ibm i の CVE(64 件)

CVE 件数: 64 CPE versions: View versions table

概要

本ページは ibm i に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。

表示中 120 / 64 CVE 件数
«« 先頭 « 前へ 1 / 4 次へ »
CVE 概要 ソース CVSS 最大値 EPSS(%) 公開 更新
CVE-2026-10852 IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to denial of service in the WebSphere WebServer Plug-in component when an attacker can pass crafted requests to the web server. [email protected] 5.9 0.26% 2026-06-22 2026-06-30
CVE-2026-9072 IBM WebSphere Application Server and IBM WebSphere Application Server Liberty - when using Intelligent Management with the WebSphere WebServer Plug-in component - are vulnerable to remote code execution and denial of service. This vulnerability can be exploited when an attacker impersonates backend servers and sends crafted responses to the plug-in. [email protected] 8.1 0.38% 2026-06-22 2026-06-24
CVE-2026-8858 IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to remote code execution and denial of service in the WebSphere Web Server Plug-in component. This vulnerability can be exploited when an attacker impersonates the application server and sends crafted responses to the plug-in. [email protected] 7.5 0.26% 2026-06-22 2026-06-24
CVE-2026-7870 IBM i 7.6, 7.5, 7.4, and 7.3 could allow a user to gain elevated privileges due to an unqualified library call. A malicious actor could cause user-controlled code to run with administrator privilege. [email protected] 8.8 0.34% 2026-06-11 2026-06-17
CVE-2026-6936 IBM i 7.6, 7.5, 7.4, and 7.3 s vulnerable to a denial-of-service attack due to uncontrolled recursion in the Integrated Language Environment (ILE) compiler. An authenticated attacker could exploit this vulnerability by compiling specially crafted source code containing a specific combination of statements. [email protected] 6.5 0.24% 2026-05-27 2026-06-17
CVE-2026-2311 IBM i 7.6, 7.5, 7.4, 7.3, and 7.2 s vulnerable to privilege escalation caused by an invalid IBM i Web Administration GUI authorization check.  A malicious actor could cause user-controlled code to run with administrator privilege. [email protected] 6.4 0.20% 2026-04-30 2026-06-17
CVE-2026-1376 IBM i 7.6 could allow a remote attacker to cause a denial of service using failed authentication connections due to improper allocation of resources. [email protected] 7.5 0.52% 2026-03-17 2026-06-17
CVE-2025-36371 IBM i 7.2, 7.3, 7.4, 7.5, and 7.6 are impacted by obtaining an information vulnerability in the database plan cache implementation.  A user with access to the database plan cache could see information they do not have authority to view. [email protected] 6.5 0.22% 2025-11-19 2026-06-17
CVE-2025-36367 IBM i 7.6, 7.5, 7.4, 7.3, and 7.2 is vulnerable to privilege escalation caused by an invalid IBM i SQL services authorization check. A malicious actor can use the elevated privileges of another user profile to gain root access to the host operating system. [email protected] 8.8 0.26% 2025-11-01 2026-06-17
CVE-2025-36119 IBM i 7.3, 7.4, 7.5, and 7.6 is affected by an authenticated user obtaining elevated privileges with IBM Digital Certificate Manager for i (DCM) due to a web session hijacking vulnerability. An authenticated user without administrator privileges could exploit this vulnerability to perform actions in DCM as an administrator. [email protected] 7.1 0.18% 2025-08-08 2026-06-17
CVE-2025-33109 IBM i 7.2, 7.3, 7.4, 7.5, and 7.6 is vulnerable to a privilege escalation caused by an invalid database authority check. A bad actor could execute a database procedure or function without having all required permissions, in addition to causing denial of service for some database actions. [email protected] 7.5 0.36% 2025-07-24 2026-06-17
CVE-2025-36004 IBM i 7.2, 7.3, 7.4, and 7.5 could allow a user to gain elevated privileges due to an unqualified library call in IBM Facsimile Support for i. A malicious actor could cause user-controlled code to run with administrator privilege. [email protected] 8.8 0.49% 2025-06-24 2026-06-17
CVE-2025-33122 IBM i 7.2, 7.3, 7.4, 7.5, and 7.6 could allow a user to gain elevated privileges due to an unqualified library call in IBM Advanced Job Scheduler for i. A malicious actor could cause user-controlled code to run with administrator privilege. [email protected] 7.5 0.34% 2025-06-17 2026-06-17
CVE-2025-33108 IBM Backup, Recovery and Media Services for i 7.4 and 7.5 could allow a user with the capability to compile or restore a program to gain elevated privileges due to a library unqualified call made by a BRMS program. A malicious actor could cause user-controlled code to run with component access to the host operating system. [email protected] 8.5 0.53% 2025-06-13 2026-06-17
CVE-2025-33103 IBM i 7.2, 7.3, 7.4, 7.5, and 7.6 product IBM TCP/IP Connectivity Utilities for i contains a privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges to gain root access to the host operating system. [email protected] 8.5 0.36% 2025-05-17 2026-06-17
CVE-2025-3218 IBM i 7.2, 7.3, 7.4, 7.5, and 7.6 is vulnerable to authentication and authorization attacks due to incorrect validation processing in IBM i Netserver. A malicious actor could use the weaknesses, in conjunction with brute force authentication attacks or to bypass authority restrictions, to access the server. [email protected] 5.4 0.21% 2025-05-06 2026-06-17
CVE-2025-2950 IBM i 7.3, 7.4, 7.5, and 7.5 is vulnerable to a host header injection attack caused by improper neutralization of HTTP header content by IBM Navigator for i. An authenticated user can manipulate the host header in HTTP requests to change domain/IP address which may lead to unexpected behavior. [email protected] 5.4 0.25% 2025-04-18 2026-06-17
CVE-2025-2947 IBM i 7.6  contains a privilege escalation vulnerability due to incorrect profile swapping in an OS command.  A malicious actor can use the command to elevate privileges to gain root access to the host operating system. [email protected] 7.2 0.36% 2025-04-17 2026-06-17
CVE-2024-55898 IBM i 7.2, 7.3, 7.4, and 7.5 could allow a user with the capability to compile or restore a program to gain elevated privileges due to an unqualified library call. A malicious actor could cause user-controlled code to run with administrator privilege. [email protected] 8.5 0.40% 2025-02-23 2026-06-17
CVE-2024-52895 IBM i 7.4 and 7.5 is vulnerable to a database access denial of service caused by a bypass of a database capabilities restriction check. A privileged bad actor can remove or otherwise impact database infrastructure files resulting in incorrect behavior of software products that rely upon the database. [email protected] 6.5 0.37% 2025-02-14 2026-06-17
«« 先頭 « 前へ 1 / 4 次へ »
cvelogic Threat Intelligence