IBM | writeups.xyz

Title	Vulnerabilities	Programs	Authors
Advisory CVE-2023-43042 – IBM Backup Products Superuser Information Disclosure	Information Disclosure	IBM	Max Corbridge (@CorbridgeMax)
Technical Details of CVE-2023-30988 - IBM Facsimile Support Privilege Escalation	Local Privilege Escalation	IBM	Pz
Privilege Escalation In Ibm Spectrum Virtualize	Privilege Escalation Information Disclosure	IBM	Wolfgang Ettlinger
Technical Details of CVE-2023-30990 - Unauthenticated RCE in IBM i DDM Service	RCE	IBM	Pz
Vulnerabilities in the TPM 2.0 reference implementation code	Memory Corruption Out-of-Bounds Read Out-of-Bounds Write	Microsoft VMware Google IBM Lenovo Qemu Nuvoton Trusted Computing Group STMicroelectronics Aruba Networks CERT/CC Libtpms	Francisco Falcon (@Fdfalcon)
Authenticated XXE vulnerability in IBM Tivoli Workload Scheduler CVE-2022-38389	XXE	IBM	Geoffrey Bertoli (@YofBalibump)
Pre-Auth RCE in Aspera Faspex: Case Guide for Auditing Ruby on Rails	RCE Security Code Review Missing Authentication Insecure Deserialization	IBM	Maxwell Garrett (@TheGrandPew) Shubham Shah (@Infosec_au)
Hell’s Keychain: Supply-chain vulnerability in IBM Cloud Databases for PostgreSQL allows potential for unauthorized database access	Cloud SQL Injection Privilege Escalation Information Disclosure	IBM	Ronen Shustin (@Ronenshh) Shir Tamari (@Shirtamari)
XSS Vulnerability in IBM Content Navigator (CVE-2020-4757)	XSS	IBM	Olivier Laflamme (@Olivier_boschko)
Bygone Vulnerabilities - Remote Code Execution in IBM Lotus SameTime Clients (CVE-2013-0553)	XSS RCE	IBM	Brian (@Hoyahaxa)
How I was able to access IBM internal documents	Information Disclosure IDOR	IBM	Mohamed Taha (@Mohamed12742780)
HigherLogic Community RCE Vulnerability	Insecure Deserialization RCE	8x8 IBM	0daystolive (@0daystolive)
My write-up in hacking IBM’s administration panel and getting SQLi on it	SQL Injection Broken Access Control	IBM	Momen Ali (Cyber Guy) (@TheCyberGuy0)
Shells And SOAP: Websphere Deserialization To RCE	RCE Insecure Deserialization	IBM	Wyatt Dahlenburg (@Wdahlenb)
How to Harpon Big Blue!	Logic Flaw Exposed Registration Page	IBM	Clark Voss (@Clark_voss)
How I Found Sql Injection on 8x8 , Cengage,Comodo,Automattic,20 company	SQL Injection	Automattic IBM 8x8	Ahmad a Abdulla (@Lu3ky13)
How I hacked IBM and got full access on many services?	Information Disclosure	IBM	Abdullah Mohamed (@3bodymo_)
IBM Datapower Exploit CVE-2020-5014	SSRF HTTP Request Smuggling	IBM	Thomas Cope
IBM HMC Exploit CVE-2021-29707	Local Privilege Escalation	IBM	Thomas Cope
XXE in IBM’s MaaS360 Platform	XXE	IBM	Cody Wass
[Critical] Bypass CSRF protection on IBM	CSRF	IBM	Mohamed Sayed (@FlEx0Geek)
How I Hacked [Oculus] OAuth +Ebay +IBM	Unrestricted File Upload XSS	Meta / Facebook Ebay IBM AnswerHub	Abdullah Hussam (@Abdulahhusam)

Page 1 of 1