Filtered by vendor Linux
Subscribe
Total
10330 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-22489 | 3 Ibm, Linux, Microsoft | 3 Mq, Linux Kernel, Windows | 2024-11-21 | N/A | 9.1 CRITICAL |
| IBM MQ 8.0, (9.0, 9.1, 9.2 LTS), and (9.1 and 9.2 CD) are vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 226339. | |||||
| CVE-2022-22487 | 3 Ibm, Linux, Microsoft | 4 Aix, Spectrum Protect Server, Linux Kernel and 1 more | 2024-11-21 | 5.0 MEDIUM | 9.8 CRITICAL |
| An IBM Spectrum Protect storage agent could allow a remote attacker to perform a brute force attack by allowing unlimited attempts to login to the storage agent without locking the administrative ID. A remote attacker could exploit this vulnerability using brute force techniques to gain unauthorized administrative access to both the IBM Spectrum Protect storage agent and the IBM Spectrum Protect Server 8.1.0.000 through 8.1.14 with which it communicates. IBM X-Force ID: 226326. | |||||
| CVE-2022-22485 | 3 Ibm, Linux, Microsoft | 4 Aix, Spectrum Protect Operations Center, Linux Kernel and 1 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| In some cases, an unsuccessful attempt to log into IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.14.000 does not cause the administrator's invalid sign-on count to be incremented on the IBM Spectrum Protect Server. An attacker could exploit this vulnerability using brute force techniques to gain unauthorized administrative access to the IBM Spectrum Protect Server. IBM X-Force ID: 226325. | |||||
| CVE-2022-22484 | 3 Ibm, Linux, Microsoft | 4 Aix, Spectrum Protect, Linux Kernel and 1 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| IBM Spectrum Protect Operations Center 8.1.12 and 8.1.13 could allow a local attacker to obtain sensitive information, caused by plain text user account passwords potentially being stored in the browser's application command history. By accessing browser history, an attacker could exploit this vulnerability to obtain other user accounts' passwords. IBM X-Force ID: 226322. | |||||
| CVE-2022-22483 | 5 Hp, Ibm, Linux and 2 more | 6 Hp-ux, Aix, Db2 and 3 more | 2024-11-21 | N/A | 6.5 MEDIUM |
| IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to an information disclosure in some scenarios due to unauthorized access caused by improper privilege management when CREATE OR REPLACE command is used. IBM X-Force ID: 225979. | |||||
| CVE-2022-22480 | 2 Ibm, Linux | 2 Qradar Security Information And Event Manager, Linux Kernel | 2024-11-21 | N/A | 7.5 HIGH |
| IBM QRadar SIEM 7.4 and 7.5 data node rebalancing does not function correctly when using encrypted hosts which could result in information disclosure. IBM X-Force ID: 225889. | |||||
| CVE-2022-22479 | 2 Ibm, Linux | 2 Spectrum Copy Data Management, Linux Kernel | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| IBM Spectrum Copy Data Management 2.2.0.0through 2.2.15.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 225887. | |||||
| CVE-2022-22478 | 6 Apple, Hp, Ibm and 3 more | 7 Macos, Hp-ux, Aix and 4 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| IBM Spectrum Protect Client 8.1.0.0 through 8.1.14.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 225886. | |||||
| CVE-2022-22477 | 5 Hp, Ibm, Linux and 2 more | 8 Hp-ux, Aix, I and 5 more | 2024-11-21 | N/A | 6.1 MEDIUM |
| IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 225605. | |||||
| CVE-2022-22473 | 5 Hp, Ibm, Linux and 2 more | 8 Hp-ux, Aix, I and 5 more | 2024-11-21 | N/A | 5.3 MEDIUM |
| IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to obtain sensitive information caused by improper handling of Administrative Console data. This information could be used in further attacks against the system. IBM X-Force ID: 225347. | |||||
| CVE-2022-22472 | 2 Ibm, Linux | 2 Spectrum Protect Plus Container Backup And Restore, Linux Kernel | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| IBM Spectrum Protect Plus Container Backup and Restore (10.1.5 through 10.1.10.2 for Kubernetes and 10.1.7 through 10.1.10.2 for Red Hat OpenShift) could allow a remote attacker to bypass IBM Spectrum Protect Plus role based access control restrictions, caused by improper disclosure of session information. By retrieving the logs of a container an attacker could exploit this vulnerability to bypass login security of the IBM Spectrum Protect Plus server and gain unauthorized access based on the permissions of the IBM Spectrum Protect Plus user to the vulnerable Spectrum Protect Plus server software. IBM X-Force ID: 225340. | |||||
| CVE-2022-22462 | 2 Ibm, Linux | 2 Security Verify Governance, Linux Kernel | 2024-11-21 | N/A | 3.7 LOW |
| IBM Security Verify Governance, Identity Manager virtual appliance component 10.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 225078. | |||||
| CVE-2022-22460 | 2 Ibm, Linux | 2 Security Verify Governance, Linux Kernel | 2024-11-21 | N/A | 7.5 HIGH |
| IBM Security Verify Identity Manager 10.0 contains sensitive information in the source code repository that could be used in further attacks against the system. IBM X-Force ID: 225013. | |||||
| CVE-2022-22454 | 3 Ibm, Linux, Microsoft | 4 Aix, Infosphere Information Server On Cloud, Linux Kernel and 1 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| IBM InfoSphere Information Server 11.7 could allow a locally authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. | |||||
| CVE-2022-22453 | 2 Ibm, Linux | 2 Security Verify Governance, Linux Kernel | 2024-11-21 | N/A | 7.5 HIGH |
| IBM Security Verify Identity Manager 10.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 224919. | |||||
| CVE-2022-22452 | 2 Ibm, Linux | 2 Security Verify Governance, Linux Kernel | 2024-11-21 | N/A | 7.5 HIGH |
| IBM Security Verify Identity Manager 10.0 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 224918. | |||||
| CVE-2022-22450 | 2 Ibm, Linux | 2 Security Verify Governance, Linux Kernel | 2024-11-21 | N/A | 3.8 LOW |
| IBM Security Verify Identity Manager 10.0 could allow a privileged user to upload a malicious file by bypassing extension security in an HTTP request. IBM X-Force ID: 224916. | |||||
| CVE-2022-22426 | 2 Ibm, Linux | 2 Spectrum Copy Data Management, Linux Kernel | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| IBM Spectrum Copy Data Management Admin 2.2.0.0 through 2.2.15.0 could allow a local attacker to bypass authentication restrictions, caused by the lack of proper session management. An attacker could exploit this vulnerability to bypass authentication and gain unauthorized access to the Spectrum Copy Data Management catalog which contains metadata. IBM X-Force ID: 223718. | |||||
| CVE-2022-22424 | 2 Ibm, Linux | 2 Qradar Security Information And Event Manager, Linux Kernel | 2024-11-21 | N/A | 5.5 MEDIUM |
| IBM QRadar SIEM 7.3, 7.4, and 7.5 could allow a local user to obtain sensitive information from the TLS key file due to incorrect file permissions. IBM X-Force ID: 223597. | |||||
| CVE-2022-22411 | 2 Ibm, Linux | 2 Spectrum Scale Data Access Services, Linux Kernel | 2024-11-21 | N/A | 6.5 MEDIUM |
| IBM Spectrum Scale Data Access Services (DAS) 5.1.3.1 could allow an authenticated user to insert code which could allow the attacker to manipulate cluster resources due to excessive permissions. IBM X-Force ID: 223016. | |||||