Vulnerabilities (CVE)

Filtered by vendor Ibm Subscribe
Filtered by product Aix
Total 701 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-40231 3 Ibm, Linux, Microsoft 4 Aix, Sterling B2b Integrator, Linux Kernel and 1 more 2023-12-10 N/A 8.8 HIGH
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 and 6.1.0.0 through 6.1.2.0 could allow an authenticated user to perform unauthorized actions due to improper access controls. IBM X-Force ID: 235533.
CVE-2022-43578 3 Ibm, Linux, Microsoft 4 Aix, Sterling B2b Integrator, Linux Kernel and 1 more 2023-12-10 N/A 5.4 MEDIUM
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 and 6.1.0.0 through 6.1.2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 238683.
CVE-2022-35646 4 Ibm, Linux, Microsoft and 1 more 5 Aix, Security Verify Governance, Linux Kernel and 2 more 2023-12-10 N/A 5.3 MEDIUM
IBM Security Verify Governance, Identity Manager 10.0.1 software component could allow an authenticated user to modify or cancel any other user's access request using man-in-the-middle techniques. IBM X-Force ID: 231096.
CVE-2023-26281 5 Hp, Ibm, Linux and 2 more 7 Hp-ux, Aix, Http Server and 4 more 2023-12-10 N/A 7.5 HIGH
IBM HTTP Server 8.5 used by IBM WebSphere Application Server could allow a remote user to cause a denial of service using a specially crafted URL. IBM X-Force ID: 248296.
CVE-2022-41290 1 Ibm 2 Aix, Vios 2023-12-10 N/A 8.4 HIGH
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the rm_rlcache_file command to obtain root privileges. IBM X-Force ID: 236690.
CVE-2023-24960 3 Ibm, Linux, Microsoft 4 Aix, Infosphere Information Server, Linux Kernel and 1 more 2023-12-10 N/A 7.5 HIGH
IBM InfoSphere Information Server 11.7 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 246333
CVE-2022-34362 3 Ibm, Linux, Microsoft 5 Aix, Linux On Ibm Z, Sterling Secure Proxy and 2 more 2023-12-10 N/A 4.6 MEDIUM
IBM Sterling Secure Proxy 6.0.3 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 230523.
CVE-2023-23477 5 Hp, Ibm, Linux and 2 more 8 Hp-ux, Aix, I and 5 more 2023-12-10 N/A 9.8 CRITICAL
IBM WebSphere Application Server 8.5 and 9.0 traditional could allow a remote attacker to execute arbitrary code on the system with a specially crafted sequence of serialized objects. IBM X-Force ID: 245513.
CVE-2022-43917 5 Hp, Ibm, Linux and 2 more 8 Hp-ux, Aix, I and 5 more 2023-12-10 N/A 7.5 HIGH
IBM WebSphere Application Server 8.5 and 9.0 traditional container uses weaker than expected cryptographic keys that could allow an attacker to decrypt sensitive information. This affects only the containerized version of WebSphere Application Server traditional. IBM X-Force ID: 241045.
CVE-2022-38391 3 Ibm, Linux, Microsoft 4 Aix, Spectrum Control, Linux Kernel and 1 more 2023-12-10 N/A 7.5 HIGH
IBM Spectrum Control 5.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 233982.
CVE-2022-47990 1 Ibm 2 Aix, Vios 2023-12-10 N/A 7.8 HIGH
IBM AIX 7.1, 7.2, 7.3 and VIOS , 3.1 could allow a non-privileged local user to exploit a vulnerability in X11 to cause a buffer overflow that could result in a denial of service or arbitrary code execution. IBM X-Force ID: 243556.
CVE-2022-43579 3 Ibm, Linux, Microsoft 4 Aix, Sterling B2b Integrator, Linux Kernel and 1 more 2023-12-10 N/A 5.4 MEDIUM
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 and 6.1.0.0 through 6.1.2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 238684.
CVE-2022-42444 3 Ibm, Linux, Microsoft 4 Aix, App Connect Enterprise, Linux Kernel and 1 more 2023-12-10 N/A 6.5 MEDIUM
IBM App Connect Enterprise 11.0.0.8 through 11.0.0.19 and 12.0.1.0 through 12.0.5.0 is vulnerable to a buffer overflow. A remote privileged user could overflow a buffer and cause the application to crash. IBM X-Force ID: 238538.
CVE-2022-43875 2 Ibm, Linux 4 Aix, Financial Transaction Manager, Linux On Ibm Z and 1 more 2023-12-10 N/A 5.5 MEDIUM
IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 could allow an authenticated user to lock additional RM authorizations, resulting in a denial of service on displaying or managing these authorizations. IBM X-Force ID: 240034.
CVE-2023-24964 3 Ibm, Linux, Microsoft 4 Aix, Infosphere Information Server, Linux Kernel and 1 more 2023-12-10 N/A 5.5 MEDIUM
IBM InfoSphere Information Server 11.7 could allow a local user to obtain sensitive information from a log files. IBM X-Force ID: 246463.
CVE-2022-43929 5 Hp, Ibm, Linux and 2 more 6 Hp-ux, Aix, Db2 and 3 more 2023-12-10 N/A 7.5 HIGH
IBM Db2 for Linux, UNIX and Windows 11.1 and 11.5 may be vulnerable to a Denial of Service when executing a specially crafted 'Load' command. IBM X-Force ID: 241676.
CVE-2022-40232 3 Ibm, Linux, Microsoft 4 Aix, Sterling B2b Integrator, Linux Kernel and 1 more 2023-12-10 N/A 8.8 HIGH
IBM Sterling B2B Integrator Standard Edition 6.1.0.0 through 6.1.1.1, and 6.1.2.0 could allow an authenticated user to perform actions they should not have access to due to improper permission controls. IBM X-Force ID: 235597.
CVE-2022-43848 1 Ibm 2 Aix, Vios 2023-12-10 N/A 6.2 MEDIUM
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX perfstat kernel extension to cause a denial of service. IBM X-Force ID: 239169.
CVE-2022-34361 3 Ibm, Linux, Microsoft 5 Aix, Linux On Ibm Z, Sterling Secure Proxy and 2 more 2023-12-10 N/A 7.5 HIGH
IBM Sterling Secure Proxy 6.0.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 230522.
CVE-2022-43872 2 Ibm, Linux 4 Aix, Financial Transaction Manager, Linux On Ibm Z and 1 more 2023-12-10 N/A 5.3 MEDIUM
IBM Financial Transaction Manager 3.2.4 authorization checks are done incorrectly for some HTTP requests which allows getting unauthorized technical information (e.g. event log entries) about the FTM SWIFT system. IBM X-Force ID: 239708.