VYPR

Vendor CVEs

IBM

All CVEs

8,287 total · sorted by risk
  • CVE-2021-38989MedMar 7, 2022
    risk 0.36cvss 5.5epss 0.00

    IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to cause a denial of service. IBM X-Force ID: 212951.

  • CVE-2021-38988MedMar 7, 2022
    risk 0.36cvss 5.5epss 0.00

    IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to cause a denial of service. IBM X-Force ID: 212950.

  • CVE-2022-22350MedMar 2, 2022
    risk 0.36cvss 5.5epss 0.00

    IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in CAA to cause a denial of service. IBM X-Force ID: 220394.

  • CVE-2021-38996MedMar 2, 2022
    risk 0.36cvss 5.5epss 0.00

    IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to cause a denial of service. IBM X-Force ID: 213076.

  • CVE-2022-22321MedMar 1, 2022
    risk 0.36cvss 5.5epss 0.00

    IBM MQ Appliance 9.2 CD and 9.2 LTS local messaging users stored with a password hash that provides insufficient protection. IBM X-Force ID: 218368.

  • CVE-2020-4925MedMar 1, 2022
    risk 0.36cvss 5.5epss 0.00

    A security vulnerability in the Spectrum Scale 5.0 and 5.1 allows a non-root user to overflow the mmfsd daemon with requests and preventing the daemon to service other requests. IBM X-Force ID: 191599.

  • CVE-2021-38993MedFeb 25, 2022
    risk 0.36cvss 5.5epss 0.00

    IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the smbcd daemon to cause a denial of service. IBM X-Force ID: 212962.

  • CVE-2021-38995MedFeb 24, 2022
    risk 0.36cvss 5.5epss 0.00

    IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to cause a denial of service. IBM X-Force ID: 213073.

  • CVE-2021-38994MedFeb 24, 2022
    risk 0.36cvss 5.5epss 0.00

    IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to cause a denial of service. IBM X-Force ID: 213072.

  • CVE-2021-39032MedJan 14, 2022
    risk 0.36cvss 5.5epss 0.00

    IBM Sterling Gentran:Server for Microsoft Windows 5.3 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 213962.

  • CVE-2021-39048MedDec 13, 2021
    risk 0.36cvss 5.5epss 0.00

    IBM Spectrum Protect Client 7.1 and 8.1 is vulnerable to a stack based buffer overflow, caused by improper bounds checking. A local attacker could exploit this vulnerability and cause a denial of service. IBM X-Force ID: 214438.

  • CVE-2021-38901MedDec 13, 2021
    risk 0.36cvss 5.5epss 0.00

    IBM Spectrum Protect Operations Center 7.1, under special configurations, could allow a local user to obtain highly sensitive information. IBM X-Force ID: 209610.

  • CVE-2021-38926MedDec 9, 2021
    risk 0.36cvss 5.5epss 0.00

    IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local user to gain privileges due to allowing modification of columns of existing tasks. IBM X-Force ID: 210321.

  • CVE-2021-39000MedNov 30, 2021
    risk 0.36cvss 5.5epss 0.01

    IBM MQ Appliance 9.2 CD and 9.2 LTS could allow a local attacker to obtain sensitive information by inclusion of sensitive data within diagnostics. IBM X-Force ID: 213215.

  • CVE-2021-38999MedNov 30, 2021
    risk 0.36cvss 5.5epss 0.00

    IBM MQ Appliance could allow a local attacker to obtain sensitive information by inclusion of sensitive data within trace.

  • CVE-2021-38958MedNov 30, 2021
    risk 0.36cvss 5.5epss 0.00

    IBM MQ Appliance 9.2 CD and 9.2 LTS is affected by a denial of service attack caused by a concurrency issue. IBM X-Force ID: 212042

  • CVE-2021-38959MedNov 17, 2021
    risk 0.36cvss 5.5epss 0.00

    IBM SPSS Statistics for Windows 24.0, 25.0, 26.0, 27.0, 27.0.1, and 28.0 could allow a local user to cause a denial of service by writing arbitrary files to admin protected directories on the system. IBM X-Force ID: 212046.

  • CVE-2021-38949MedNov 16, 2021
    risk 0.36cvss 5.5epss 0.00

    IBM MQ 7.5, 8.0, 9.0 LTS, 9.1 CD, and 9.1 LTS stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 211403.

  • CVE-2021-38976MedNov 15, 2021
    risk 0.36cvss 5.5epss 0.00

    IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 stores user credentials in plain clear text which can be read by a local user. X-Force ID: 212781.

