Ibm Security Guardium
106 CVEs affecting Ibm Security Guardium. Latest disclosed: 2025-06-11. Critical: 4, High: 23.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-35893 | Critical | 9.9 | 2023-08-16 | IBM Security Guardium 10.6, 11.3, 11.4, and 11.5 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially… |
CVE-2017-1253 | Critical | 9.9 | 2017-07-05 | IBM Security Guardium 10.0 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an… |
CVE-2017-1269 | Critical | 9.8 | 2017-07-05 | IBM Security Guardium 10.0 and 10.1 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attack… |
CVE-2023-47709 | Critical | 9.1 | 2024-05-11 | IBM Security Guardium 11.3, 11.4, 11.5, and 12.0 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially… |
CVE-2023-30435 | High | 8.9 | 2023-08-27 | IBM Security Guardium 11.3, 11.4, and 11.5 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in… |
CVE-2020-4952 | High | 8.8 | 2021-01-27 | IBM Security Guardium 11.2 could allow an authenticated user to gain root access due to improper access control. IBM X-Force ID: 192028. |
CVE-2020-4180 | High | 8.8 | 2020-06-03 | IBM Security Guardium 11.1 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an… |
CVE-2019-4422 | High | 8.8 | 2019-10-03 | IBM Security Guardium 9.0, 9.5, and 10.6 are vulnerable to a privilege escalation which could allow an authenticated user to change the accessmgr password. IBM… |
CVE-2019-4292 | High | 8.8 | 2019-07-02 | IBM Security Guardium 10.5 could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable… |
CVE-2017-1757 | High | 8.8 | 2017-12-20 | IBM Security Guardium 10.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to vie… |
CVE-2022-43910 | High | 8.4 | 2023-07-19 | IBM Security Guardium 11.3 could allow a local user to escalate their privileges due to improper permission controls. IBM X-Force ID: 240908. |
CVE-2021-20385 | High | 8.4 | 2021-05-24 | IBM Security Guardium 11.2 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an… |
CVE-2023-42004 | High | 8.0 | 2023-11-28 | IBM Security Guardium 11.3, 11.4, and 11.5 is potentially vulnerable to CSV injection. A remote attacker could execute malicious commands due to improper vali… |
CVE-2023-47712 | High | 7.8 | 2024-05-11 | IBM Security Guardium 11.3, 11.4, 11.5, and 12.0 could allow a local user to gain elevated privileges on the system due to improper permissions control. IBM X… |
CVE-2023-33852 | High | 7.6 | 2023-08-27 | IBM Security Guardium 11.4 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to vie… |
CVE-2020-4990 | High | 7.6 | 2021-05-24 | IBM Security Guardium 11.2 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to vie… |
CVE-2020-4921 | High | 7.6 | 2021-01-20 | IBM Security Guardium 10.6 and 11.2 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attack… |
CVE-2022-43904 | High | 7.5 | 2023-08-27 | IBM Security Guardium 11.3 and 11.4 could disclose sensitive information to an attacker due to improper restriction of excessive authentication attempts. IBM… |
CVE-2020-4690 | High | 7.5 | 2021-09-23 | IBM Security Guardium 11.3 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound… |
CVE-2017-1598 | High | 7.5 | 2017-12-20 | IBM Security Guardium 10.0 Database Activity Monitor uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitiv… |