• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors
Home » CVE’s

CVE’s


CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2022-22404
2022-04-08
N/A
6.5 MEDIUM
IBM App Connect Enterprise Certified Container Dashboard UI (IBM App Connect Enterprise Certified Container 1.5, 2.0, 2.1, 3.0, and 3.1) may be vulnerable to denial of service due to excessive rate limiting.
CVE-2022-2240
2022-07-29
N/A
8.8 HIGH
The Request a Quote WordPress plugin through 2.3.7 does not validate uploaded CSV files, allowing unauthenticated users to attach a malicious CSV file to a quote, which could lead to a CSV injection once an admin download and open it
CVE-2022-22396
Ibm, Spectrum Protect Plus
Aix, Z/os, Db2, Spectrum_protect, Open_power, Power_system_8335-gth, Power_system_8335-gtx, Power_system_8335-gtc, Power_system_8335-gtg, Power_system_8335-gtw
2022-06-14
N/A
7.5 HIGH
Credentials are printed in clear text in the IBM Spectrum Protect Plus 10.1.0.0 through 10.1.9.3 virgo log file in certain cases. Credentials could be the remote vSnap, offload targets, or VADP credentials depending on the operation performed. Credentials that are using API key or certificate are not printed. IBM X-Force ID: 222231.
CVE-2022-22394
Ibm, Spectrum Protect
Aix, Z/os, Db2, Spectrum_protect, Open_power, Power_system_8335-gth, Power_system_8335-gtx, Power_system_8335-gtc, Power_system_8335-gtg, Power_system_8335-gtw
2022-03-28
N/A
8.8 HIGH
The IBM Spectrum Protect 8.1.14.000 server could allow a remote attacker to bypass security restrictions, caused by improper enforcement of access controls. By signing in, an attacker could exploit this vulnerability to bypass security and gain unauthorized administrator or node access to the vulnerable server.
CVE-2022-22393
2022-05-23
N/A
6.5 MEDIUM
IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.5 , with the adminCenter-1.0 feature configured, could allow an authenticated user to issue a request to obtain the status of HTTP/HTTPS ports which are accessible by the application server. IBM X-Force ID: 222078.
CVE-2022-22392
2022-05-05
N/A
7.8 HIGH
IBM Planning Analytics Local 2.0 could allow an attacker to upload arbitrary executable files which, when executed by an unsuspecting victim could result in code execution. IBM X-Force ID: 222066.
CVE-2022-22391
2022-04-23
N/A
4.3 MEDIUM
IBM Aspera High-Speed Transfer 4.3.1 and earlier could allow an authenticated user to obtain information from non sensitive operating system files that they should not have access to. IBM X-Force ID: 222059.
CVE-2022-22390
Opengroup, Unix
Unix
2022-10-28
N/A
7.5 HIGH
IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 may be vulnerable to an information disclosure caused by improper privilege management when table function is used. IBM X-Force ID: 221973.
CVE-2022-2239
2022-07-29
N/A
4.8 MEDIUM
The Request a Quote WordPress plugin through 2.3.7 does not sanitise and escape some of its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
CVE-2022-22389
Opengroup, Unix
Unix
2022-10-28
N/A
6.5 MEDIUM
IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a denial of service as the server may terminate abnormally when executing specially crafted SQL statements by an authenticated user. IBM X-Force ID: 2219740.
« Previous 1 … 10,675 10,676 10,677 10,678 10,679 … 11,258 Next »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE