I Security Vulnerabilities and Issues — I CVE List

Lucene search

IbmI

11 matches found

CVE•added 2022/05/24 5:15 p.m.•82 views

CVE-2022-22495

IBM i 7.3, 7.4, and 7.5 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 226941.

8.8CVSS8.7AI score0.0031EPSS

CVE•added 2024/03/14 7:15 p.m.•80 views

CVE-2024-22346

Db2 for IBM i 7.2, 7.3, 7.4, and 7.5 infrastructure could allow a local user to gain elevated privileges due to an unqualified library call. A malicious actor could cause user-controlled code to run with administrator privilege. IBM X-Force ID: 280203.

8.4CVSS8AI score0.00028EPSS

CVE•added 2025/02/24 2:15 a.m.•61 views

CVE-2024-55898

IBM i 7.2, 7.3, 7.4, and 7.5 could allow a user with the capability to compile or restore a program to gain elevated privileges due to an unqualified library call. A malicious actor could cause user-controlled code to run with administrator privilege.

8.5CVSS8.6AI score0.00019EPSS

CVE•added 2014/01/02 2:59 p.m.•48 views

CVE-2013-5385

The OSPF implementation in IBM i 6.1 and 7.1, in z/OS on zSeries servers, and in Networking Operating System (aka NOS, formerly BLADE Operating System) does not properly validate Link State Advertisement (LSA) type 1 packets before performing operations on the LSA database, which allows remote atta...

8.5CVSS6.2AI score0.03264EPSS

CVE•added 2023/07/16 11:15 p.m.•47 views

CVE-2023-30988

The IBM i 7.2, 7.3, 7.4, and 7.5 product Facsimile Support for i contains a local privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges to gain root access to the host operating system. IBM X-Force ID: 254016.

8.4CVSS8.2AI score0.00027EPSS

CVE•added 2023/08/14 6:15 p.m.•40 views

CVE-2023-38721

The IBM i 7.2, 7.3, 7.4, and 7.5 product Facsimile Support for i contains a local privilege escalation vulnerability. A malicious actor could gain access to a command line with elevated privileges allowing root access to the host operating system. IBM X-Force ID: 262173.

8.4CVSS8.2AI score0.00021EPSS

CVE•added 2023/07/16 11:15 p.m.•37 views

CVE-2023-30989

IBM Performance Tools for i 7.2, 7.3, 7.4, and 7.5 contains a local privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges to gain all object access to the host operating system. IBM X-Force ID: 254017.

8.4CVSS8.2AI score0.00027EPSS

CVE•added 2021/04/21 12:15 p.m.•32 views

CVE-2021-20501

IBM i 7.1, 7.2, 7.3, and 7.4 SMTP allows a network attacker to send emails to non-existent local-domain recipients to the SMTP server, caused by using a non-default configuration. An attacker could exploit this vulnerability to consume unnecessary network bandwidth and disk space, and allow remote ...

8.2CVSS7.8AI score0.00454EPSS

CVE•added 2023/12/01 5:15 p.m.•31 views

CVE-2023-42006

IBM Administration Runtime Expert for i 7.2, 7.3, 7.4, and 7.5 could allow a local user to obtain sensitive information caused by improper authority checks. IBM X-Force ID: 265266.

8.4CVSS5.6AI score0.00028EPSS

CVE•added 2025/05/17 4:15 p.m.•30 views

CVE-2025-33103

IBM i 7.2, 7.3, 7.4, 7.5, and 7.6 product IBM TCP/IP Connectivity Utilities for i contains a privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges to gain root access to the host operating system.

8.8CVSS8.9AI score0.00067EPSS

CVE•added 2025/06/25 3:15 a.m.•12 views

CVE-2025-36004

IBM i 7.2, 7.3, 7.4, and 7.5 could allow a user to gain elevated privileges due to an unqualified library call in IBM Facsimile Support for i. A malicious actor could cause user-controlled code to run with administrator privilege.

8.8CVSS7.3AI score0.0005EPSS