Security
Headlines
HeadlinesLatestCVEs

Search

lenovo warranty check/lookup | check warranty status | lenovo support us

Found 10000 results in 54 ms.

CVE-2022-40615: Security Bulletin: IBM Sterling Partner Engagement Manager is vulnerable to SQL injection attack (CVE-2022-40615)

IBM Sterling Partner Engagement Manager 6.1, 6.2, and 6.2.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 236208.

CVE
Open in Source
#sql#vulnerability#linux#ibm
CVE-2022-42438: IBM Cloud Pak for Multicloud Management Monitoring has applied security fixes for user privilege escalation

IBM Cloud Pak for Multicloud Management Monitoring 2.0 and 2.3 allows users without admin roles access to admin functions by specifying direct URL paths. IBM X-Force ID: 238210.

CVE-2022-47983: Security Bulletin: IBM InfoSphere Information Server is vulnerable to cross-site scripting (CVE-2022-47983)

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 243161.

CVE-2023-30434: Security Bulletin: IBM Spectrum Scale is affected by a security vulnerability that can cause the kernel to panic (CVE-2023-30434)

IBM Storage Scale (IBM Spectrum Scale 5.1.0.0 through 5.1.2.9, 5.1.3.0 through 5.1.6.1 and IBM Elastic Storage Systems 6.1.0.0 through 6.1.2.5, 6.1.3.0 through 6.1.6.0) could allow a local user to cause a kernel panic. IBM X-Force ID: 252187.

CVE-2023-32336: Security Bulletin: IBM InfoSphere Information Server is affected by a remote code execution vulnerability (CVE-2023-32336)

IBM InfoSphere Information Server 11.7 is affected by a remote code execution vulnerability due to insecure deserialization in an RMI service. IBM X-Force ID: 255285.

CVE-2023-33849: Security Bulletin: "Administration Console can process body parameters that were submitted in the query" may affect IBM CICS TX Standard

IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 could transmit sensitive information in query parameters that could be intercepted using man in the middle techniques. IBM X-Force ID: 257105.

CVE-2022-22425: Security Bulletin: IBM InfoSphere Information Server is potentially vulnerable to CSV Injection (CVE-2022-22425)

"IBM InfoSphere Information Server 11.7 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 223598."

CVE-2022-34319: IBM CICS TX Advanced is vulnerable to an attacker decrypting highly sensitive information (CVE-2022-34319).

IBM CICS TX 11.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 229463.

CVE-2022-34329: Security Bulletin: IBM CICS TX Advanced could allow an attacker to obtain sensitive information from HTTP response headers (CVE-2022-34329).

IBM CICS TX 11.7 could allow an attacker to obtain sensitive information from HTTP response headers. IBM X-Force ID: 229467.

CVE-2022-34314: IBM CICS TX Standard is vulnerable to allowing sensitive information to be disclosed due to insecure permission settings (CVE-2022-34314).

IBM CICS TX 11.1 could disclose sensitive information to a local user due to insecure permission settings. IBM X-Force ID: 229450.