Filtered by vendor Ibm
Subscriptions
Filtered by product Cics Tx
Subscriptions
Total
46 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-41744 | 2 Ibm, Linux | 2 Cics Tx, Linux Kernel | 2025-06-18 | 6.5 Medium |
| IBM CICS TX Standard 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | ||||
| CVE-2025-1329 | 2 Ibm, Linux | 2 Cics Tx, Linux Kernel | 2025-06-05 | 7.8 High |
| IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1 could allow a local user to execute arbitrary code on the system due to failure to handle DNS return requests by the gethostbyaddr function. | ||||
| CVE-2025-1330 | 2 Ibm, Linux | 2 Cics Tx, Linux Kernel | 2025-06-05 | 7.8 High |
| IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1 could allow a local user to execute arbitrary code on the system due to failure to handle DNS return requests by the gethostbyname function. | ||||
| CVE-2025-1331 | 2 Ibm, Linux | 2 Cics Tx, Linux Kernel | 2025-06-05 | 7.8 High |
| IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1 could allow a local user to execute arbitrary code on the system due to the use of unsafe use of the gets function. | ||||
| CVE-2022-34311 | 1 Ibm | 1 Cics Tx | 2025-05-06 | 4.3 Medium |
| IBM CICS TX Standard and Advanced 11.1 could allow a user with physical access to the web browser to gain access to the user's session due to insufficiently protected credentials. IBM X-Force ID: 229446. | ||||
| CVE-2022-34312 | 1 Ibm | 1 Cics Tx | 2025-04-30 | 4 Medium |
| IBM CICS TX 11.1 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 229447. | ||||
| CVE-2022-38705 | 1 Ibm | 1 Cics Tx | 2025-04-30 | 5.3 Medium |
| IBM CICS TX 11.1 Standard and Advanced could allow a remote attacker to bypass security restrictions, caused by a reverse tabnabbing flaw. An attacker could exploit this vulnerability and redirect a victim to a phishing site. IBM X-Force ID: 234172. | ||||
| CVE-2022-34315 | 1 Ibm | 1 Cics Tx | 2025-04-30 | 5.4 Medium |
| IBM CICS TX 11.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 229451. | ||||
| CVE-2022-34318 | 1 Ibm | 1 Cics Tx | 2025-04-30 | 5.4 Medium |
| IBM CICS TX 11.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 229461. | ||||
| CVE-2022-34314 | 1 Ibm | 1 Cics Tx | 2025-04-30 | 4 Medium |
| IBM CICS TX 11.1 could disclose sensitive information to a local user due to insecure permission settings. IBM X-Force ID: 229450. | ||||
| CVE-2022-34316 | 1 Ibm | 1 Cics Tx | 2025-04-30 | 3.7 Low |
| IBM CICS TX 11.1 does not neutralize or incorrectly neutralizes web scripting syntax in HTTP headers that can be used by web browser components that can process raw headers. IBM X-Force ID: 229452. | ||||
| CVE-2022-34313 | 1 Ibm | 1 Cics Tx | 2025-04-30 | 4.3 Medium |
| IBM CICS TX 11.1 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. X-Force ID: 229449. | ||||
| CVE-2022-34319 | 1 Ibm | 1 Cics Tx | 2025-04-29 | 5.9 Medium |
| IBM CICS TX 11.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 229463. | ||||
| CVE-2022-34317 | 1 Ibm | 1 Cics Tx | 2025-04-29 | 5.4 Medium |
| IBM CICS TX 11.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 229459. | ||||
| CVE-2022-34320 | 1 Ibm | 1 Cics Tx | 2025-04-29 | 5.9 Medium |
| IBM CICS TX 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 229464. | ||||
| CVE-2022-34329 | 1 Ibm | 1 Cics Tx | 2025-04-25 | 5.3 Medium |
| IBM CICS TX 11.7 could allow an attacker to obtain sensitive information from HTTP response headers. IBM X-Force ID: 229467. | ||||
| CVE-2022-34310 | 2 Ibm, Linux | 2 Cics Tx, Linux Kernel | 2025-04-24 | 5.9 Medium |
| IBM CICS TX Standard and Advanced 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 229441. | ||||
| CVE-2024-41746 | 1 Ibm | 1 Cics Tx | 2025-01-16 | 7.2 High |
| IBM CICS TX Advanced 10.1, 11.1, and Standard 11.1 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | ||||
| CVE-2023-38362 | 1 Ibm | 1 Cics Tx | 2025-01-07 | 5.3 Medium |
| IBM CICS TX Advanced 10.1 could disclose sensitive information to a remote attacker due to observable discrepancy in HTTP responses. IBM X-Force ID: 260814. | ||||
| CVE-2023-38360 | 1 Ibm | 1 Cics Tx | 2025-01-07 | 6.1 Medium |
| IBM CICS TX Advanced 10.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 260769. | ||||