  • CVE-2021-29868MedOct 27, 2021
    risk 0.36cvss 5.5epss 0.00

    IBM i2 iBase 8.9.13 and 9.0.0 could allow a local attacker to obtain sensitive information due to insufficient session expiration. IBM X-Force ID: 206213.

  • CVE-2021-29906MedOct 8, 2021
    risk 0.36cvss 5.5epss 0.00

    IBM App Connect Enterprise Certified Container 1.0, 1.1, 1.2, 1.3, 1.4 and 1.5 could disclose sensitive information to a local user when it is configured to use an IBM Cloud API key to connect to cloud-based connectors. IBM X-Force ID: 207630.

  • CVE-2021-29904MedSep 23, 2021
    risk 0.36cvss 5.5epss 0.00

    IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI displays user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 207610.

  • CVE-2021-38863MedSep 23, 2021
    risk 0.36cvss 5.5epss 0.00

    IBM Security Verify Bridge 1.0.5.0 stores user credentials in plain clear text which can be read by a locally authenticated user. IBM X-Force ID: 208154.

  • CVE-2021-20435MedSep 23, 2021
    risk 0.36cvss 5.5epss 0.00

    IBM Security Verify Bridge 1.0.5.0 does not properly validate a certificate which could allow a local attacker to obtain sensitive information that could aid in further attacks against the system. IBM X-Force ID: 196355.

  • CVE-2021-29862MedAug 26, 2021
    risk 0.36cvss 5.5epss 0.00

    IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to cause a denial of service. IBM X-Force ID: 206086.

  • CVE-2021-29727MedAug 26, 2021
    risk 0.36cvss 5.5epss 0.00

    IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a local user to exploit a vulnerability in the AIX kernel to cause a denial of service. IBM X-Force ID: 201106.

  • CVE-2021-20490MedJun 29, 2021
    risk 0.36cvss 5.5epss 0.00

    IBM Spectrum Protect Plus 10.1.0 through 10.1.8 could allow a local user to cause a denial of service due to insecure file permission settings. IBM X-Force ID: 197791.

  • CVE-2021-20546MedApr 26, 2021
    risk 0.36cvss 5.5epss 0.00

    IBM Spectrum Protect Client 8.1.0.0 through 8.1.11.0 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and cause the application to crash. IBM X-Force ID: 198934

  • CVE-2020-4944MedMar 30, 2021
    risk 0.36cvss 5.5epss 0.00

    IBM UrbanCode Deploy (UCD) 7.0.3.0, 7.0.4.0, 7.0.5.3, 7.0.5.4, 7.1.0.0, 7.1.1.0, 7.1.1.1, and 7.1.1.2, stores keystore passwords in plain text after a manual edit, which can be read by a local user. IBM X-Force ID: 191944.

  • CVE-2020-4884MedMar 30, 2021
    risk 0.36cvss 5.5epss 0.00

    IBM UrbanCode Deploy (UCD) 6.2.7.9, 7.0.5.4, and 7.1.1.1 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 190908.

  • CVE-2020-4891MedMar 16, 2021
    risk 0.36cvss 5.5epss 0.00

    IBM Spectrum Scale 5.0.0 through 5.0.5.5 and 5.1.0 through 5.1.0.2 uses an inadequate account lockout setting that could allow a local user er to brute force Rest API account credentials. IBM X-Force ID: 190974.

  • CVE-2020-4851MedMar 16, 2021
    risk 0.36cvss 5.5epss 0.00

    IBM Spectrum Scale 5.0.0 through 5.0.5.5 and 5.1.0 through 5.1.0.2 could allow a local user to poison log files which could impact support and development efforts. IBM X-Force ID: 190450.

  • CVE-2020-4717MedMar 10, 2021
    risk 0.36cvss 5.5epss 0.00

    A vulnerability exists in IBM SPSS Modeler Subscription Installer that allows a user with create symbolic link permission to write arbitrary file in another protected path during product installation. IBM X-Force ID: 187727.

  • CVE-2021-20408MedFeb 12, 2021
    risk 0.36cvss 5.5epss 0.00

    IBM Security Verify Information Queue 1.0.6 and 1.0.7 could disclose highly sensitive information to a local user due to inproper storage of a plaintext cryptographic key. IBM X-Force ID: 198187.

