Export limit exceeded: 35019 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (35019 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-22481 | 1 Ibm | 1 I | 2024-11-21 | 5.3 Medium |
| IBM Navigator for i 7.2, 7.3, and 7.4 (heritage version) could allow a remote attacker to obtain access to the web interface without valid credentials. By modifying the sign on request, an attacker can gain visibility to the fully qualified domain name of the target system and the navigator tasks page, however they do not gain the ability to perform those tasks on the system or see any specific system data. IBM X-Force ID: 225899. | ||||
| CVE-2022-22480 | 2 Ibm, Linux | 2 Qradar Security Information And Event Manager, Linux Kernel | 2024-11-21 | 7.5 High |
| IBM QRadar SIEM 7.4 and 7.5 data node rebalancing does not function correctly when using encrypted hosts which could result in information disclosure. IBM X-Force ID: 225889. | ||||
| CVE-2022-22475 | 1 Ibm | 2 Open Liberty, Websphere Application Server | 2024-11-21 | 6.5 Medium |
| IBM WebSphere Application Server Liberty and Open Liberty 17.0.0.3 through 22.0.0.5 are vulnerable to identity spoofing by an authenticated user. IBM X-Force ID: 225603. | ||||
| CVE-2022-22474 | 1 Ibm | 1 Spectrum Protect Client | 2024-11-21 | 7.5 High |
| IBM Spectrum Protect 8.1.0.0 through 8.1.14.0 dsmcad, dsmc, and dsmcsvc processes incorrectly handle certain read operations on TCP/IP sockets. This can result in a denial of service for IBM Spectrum Protect client operations. IBM X-Force ID: 225348. | ||||
| CVE-2022-22473 | 5 Hp, Ibm, Linux and 2 more | 8 Hp-ux, Aix, I and 5 more | 2024-11-21 | 5.3 Medium |
| IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to obtain sensitive information caused by improper handling of Administrative Console data. This information could be used in further attacks against the system. IBM X-Force ID: 225347. | ||||
| CVE-2022-22465 | 1 Ibm | 1 Security Verify Access | 2024-11-21 | 7.8 High |
| IBM Security Access Manager Appliance 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 could allow a local user to obtain elevated privileges due to improper access permissions. IBM X-Force ID: 225082. | ||||
| CVE-2022-22460 | 2 Ibm, Linux | 2 Security Verify Governance, Linux Kernel | 2024-11-21 | 7.5 High |
| IBM Security Verify Identity Manager 10.0 contains sensitive information in the source code repository that could be used in further attacks against the system. IBM X-Force ID: 225013. | ||||
| CVE-2022-22455 | 1 Ibm | 1 Security Verify Governance | 2024-11-21 | 9.8 Critical |
| IBM Security Verify Governance Identity Manager 10.0 virtual appliance component performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses. IBM X-Force ID: 224989. | ||||
| CVE-2022-22447 | 1 Ibm | 1 Disconnected Log Collector | 2024-11-21 | 4 Medium |
| IBM Disconnected Log Collector 1.0 through 1.8.2 is vulnerable to potential security misconfigurations that could disclose unintended information. IBM X-Force ID: 224648. | ||||
| CVE-2022-22445 | 1 Ibm | 1 Powervm Hypervisor | 2024-11-21 | 6.5 Medium |
| An attacker that gains service access to the FSP (POWER9 only) or gains admin authority to a partition can compromise partition firmware. | ||||
| CVE-2022-22444 | 1 Ibm | 2 Aix, Vios | 2024-11-21 | 5.5 Medium |
| IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a local user to exploit a vulnerability in the lpd daemon to cause a denial of service. IBM X-Force ID: 224444. | ||||
| CVE-2022-22441 | 1 Ibm | 1 Infosphere Information Server | 2024-11-21 | 6.5 Medium |
| IBM InfoSphere Information Server 11.7 could allow an authenticated user to view information of higher privileged users and groups due to a privilege escalation vulnerability. IBM X-Force ID: 224426. | ||||
| CVE-2022-22434 | 2 Ibm, Microsoft | 3 Robotic Process Automation, Robotic Process Automation As A Service, Windows | 2024-11-21 | 4.6 Medium |
| IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could allow a user with physical access to create an API request modified to create additional objects. IBM X-Force ID: 224159. | ||||
| CVE-2022-22426 | 2 Ibm, Linux | 2 Spectrum Copy Data Management, Linux Kernel | 2024-11-21 | 3.3 Low |
| IBM Spectrum Copy Data Management Admin 2.2.0.0 through 2.2.15.0 could allow a local attacker to bypass authentication restrictions, caused by the lack of proper session management. An attacker could exploit this vulnerability to bypass authentication and gain unauthorized access to the Spectrum Copy Data Management catalog which contains metadata. IBM X-Force ID: 223718. | ||||
| CVE-2022-22415 | 2 Ibm, Microsoft | 2 Robotic Process Automation, Windows | 2024-11-21 | 6.5 Medium |
| A vulnerability exists where an IBM Robotic Process Automation 21.0.1 regular user is able to obtain view-only access to some admin pages in the Control Center IBM X-Force ID: 223029. | ||||
| CVE-2022-22414 | 2 Ibm, Microsoft | 2 Robotic Process Automation, Windows | 2024-11-21 | 5.5 Medium |
| IBM Robotic Process Automation 21.0.2 could allow a local user to obtain sensitive web service configuration credentials from system memory. IBM X-Force ID: 223026. | ||||
| CVE-2022-22412 | 2 Ibm, Microsoft | 2 Robotic Process Automation, Windows | 2024-11-21 | 4.6 Medium |
| IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could allow a user with access to the local host (client machine) to obtain a login access token. IBM X-Force ID: 223019. | ||||
| CVE-2022-22410 | 1 Ibm | 1 Watson Query | 2024-11-21 | 7.2 High |
| IBM Watson Query with Cloud Pak for Data as a Service could allow an authenticated user to obtain sensitive information that would allow them to examine or alter system configurations or data sources connected to the service. IBM X-Force ID: 222763. | ||||
| CVE-2022-22409 | 2 Ibm, Linux | 2 Aspera Faspex, Linux Kernel | 2024-11-21 | 5.3 Medium |
| IBM Aspera Faspex 5.0.5 could allow a remote attacker to gather sensitive information about the web application, caused by an insecure configuration. IBM X-Force ID: 222592. | ||||
| CVE-2022-22393 | 1 Ibm | 1 Websphere Application Server | 2024-11-21 | 6.5 Medium |
| IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.5 , with the adminCenter-1.0 feature configured, could allow an authenticated user to issue a request to obtain the status of HTTP/HTTPS ports which are accessible by the application server. IBM X-Force ID: 222078. | ||||