Vulnerabilities (CVE)

Filtered by vendor Ibm Subscribe
Filtered by product Aix
Total 706 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-43382 1 Ibm 2 Aix, Vios 2024-11-21 N/A 6.2 MEDIUM
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1could allow a local user with elevated privileges to exploit a vulnerability in the lpd daemon to cause a denial of service. IBM X-Force ID: 238641.
CVE-2022-42439 4 Ibm, Linux, Microsoft and 1 more 6 Aix, App Connect Enterprise, App Connect Enterprise Certified Container and 3 more 2024-11-21 N/A 6.8 MEDIUM
IBM App Connect Enterprise 11.0.0.17 through 11.0.0.19 and 12.0.4.0 and 12.0.5.0 contains an unspecified vulnerability in the Discovery Connector nodes which may cause a 3rd party system’s credentials to be exposed to a privileged attacker. IBM X-Force ID: 238211.
CVE-2022-42436 4 Ibm, Linux, Microsoft and 1 more 7 Aix, I, Linux On Ibm Z and 4 more 2024-11-21 N/A 4.0 MEDIUM
IBM MQ 8.0.0, 9.0.0, 9.1.0, 9.2.0, 9.3.0 Managed File Transfer could allow a local user to obtain sensitive information from diagnostic files. IBM X-Force ID: 238206.
CVE-2022-41291 3 Ibm, Linux, Microsoft 4 Aix, Infosphere Information Server, Linux Kernel and 1 more 2024-11-21 N/A 6.5 MEDIUM
IBM InfoSphere Information Server 11.7 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 236699.
CVE-2022-40753 3 Ibm, Linux, Microsoft 4 Aix, Infosphere Information Server, Linux Kernel and 1 more 2024-11-21 N/A 5.4 MEDIUM
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 236688.
CVE-2022-40752 3 Ibm, Linux, Microsoft 5 Aix, Infosphere Information Server, Infosphere Information Server On Cloud and 2 more 2024-11-21 N/A 9.8 CRITICAL
IBM InfoSphere DataStage 11.7 is vulnerable to a command injection vulnerability due to improper neutralization of special elements. IBM X-Force ID: 236687.
CVE-2022-40232 3 Ibm, Linux, Microsoft 4 Aix, Sterling B2b Integrator, Linux Kernel and 1 more 2024-11-21 N/A 6.3 MEDIUM
IBM Sterling B2B Integrator Standard Edition 6.1.0.0 through 6.1.1.1, and 6.1.2.0 could allow an authenticated user to perform actions they should not have access to due to improper permission controls. IBM X-Force ID: 235597.
CVE-2022-40231 3 Ibm, Linux, Microsoft 4 Aix, Sterling B2b Integrator, Linux Kernel and 1 more 2024-11-21 N/A 4.3 MEDIUM
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 and 6.1.0.0 through 6.1.2.0 could allow an authenticated user to perform unauthorized actions due to improper access controls. IBM X-Force ID: 235533.
CVE-2022-38391 3 Ibm, Linux, Microsoft 4 Aix, Spectrum Control, Linux Kernel and 1 more 2024-11-21 N/A 5.1 MEDIUM
IBM Spectrum Control 5.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 233982.
CVE-2022-36772 3 Ibm, Linux, Microsoft 4 Aix, Infosphere Information Server, Linux Kernel and 1 more 2024-11-21 N/A 6.5 MEDIUM
IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information that should only be available to a privileged user.
CVE-2022-36768 1 Ibm 2 Aix, Vios 2024-11-21 N/A 7.8 HIGH
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the invscout command to obtain root privileges. IBM X-Force ID: 232014.
CVE-2022-35720 3 Ibm, Linux, Microsoft 6 Aix, Linux On Ibm Z, Sterling External Authentication Server and 3 more 2024-11-21 N/A 2.3 LOW
IBM Sterling External Authentication Server 6.1.0 and IBM Sterling Secure Proxy 6.0.3 uses weaker than expected cryptographic algorithms during installation that could allow a local attacker to decrypt sensitive information. IBM X-Force ID: 231373.
CVE-2022-35715 3 Ibm, Linux, Microsoft 4 Aix, Infosphere Information Server, Linux Kernel and 1 more 2024-11-21 N/A 7.5 HIGH
IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in a stack trace. This information could be used in further attacks against the system. IBM X-Force ID: 231202.
CVE-2022-35637 5 Hp, Ibm, Linux and 2 more 6 Hp-ux, Aix, Db2 and 3 more 2024-11-21 N/A 6.5 MEDIUM
IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a denial of service after entering a malformed SQL statement into the Db2expln tool. IBM X-Force ID: 230823.
CVE-2022-34362 3 Ibm, Linux, Microsoft 5 Aix, Linux On Ibm Z, Sterling Secure Proxy and 2 more 2024-11-21 N/A 4.6 MEDIUM
IBM Sterling Secure Proxy 6.0.3 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 230523.
CVE-2022-34361 3 Ibm, Linux, Microsoft 5 Aix, Linux On Ibm Z, Sterling Secure Proxy and 2 more 2024-11-21 N/A 5.9 MEDIUM
IBM Sterling Secure Proxy 6.0.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 230522.
CVE-2022-34356 1 Ibm 2 Aix, Vios 2024-11-21 N/A 7.8 HIGH
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to obtain root privileges. IBM X-Force ID: 230502.
CVE-2022-34336 5 Hp, Ibm, Linux and 2 more 8 Hp-ux, Aix, I and 5 more 2024-11-21 N/A 5.4 MEDIUM
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 229714.
CVE-2022-34330 3 Ibm, Linux, Microsoft 4 Aix, Sterling B2b Integrator, Linux Kernel and 1 more 2024-11-21 N/A 6.1 MEDIUM
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 229469.
CVE-2022-34165 6 Apple, Hp, Ibm and 3 more 9 Macos, Hp-ux, Aix and 6 more 2024-11-21 N/A 5.4 MEDIUM
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.9 are vulnerable to HTTP header injection, caused by improper validation. This could allow an attacker to conduct various attacks against the vulnerable system, including cache poisoning and cross-site scripting. IBM X-Force ID: 229429.