U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:2.3:o:ibm:aix:-:*:*:*:*:*:x86:*
  • CPE Name Search: true
There are 332 matching records.
Displaying matches 101 through 120.
Vuln ID Summary CVSS Severity
CVE-2022-41291

IBM InfoSphere Information Server 11.7 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 236699.

Published: October 07, 2022; 1:15:10 PM -0400
V3.1: 6.5 MEDIUM
V2.0:(not available)
CVE-2022-36772

IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information that should only be available to a privileged user.

Published: October 07, 2022; 1:15:10 PM -0400
V3.1: 6.5 MEDIUM
V2.0:(not available)
CVE-2022-40748

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 236586.

Published: September 23, 2022; 2:15:11 PM -0400
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2022-35721

IBM Jazz for Service Management 1.1.3 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 231380.

Published: September 23, 2022; 2:15:10 PM -0400
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2022-22423

IBM Common Cryptographic Architecture (CCA 5.x MTM for 4767 and CCA 7.x MTM for 4769) could allow a local user to cause a denial of service due to improper input validation. IBM X-Force ID: 223596.

Published: September 23, 2022; 2:15:10 PM -0400
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2022-35637

IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a denial of service after entering a malformed SQL statement into the Db2expln tool. IBM X-Force ID: 230823.

Published: September 13, 2022; 5:15:09 PM -0400
V3.1: 6.5 MEDIUM
V2.0:(not available)
CVE-2022-34336

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 229714.

Published: September 13, 2022; 5:15:09 PM -0400
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2022-22483

IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to an information disclosure in some scenarios due to unauthorized access caused by improper privilege management when CREATE OR REPLACE command is used. IBM X-Force ID: 225979.

Published: September 13, 2022; 5:15:09 PM -0400
V3.1: 6.5 MEDIUM
V2.0:(not available)
CVE-2022-34165

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.9 are vulnerable to HTTP header injection, caused by improper validation. This could allow an attacker to conduct various attacks against the vulnerable system, including cache poisoning and cross-site scripting. IBM X-Force ID: 229429.

Published: September 09, 2022; 12:15:08 PM -0400
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2021-39087

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 through 6.1.1.1 could allow an authenticated user to obtain sensitive information due to improper permission controls. IBM X-Force ID: 216109.

Published: August 16, 2022; 3:15:08 PM -0400
V3.1: 6.5 MEDIUM
V2.0:(not available)
CVE-2021-39086

IBM Sterling File Gateway 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 through 6.1.1.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 215889.

Published: August 16, 2022; 3:15:08 PM -0400
V3.1: 5.3 MEDIUM
V2.0:(not available)
CVE-2021-39085

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 through 6.1.1.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 215888.

Published: August 16, 2022; 3:15:08 PM -0400
V3.1: 9.8 CRITICAL
V2.0:(not available)
CVE-2021-39035

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 through 6.1.1.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 213965.

Published: August 16, 2022; 3:15:08 PM -0400
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2022-35715

IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in a stack trace. This information could be used in further attacks against the system. IBM X-Force ID: 231202.

Published: August 10, 2022; 1:15:09 PM -0400
V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2022-22477

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 225605.

Published: July 14, 2022; 1:15:08 PM -0400
V3.1: 6.1 MEDIUM
V2.0:(not available)
CVE-2022-22473

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to obtain sensitive information caused by improper handling of Administrative Console data. This information could be used in further attacks against the system. IBM X-Force ID: 225347.

Published: July 14, 2022; 1:15:08 PM -0400
V3.1: 5.3 MEDIUM
V2.0:(not available)
CVE-2022-22373

An improper validation vulnerability in IBM InfoSphere Information Server 11.7 Pack for SAP Apps and BW Packs may lead to creation of directories and files on the server file system that may contain non-sensitive debugging information like stack traces. IBM X-Force ID: 221323.

Published: July 01, 2022; 2:15:08 PM -0400
V3.1: 5.4 MEDIUM
V2.0: 5.5 MEDIUM
CVE-2022-22496

While a user account for the IBM Spectrum Protect Server 8.1.0.000 through 8.1.14 is being established, it may be configured to use SESSIONSECURITY=TRANSITIONAL. While in this mode, it may be susceptible to an offline dictionary attack. IBM X-Force ID: 226942.

Published: June 30, 2022; 1:15:07 PM -0400
V3.1: 6.5 MEDIUM
V2.0: 3.3 LOW
CVE-2022-22494

IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.14 could allow a remote attacker to gain details of the database, such as type and version, by sending a specially-crafted HTTP request. This information could then be used in future attacks. IBM X-Force ID: 226940.

Published: June 30, 2022; 1:15:07 PM -0400
V3.1: 5.3 MEDIUM
V2.0: 5.0 MEDIUM
CVE-2022-22487

An IBM Spectrum Protect storage agent could allow a remote attacker to perform a brute force attack by allowing unlimited attempts to login to the storage agent without locking the administrative ID. A remote attacker could exploit this vulnerability using brute force techniques to gain unauthorized administrative access to both the IBM Spectrum Protect storage agent and the IBM Spectrum Protect Server 8.1.0.000 through 8.1.14 with which it communicates. IBM X-Force ID: 226326.

Published: June 30, 2022; 1:15:07 PM -0400
V3.1: 9.8 CRITICAL
V2.0: 5.0 MEDIUM