Filtered by vendor Ibm
Subscribe
Total
7009 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-31773 | 1 Ibm | 1 Datapower Gateway | 2022-08-31 | N/A | 8.8 HIGH |
| IBM DataPower Gateway V10CD, 10.0.1, and 2018.4.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 228357. | |||||
| CVE-2021-29891 | 1 Ibm | 8 Hardware Management Console 7063-cr2, Hardware Management Console 7063-cr2 Firmware, Power System Ac922 \(8335-gtg\) and 5 more | 2022-08-25 | N/A | 4.9 MEDIUM |
| IBM OPENBMC OP910 and OP940 could allow a privileged user to upload an improper site identity certificate that may cause it to lose network services. IBM X-Force ID: 207221. | |||||
| CVE-2022-22489 | 3 Ibm, Linux, Microsoft | 3 Mq, Linux Kernel, Windows | 2022-08-22 | N/A | 9.1 CRITICAL |
| IBM MQ 8.0, (9.0, 9.1, 9.2 LTS), and (9.1 and 9.2 CD) are vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 226339. | |||||
| CVE-2022-22455 | 1 Ibm | 1 Security Verify Governance | 2022-08-19 | N/A | 9.8 CRITICAL |
| IBM Security Verify Governance Identity Manager 10.0 virtual appliance component performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses. IBM X-Force ID: 224989. | |||||
| CVE-2021-39086 | 5 Hp, Ibm, Linux and 2 more | 6 Hp-ux, Aix, Sterling File Gateway and 3 more | 2022-08-17 | N/A | 5.3 MEDIUM |
| IBM Sterling File Gateway 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 through 6.1.1.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 215889. | |||||
| CVE-2021-39087 | 5 Hp, Ibm, Linux and 2 more | 6 Hp-ux, Aix, Sterling B2b Integrator and 3 more | 2022-08-17 | N/A | 6.5 MEDIUM |
| IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 through 6.1.1.1 could allow an authenticated user to obtain sensitive information due to improper permission controls. IBM X-Force ID: 216109. | |||||
| CVE-2021-39085 | 5 Hp, Ibm, Linux and 2 more | 6 Hp-ux, Aix, Sterling B2b Integrator and 3 more | 2022-08-17 | N/A | 9.8 CRITICAL |
| IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 through 6.1.1.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 215888. | |||||
| CVE-2021-39035 | 5 Hp, Ibm, Linux and 2 more | 6 Hp-ux, Aix, Sterling B2b Integrator and 3 more | 2022-08-17 | N/A | 5.4 MEDIUM |
| IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 through 6.1.1.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 213965. | |||||
| CVE-1999-0903 | 1 Ibm | 1 Aix | 2022-08-17 | 7.5 HIGH | N/A |
| genfilt in the AIX Packet Filtering Module does not properly filter traffic to destination ports greater than 32767. | |||||
| CVE-1999-0111 | 1 Ibm | 1 Aix | 2022-08-17 | 5.0 MEDIUM | N/A |
| RIP v1 is susceptible to spoofing. | |||||
| CVE-1999-0628 | 4 Freebsd, Ibm, Linux and 1 more | 4 Freebsd, Aix, Linux Kernel and 1 more | 2022-08-17 | 5.0 MEDIUM | N/A |
| The rwho/rwhod service is running, which exposes machine status and user information. | |||||
| CVE-1999-0627 | 1 Ibm | 1 Aix | 2022-08-17 | N/A | N/A |
| The rexd service is running, which uses weak authentication that can allow an attacker to execute commands. | |||||
| CVE-1999-0566 | 1 Ibm | 1 Aix | 2022-08-17 | 5.0 MEDIUM | N/A |
| An attacker can write to syslog files from any location, causing a denial of service by filling up the logs, and hiding activities. | |||||
| CVE-1999-0513 | 7 Digital, Freebsd, Hp and 4 more | 8 Unix, Freebsd, Hp-ux and 5 more | 2022-08-17 | 5.0 MEDIUM | N/A |
| ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service. | |||||
| CVE-1999-0338 | 1 Ibm | 1 Aix | 2022-08-17 | 7.2 HIGH | N/A |
| AIX Licensed Program Product performance tools allow local users to gain root access. | |||||
| CVE-1999-0337 | 1 Ibm | 1 Aix | 2022-08-17 | 7.5 HIGH | N/A |
| AIX batch queue (bsh) allows local and remote users to gain additional privileges when network printing is enabled. | |||||
| CVE-1999-0318 | 4 Hp, Ibm, Redhat and 1 more | 5 Hp-ux, Aix, Linux and 2 more | 2022-08-17 | 7.2 HIGH | N/A |
| Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable. | |||||
| CVE-1999-0284 | 2 Ibm, Microsoft | 2 Lotus Domino Mail Server, Exchange Server | 2022-08-17 | 7.5 HIGH | N/A |
| Denial of service to NT mail servers including Ipswitch, Mdaemon, and Exchange through a buffer overflow in the SMTP HELO command. | |||||
| CVE-1999-0208 | 3 Ibm, Nec, Sgi | 5 Aix, Asl Ux 4800, Ews-ux V and 2 more | 2022-08-17 | 10.0 HIGH | N/A |
| rpc.ypupdated (NIS) allows remote users to execute arbitrary commands. | |||||
| CVE-1999-0138 | 7 Apple, Digital, Freebsd and 4 more | 9 A Ux, Osf 1, Freebsd and 6 more | 2022-08-17 | 7.2 HIGH | N/A |
| The suidperl and sperl program do not give up root privileges when changing UIDs back to the original users, allowing root access. | |||||