Filtered by vendor Ibm
Subscribe
Total
7009 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-34330 | 3 Ibm, Linux, Microsoft | 4 Aix, Sterling B2b Integrator, Linux Kernel and 1 more | 2023-11-07 | N/A | 6.1 MEDIUM |
| IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 229469. | |||||
| CVE-2022-34329 | 1 Ibm | 1 Cics Tx | 2023-11-07 | N/A | 5.3 MEDIUM |
| IBM CICS TX 11.7 could allow an attacker to obtain sensitive information from HTTP response headers. IBM X-Force ID: 229467. | |||||
| CVE-2022-34320 | 1 Ibm | 1 Cics Tx | 2023-11-07 | N/A | 7.5 HIGH |
| IBM CICS TX 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 229464. | |||||
| CVE-2022-34319 | 1 Ibm | 1 Cics Tx | 2023-11-07 | N/A | 7.5 HIGH |
| IBM CICS TX 11.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 229463. | |||||
| CVE-2022-34318 | 1 Ibm | 1 Cics Tx | 2023-11-07 | N/A | 6.1 MEDIUM |
| IBM CICS TX 11.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 229461. | |||||
| CVE-2022-34317 | 1 Ibm | 1 Cics Tx | 2023-11-07 | N/A | 5.4 MEDIUM |
| IBM CICS TX 11.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 229459. | |||||
| CVE-2022-34316 | 1 Ibm | 1 Cics Tx | 2023-11-07 | N/A | 5.3 MEDIUM |
| IBM CICS TX 11.1 does not neutralize or incorrectly neutralizes web scripting syntax in HTTP headers that can be used by web browser components that can process raw headers. IBM X-Force ID: 229452. | |||||
| CVE-2022-34315 | 1 Ibm | 1 Cics Tx | 2023-11-07 | N/A | 5.4 MEDIUM |
| IBM CICS TX 11.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 229451. | |||||
| CVE-2022-34314 | 1 Ibm | 1 Cics Tx | 2023-11-07 | N/A | 3.3 LOW |
| IBM CICS TX 11.1 could disclose sensitive information to a local user due to insecure permission settings. IBM X-Force ID: 229450. | |||||
| CVE-2022-34313 | 1 Ibm | 1 Cics Tx | 2023-11-07 | N/A | 3.1 LOW |
| IBM CICS TX 11.1 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. X-Force ID: 229449. | |||||
| CVE-2022-34312 | 1 Ibm | 1 Cics Tx | 2023-11-07 | N/A | 3.3 LOW |
| IBM CICS TX 11.1 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 229447. | |||||
| CVE-2022-33959 | 1 Ibm | 1 Sterling Order Management | 2023-11-07 | N/A | 8.1 HIGH |
| IBM Sterling Order Management 10.0 could allow a user to bypass validation and perform unauthorized actions on behalf of other users. IBM X-Force ID: 229320. | |||||
| CVE-2022-31772 | 5 Hp, Ibm, Linux and 2 more | 8 Hp-ux, Aix, I and 5 more | 2023-11-07 | N/A | 6.5 MEDIUM |
| IBM MQ 8.0, 9.0 LTS, 9.1 CD, 9.1 LTS, 9.2 CD, and 9.2 LTS could allow an authenticated and authorized user to cause a denial of service to the MQTT channels. IBM X-Force ID: 228335. | |||||
| CVE-2022-22488 | 1 Ibm | 6 Power System Ac922 \(8335-gtg\), Power System Ac922 \(8335-gtg\) Firmware, Power System Ac922 \(8335-gth\) and 3 more | 2023-11-07 | N/A | 4.9 MEDIUM |
| IBM OpenBMC OP910 and OP940 could allow a privileged user to cause a denial of service by uploading or deleting too many CA certificates in a short period of time. IBM X-Force ID: 2226337. | |||||
| CVE-2022-22486 | 1 Ibm | 1 Tivoli Workload Scheduler | 2023-11-07 | N/A | 9.1 CRITICAL |
| IBM Tivoli Workload Scheduler 9.4, 9.5, and 10.1 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 226328. | |||||
| CVE-2022-22470 | 1 Ibm | 1 Security Verify Governance | 2023-11-07 | N/A | 5.5 MEDIUM |
| IBM Security Verify Governance 10.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 225232. | |||||
| CVE-2022-22462 | 2 Ibm, Linux | 2 Security Verify Governance, Linux Kernel | 2023-11-07 | N/A | 7.5 HIGH |
| IBM Security Verify Governance, Identity Manager virtual appliance component 10.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 225078. | |||||
| CVE-2022-22461 | 2 Ibm, Linux | 2 Security Verify Governance, Linux Kernel | 2023-11-07 | N/A | 7.5 HIGH |
| IBM Security Verify Governance, Identity Manager 10.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 225007. | |||||
| CVE-2022-22458 | 2 Ibm, Linux | 2 Security Verify Governance, Linux Kernel | 2023-11-07 | N/A | 6.5 MEDIUM |
| IBM Security Verify Governance, Identity Manager 10.0.1 stores user credentials in plain clear text which can be read by a remote authenticated user. IBM X-Force ID: 225009. | |||||
| CVE-2022-22457 | 2 Ibm, Linux | 2 Security Verify Governance, Linux Kernel | 2023-11-07 | N/A | 4.4 MEDIUM |
| IBM Security Verify Governance, Identity Manager 10.0.1 stores sensitive information including user credentials in plain clear text which can be read by a local privileged user. IBM X-Force ID: 225007. | |||||