  • CVE-2020-4996MedFeb 9, 2021
    risk 0.36cvss 5.5epss 0.00

    IBM Security Identity Governance and Intelligence 5.2.6 could allow a local user to obtain sensitive information via the capturing of screenshots of authentication credentials. IBM X-Force ID: 192913.

  • CVE-2020-4832MedFeb 5, 2021
    risk 0.36cvss 5.5epss 0.00

    IBM PowerHA 7.2 could allow a local attacker to obtain sensitive information from temporary directories after a discovery failure occurs. IBM X-Force ID: 189969.

  • CVE-2020-4887MedJan 20, 2021
    risk 0.36cvss 5.5epss 0.00

    IBM AIX 7.1, 7.2 and AIX VIOS 3.1 could allow a local user to exploit a vulnerability in the gencore user command to create arbitrary files in any directory. IBM X-Force ID: 190911.

  • CVE-2020-4871MedJan 19, 2021
    risk 0.36cvss 5.5epss 0.00

    IBM Planning Analytics 2.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 190834.

  • CVE-2020-5017MedJan 8, 2021
    risk 0.36cvss 5.5epss 0.00

    IBM Spectrum Protect Plus 10.1.0 through 10.1.6 may allow a local user to obtain access to information beyond their intended role and permissions. IBM X-Force ID: 193653.

  • CVE-2020-4642MedDec 23, 2020
    risk 0.36cvss 5.5epss 0.00

    IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow local attacker to cause a denial of service inside the "DB2 Management Service".

  • CVE-2020-4900MedNov 30, 2020
    risk 0.36cvss 5.5epss 0.00

    IBM Business Automation Workflow 19.0.0.3 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 190991.

  • CVE-2020-4568MedNov 10, 2020
    risk 0.36cvss 5.5epss 0.01

    IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, and 4.0 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 184157.

  • CVE-2020-4756MedOct 20, 2020
    risk 0.36cvss 5.5epss 0.00

    IBM Spectrum Scale V4.2.0.0 through V4.2.3.23 and V5.0.0.0 through V5.0.5.2 as well as IBM Elastic Storage System 6.0.0 through 6.0.1.0 could allow a local attacker to invoke a subset of ioctls on the device with invalid arguments that could crash the keneral and cause a denial…

  • CVE-2020-4491MedOct 20, 2020
    risk 0.36cvss 5.5epss 0.00

    IBM Spectrum Scale V4.2.0.0 through V4.2.3.22 and V5.0.0.0 through V5.0.5 could allow a local attacker to cause a denial of service by sending a large number of RPC requests to the mmfsd daemon which would cause the service to crash. IBM X-Force ID: 181991.

  • CVE-2020-4528MedOct 6, 2020
    risk 0.36cvss 5.5epss 0.00

    IBM MQ Appliance (IBM DataPower Gateway 10.0.0.0 and 2018.4.1.0 through 2018.4.1.12) could allow a local user, under special conditions, to obtain highly sensitive information from log files. IBM X-Force ID: 182658.

  • CVE-2020-4492MedAug 31, 2020
    risk 0.36cvss 5.5epss 0.00

    IBM Spectrum Scale V5.0.0.0 through V5.0.4.3 and V4.2.0.0 through V4.2.3.21 could allow a local attacker to cause a denial of service crashing the kernel by sending a subset of ioctls on the device with invalid arguments. IBM X-Force ID: 181992.

  • CVE-2020-4382MedAug 24, 2020
    risk 0.36cvss 5.5epss 0.00

    IBM Spectrum Scale for IBM Elastic Storage Server 5.3.0 through 5.3.5 could allow an authenticated user to cause a denial of service during deployment or upgrade pertaining to xcat services. IBM X-Force ID: 179163.

  • CVE-2020-4631MedAug 4, 2020
    risk 0.36cvss 5.5epss 0.00

    IBM Spectrum Protect Plus 10.1.0 through 10.1.6 agent files, in non-default configurations, on Windows are assigned access to everyone with full control permissions, which could allow a local user to cause interruption of the service operations. IBM X-Force ID: 185372.

  • CVE-2019-4731MedJul 28, 2020
    risk 0.36cvss 5.5epss 0.00

    IBM MQ Appliance 9.1.4.CD could allow a local attacker to obtain highly sensitive information by inclusion of sensitive data within trace. IBM X-Force ID: 172616.

  • CVE-2020-4369MedJul 22, 2020
    risk 0.36cvss 5.5epss 0.00

    IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 stores highly sensitive information in cleartext that could be obtained by a user. IBM X-Force ID: 179004.

Page 46 of 166