Search Results (Refine Search)
- CPE Product Version: cpe:/o:linux:linux_kernel:-
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2022-41733 |
IBM InfoSphere Information Server 11.7 could allow a remote attacked to cause some of the components to be unusable until the process is restarted. IBM X-Force ID: 237583. Published: January 20, 2023; 2:15:15 PM -0500 |
V4.0:(not available) V3.1: 5.3 MEDIUM V2.0:(not available) |
CVE-2021-39089 |
IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.6.0 could allow an authenticated user to obtain sensitive information from a specially crafted HTTP request. IBM X-Force ID: 216387. Published: January 20, 2023; 2:15:13 PM -0500 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0:(not available) |
CVE-2021-39011 |
IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.6.0 stores potentially sensitive information in log files that could be read by a privileged user. IBM X-Force ID: 213645. Published: January 20, 2023; 2:15:13 PM -0500 |
V4.0:(not available) V3.1: 4.9 MEDIUM V2.0:(not available) |
CVE-2022-47929 |
In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with "tc qdisc" and "tc class" commands. This affects qdisc_graft in net/sched/sch_api.c. Published: January 17, 2023; 4:15:14 PM -0500 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2023-22875 |
IBM QRadar SIEM 7.4 and 7.5copies certificate key files used for SSL/TLS in the QRadar web user interface to managed hosts in the deployment that do not require that key. IBM X-Force ID: 244356. Published: January 17, 2023; 2:15:11 PM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2022-41858 |
A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in progress to detach in sl_tx_timeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel information. Published: January 17, 2023; 1:15:11 PM -0500 |
V4.0:(not available) V3.1: 7.1 HIGH V2.0:(not available) |
CVE-2020-36611 |
Incorrect Default Permissions vulnerability in Hitachi Tuning Manager on Linux (Hitachi Tuning Manager server, Hitachi Tuning Manager - Agent for RAID, Hitachi Tuning Manager - Agent for NAS, Hitachi Tuning Manager - Agent for SAN Switch components) allows local users to read and write specific files.This issue affects Hitachi Tuning Manager: before 8.8.5-00. Published: January 16, 2023; 9:15:09 PM -0500 |
V4.0:(not available) V3.1: 7.1 HIGH V2.0:(not available) |
CVE-2022-40615 |
IBM Sterling Partner Engagement Manager 6.1, 6.2, and 6.2.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 236208. Published: January 11, 2023; 12:15:09 PM -0500 |
V4.0:(not available) V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2022-34335 |
IBM Sterling Partner Engagement Manager 6.1.2, 6.2.0, and 6.2.1 could allow an authenticated user to exhaust server resources which could lead to a denial of service. IBM X-Force ID: 229705. Published: January 11, 2023; 12:15:09 PM -0500 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0:(not available) |
CVE-2022-4382 |
A use-after-free flaw caused by a race among the superblock operations in the gadgetfs Linux driver was found. It could be triggered by yanking out a device that is running the gadgetfs side. Published: January 10, 2023; 5:15:14 PM -0500 |
V4.0:(not available) V3.1: 6.4 MEDIUM V2.0:(not available) |
CVE-2022-43534 |
A vulnerability in the ClearPass OnGuard Linux agent could allow malicious users on a Linux instance to elevate their user privileges. A successful exploit could allow these users to execute arbitrary code with root level privileges on the Linux instance in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x: 6.10.7 and below and ClearPass Policy Manager 6.9.x: 6.9.12 and below. Published: January 05, 2023; 2:15:13 AM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2022-34330 |
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 229469. Published: January 05, 2023; 2:15:09 AM -0500 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0:(not available) |
CVE-2022-22371 |
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 does not invalidate session after a password change which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 221195. Published: January 05, 2023; 2:15:09 AM -0500 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0:(not available) |
CVE-2022-45052 |
A Local File Inclusion vulnerability has been found in Axiell Iguana CMS. Due to insufficient neutralisation of user input on the url parameter on the Proxy.type.php endpoint, external users are capable of accessing files on the server. Published: January 04, 2023; 2:15:09 PM -0500 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0:(not available) |
CVE-2022-45051 |
A reflected XSS vulnerability has been found in Axiell Iguana CMS, allowing an attacker to execute code in a victim's browser. The module parameter on the Service.template.cls endpoint does not properly neutralise user input, resulting in the vulnerability. Published: January 04, 2023; 2:15:09 PM -0500 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0:(not available) |
CVE-2022-45049 |
A reflected XSS vulnerability has been found in Axiell Iguana CMS, allowing an attacker to execute code in a victim's browser. The url parameter on the novelist.php endpoint does not properly neutralise user input, resulting in the vulnerability. Published: January 04, 2023; 2:15:09 PM -0500 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0:(not available) |
CVE-2022-42264 |
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause the use of an out-of-range pointer offset, which may lead to data tampering, data loss, information disclosure, or denial of service. Published: December 30, 2022; 6:15:11 PM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2022-42263 |
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an Integer overflow may lead to denial of service or information disclosure. Published: December 30, 2022; 6:15:11 PM -0500 |
V4.0:(not available) V3.1: 7.1 HIGH V2.0:(not available) |
CVE-2022-42262 |
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where an input index is not validated, which may lead to buffer overrun, which in turn may cause data tampering, information disclosure, or denial of service. Published: December 30, 2022; 6:15:11 PM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2022-42261 |
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where an input index is not validated, which may lead to buffer overrun, which in turn may cause data tampering, information disclosure, or denial of service. Published: December 30, 2022; 6:15:11 PM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |