Export limit exceeded: 34736 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (34736 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-22434 | 2 Ibm, Microsoft | 3 Robotic Process Automation, Robotic Process Automation As A Service, Windows | 2024-11-21 | 4.6 Medium |
| IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could allow a user with physical access to create an API request modified to create additional objects. IBM X-Force ID: 224159. | ||||
| CVE-2022-22426 | 2 Ibm, Linux | 2 Spectrum Copy Data Management, Linux Kernel | 2024-11-21 | 3.3 Low |
| IBM Spectrum Copy Data Management Admin 2.2.0.0 through 2.2.15.0 could allow a local attacker to bypass authentication restrictions, caused by the lack of proper session management. An attacker could exploit this vulnerability to bypass authentication and gain unauthorized access to the Spectrum Copy Data Management catalog which contains metadata. IBM X-Force ID: 223718. | ||||
| CVE-2022-22415 | 2 Ibm, Microsoft | 2 Robotic Process Automation, Windows | 2024-11-21 | 6.5 Medium |
| A vulnerability exists where an IBM Robotic Process Automation 21.0.1 regular user is able to obtain view-only access to some admin pages in the Control Center IBM X-Force ID: 223029. | ||||
| CVE-2022-22414 | 2 Ibm, Microsoft | 2 Robotic Process Automation, Windows | 2024-11-21 | 5.5 Medium |
| IBM Robotic Process Automation 21.0.2 could allow a local user to obtain sensitive web service configuration credentials from system memory. IBM X-Force ID: 223026. | ||||
| CVE-2022-22412 | 2 Ibm, Microsoft | 2 Robotic Process Automation, Windows | 2024-11-21 | 4.6 Medium |
| IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could allow a user with access to the local host (client machine) to obtain a login access token. IBM X-Force ID: 223019. | ||||
| CVE-2022-22410 | 1 Ibm | 1 Watson Query | 2024-11-21 | 7.2 High |
| IBM Watson Query with Cloud Pak for Data as a Service could allow an authenticated user to obtain sensitive information that would allow them to examine or alter system configurations or data sources connected to the service. IBM X-Force ID: 222763. | ||||
| CVE-2022-22409 | 2 Ibm, Linux | 2 Aspera Faspex, Linux Kernel | 2024-11-21 | 5.3 Medium |
| IBM Aspera Faspex 5.0.5 could allow a remote attacker to gather sensitive information about the web application, caused by an insecure configuration. IBM X-Force ID: 222592. | ||||
| CVE-2022-22393 | 1 Ibm | 1 Websphere Application Server | 2024-11-21 | 6.5 Medium |
| IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.5 , with the adminCenter-1.0 feature configured, could allow an authenticated user to issue a request to obtain the status of HTTP/HTTPS ports which are accessible by the application server. IBM X-Force ID: 222078. | ||||
| CVE-2022-22391 | 1 Ibm | 2 Aspera High-speed Transfer Endpoint, Aspera High-speed Transfer Server | 2024-11-21 | 4.3 Medium |
| IBM Aspera High-Speed Transfer 4.3.1 and earlier could allow an authenticated user to obtain information from non sensitive operating system files that they should not have access to. IBM X-Force ID: 222059. | ||||
| CVE-2022-22374 | 1 Ibm | 2 Power 9 Ac922, Power 9 Ac922 Firmware | 2024-11-21 | 9.1 Critical |
| The BMC (IBM Power 9 AC922 OP910, OP920, OP930, and OP940) may be subject to a firmware downgrade attack which may affect its ability to operate its host. IBM X-Force ID: 221442. | ||||
| CVE-2022-22373 | 3 Ibm, Linux, Microsoft | 4 Aix, Infosphere Information Server, Linux Kernel and 1 more | 2024-11-21 | 5.4 Medium |
| An improper validation vulnerability in IBM InfoSphere Information Server 11.7 Pack for SAP Apps and BW Packs may lead to creation of directories and files on the server file system that may contain non-sensitive debugging information like stack traces. IBM X-Force ID: 221323. | ||||
| CVE-2022-22369 | 1 Ibm | 1 Workload Scheduler | 2024-11-21 | 7.1 High |
| IBM Workload Scheduler 9.4 and 9.5 could allow a local user to overwrite key system files which would cause the system to crash. IBM X-Force ID: 221187. | ||||
| CVE-2022-22365 | 1 Ibm | 1 Websphere Application Server | 2024-11-21 | 5.9 Medium |
| IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0, with the Ajax Proxy Web Application (AjaxProxy.war) deployed, is vulnerable to spoofing by allowing a man-in-the-middle attacker to spoof SSL server hostnames. IBM X-Force ID: 220904. | ||||
| CVE-2022-22355 | 1 Ibm | 1 Mq Appliance | 2024-11-21 | 5.3 Medium |
| IBM MQ Appliance 9.2 CD and 9.2 LTS are vulnerable to a denial of service in the Login component of the application which could allow an attacker to cause a drop in performance. | ||||
| CVE-2022-22354 | 2 Ibm, Linux | 3 Spectrum Copy Data Management, Spectrum Protect Plus, Linux Kernel | 2024-11-21 | 7.5 High |
| IBM Spectrum Protect Plus 10.1.0.0 through 10.1.9.2 and IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.14.3 do not limit the length of a connection which could allow for a Slowloris HTTP denial of service attack to take place. This can cause the Admin Console to become unresponsive. IBM X-Force ID: 220485. | ||||
| CVE-2022-22353 | 2 Cloudera, Ibm | 3 Data Platform, Big Sql, Cloud Pak For Data | 2024-11-21 | 6.5 Medium |
| IBM Big SQL on IBM Cloud Pak for Data 7.1.0, 7.1.1, 7.2.0, and 7.2.3 could allow an authenticated user with appropriate permissions to obtain sensitive information by bypassing data masking rules using a CREATE TABLE SELECT statement. IBM X-Force ID: 220480. | ||||
| CVE-2022-22351 | 1 Ibm | 2 Aix, Vios | 2024-11-21 | 8.6 High |
| IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged trusted host user to exploit a vulnerability in the nimsh daemon to cause a denial of service in the nimsh daemon on another trusted host. IBM X-Force ID: 220396 | ||||
| CVE-2022-22350 | 1 Ibm | 2 Aix, Vios | 2024-11-21 | 5.5 Medium |
| IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in CAA to cause a denial of service. IBM X-Force ID: 220394. | ||||
| CVE-2022-22334 | 1 Ibm | 1 Robotic Process Automation | 2024-11-21 | 4.3 Medium |
| IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could allow a user to access information from a tenant of which they should not have access. IBM X-Force ID: 219391. | ||||
| CVE-2022-22329 | 2 Ibm, Linux | 2 Control Desk, Linux Kernel | 2024-11-21 | 4.3 Medium |
| IBM Control Desk 7.6.1 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 219124. | ||||