Guardium 11.3, 11.4, and 11.5 is potentially vulnerable to CSV injection. A remote attacker could execute malicious commands due to improper validation of csv file contents. IBM X-Force ID: 265262.
0
Attacker Value
Unknown
CVE-2022-43906
Disclosure Date: October 04, 2023 (last updated October 09, 2023)
IBM Security Guardium 11.5 could disclose sensitive information due to a missing or insecure SameSite attribute for a sensitive cookie. IBM X-Force ID: 240897.
0
Attacker Value
Unknown
CVE-2022-43903
Disclosure Date: September 05, 2023 (last updated October 08, 2023)
IBM Security Guardium 10.6, 11.3, and 11.4 could allow an authenticated user to cause a denial of service due to due to improper input validation. IBM X-Force ID: 240894.
0
Attacker Value
Unknown
CVE-2022-43904
Disclosure Date: August 28, 2023 (last updated October 08, 2023)
IBM Security Guardium 11.3 and 11.4 could disclose sensitive information to an attacker due to improper restriction of excessive authentication attempts. IBM X-Force ID: 240895.
0
Attacker Value
Unknown
CVE-2023-33852
Disclosure Date: August 27, 2023 (last updated October 08, 2023)
IBM Security Guardium 11.4 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 257614.
0
Attacker Value
Unknown
CVE-2023-30437
Disclosure Date: August 27, 2023 (last updated October 08, 2023)
IBM Security Guardium 11.3, 11.4, and 11.5 could allow an unauthorized user to enumerate usernames by sending a specially crafted HTTP request. IBM X-Force ID: 252293.
0
Attacker Value
Unknown
CVE-2023-30436
Disclosure Date: August 27, 2023 (last updated October 08, 2023)
IBM Security Guardium 11.3, 11.4, and 11.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 252292.
0
Attacker Value
Unknown
CVE-2023-30435
Disclosure Date: August 27, 2023 (last updated October 08, 2023)
IBM Security Guardium 11.3, 11.4, and 11.5 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 252291.
0
