Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Ibm Subscribe
Filtered by product Security Guardium
Total 101 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-39077 2 Ibm, Linux 2 Security Guardium, Linux Kernel 2024-02-29 N/A 4.4 MEDIUM
IBM Security Guardium 10.5, 10.6, 11.0, 11.1, 11.2, 11.3, and 11.4 stores user credentials in plain clear text which can be read by a local privileged user. IBM X-Force ID: 215587.  
CVE-2023-42004 1 Ibm 1 Security Guardium 2023-12-04 N/A 8.8 HIGH
IBM Security Guardium 11.3, 11.4, and 11.5 is potentially vulnerable to CSV injection. A remote attacker could execute malicious commands due to improper validation of csv file contents. IBM X-Force ID: 265262.
CVE-2022-39166 1 Ibm 1 Security Guardium 2023-11-07 N/A 4.9 MEDIUM
IBM Security Guardium 11.4 could allow a privileged user to obtain sensitive information inside of an HTTP response. IBM X-Force ID: 235405.
CVE-2022-43906 2 Ibm, Linux 2 Security Guardium, Linux Kernel 2023-10-05 N/A 5.3 MEDIUM
IBM Security Guardium 11.5 could disclose sensitive information due to a missing or insecure SameSite attribute for a sensitive cookie. IBM X-Force ID: 240897.
CVE-2022-43903 2 Ibm, Linux 2 Security Guardium, Linux Kernel 2023-09-08 N/A 6.5 MEDIUM
IBM Security Guardium 10.6, 11.3, and 11.4 could allow an authenticated user to cause a denial of service due to due to improper input validation. IBM X-Force ID: 240894.
CVE-2022-43907 1 Ibm 1 Security Guardium 2023-08-29 N/A 8.8 HIGH
IBM Security Guardium 11.4 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 240901.
CVE-2022-43904 1 Ibm 1 Security Guardium 2023-08-29 N/A 7.5 HIGH
IBM Security Guardium 11.3 and 11.4 could disclose sensitive information to an attacker due to improper restriction of excessive authentication attempts. IBM X-Force ID: 240895.
CVE-2022-43909 1 Ibm 1 Security Guardium 2023-08-29 N/A 5.4 MEDIUM
IBM Security Guardium 11.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 240905.
CVE-2023-30435 1 Ibm 1 Security Guardium 2023-08-29 N/A 5.4 MEDIUM
IBM Security Guardium 11.3, 11.4, and 11.5 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 252291.
CVE-2023-30436 1 Ibm 1 Security Guardium 2023-08-29 N/A 5.4 MEDIUM
IBM Security Guardium 11.3, 11.4, and 11.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 252292.
CVE-2023-30437 1 Ibm 1 Security Guardium 2023-08-29 N/A 5.3 MEDIUM
IBM Security Guardium 11.3, 11.4, and 11.5 could allow an unauthorized user to enumerate usernames by sending a specially crafted HTTP request. IBM X-Force ID: 252293.
CVE-2023-33852 1 Ibm 1 Security Guardium 2023-08-29 N/A 5.4 MEDIUM
IBM Security Guardium 11.4 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 257614.
CVE-2023-35893 2 Ibm, Linux 2 Security Guardium, Linux Kernel 2023-08-22 N/A 8.8 HIGH
IBM Security Guardium 10.6, 11.3, 11.4, and 11.5 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 258824.
CVE-2022-43908 2 Ibm, Linux 2 Security Guardium, Linux Kernel 2023-07-28 N/A 6.5 MEDIUM
IBM Security Guardium 11.3 could allow an authenticated user to cause a denial of service due to improper input validation. IBM X-Force ID: 240903.
CVE-2022-43910 2 Ibm, Linux 2 Security Guardium, Linux Kernel 2023-07-27 N/A 7.8 HIGH
IBM Security Guardium 11.3 could allow a local user to escalate their privileges due to improper permission controls. IBM X-Force ID: 240908.
CVE-2022-22307 2 Ibm, Linux 2 Security Guardium, Linux Kernel 2023-06-21 N/A 7.8 HIGH
IBM Security Guardium 11.3, 11.4, and 11.5 could allow a local user to obtain elevated privileges due to incorrect authorization checks. IBM X-Force ID: 216753.
CVE-2023-0041 2 Ibm, Linux 2 Security Guardium, Linux Kernel 2023-06-09 N/A 8.8 HIGH
IBM Security Guardium 11.5 could allow a user to take over another user's session due to insufficient session expiration. IBM X-Force ID: 243657.
CVE-2019-4292 1 Ibm 1 Security Guardium 2023-02-03 6.5 MEDIUM 8.8 HIGH
IBM Security Guardium 10.5 could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable web server. IBM X-Force ID: 160698.
CVE-2019-4422 1 Ibm 1 Security Guardium 2022-12-07 6.5 MEDIUM 8.8 HIGH
IBM Security Guardium 9.0, 9.5, and 10.6 are vulnerable to a privilege escalation which could allow an authenticated user to change the accessmgr password. IBM X-Force ID: 162768.
CVE-2021-39074 1 Ibm 1 Security Guardium 2022-07-07 4.3 MEDIUM 6.1 MEDIUM
IBM Security Guardium 11.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.