Export limit exceeded: 81160 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (81160 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-38930 | 1 Ibm | 2 System Storage Ds8000 Management Console, System Storage Ds8000 Management Console Firmware | 2024-11-21 | 7.5 High |
| IBM System Storage DS8000 Management Console (HMC) R8.5 88.5x.x.x, R9.1 89.1x.0.0, and R9.2 89.2x.0.0 could allow a remote attacker to obtain sensitive information through unpublished URLs. IBM X-Force ID: 210331. | ||||
| CVE-2021-38929 | 1 Ibm | 2 System Storage Ds8000 Management Console, System Storage Ds8000 Management Console Firmware | 2024-11-21 | 7.5 High |
| IBM System Storage DS8000 Management Console (HMC) R8.5 88.5x.x.x, R9.1 89.1x.0.0, and R9.2 89.2x.0.0 could allow a remote attacker to obtain sensitive information through unpublished URLs. IBM X-Force ID: 210330. | ||||
| CVE-2021-38927 | 3 Ibm, Linux, Microsoft | 3 Aspera Console, Linux Kernel, Windows | 2024-11-21 | 7.2 High |
| IBM Aspera Console 3.4.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 210322. | ||||
| CVE-2021-38925 | 1 Ibm | 1 Sterling B2b Integrator | 2024-11-21 | 7.5 High |
| IBM Sterling B2B Integrator Standard Edition 5.2.0. 0 through 6.1.1.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 210171. | ||||
| CVE-2021-38924 | 1 Ibm | 2 Maximo Application Suite, Maximo Asset Management | 2024-11-21 | 7.5 High |
| IBM Maximo Asset Management 7.6.1.1 and 7.6.1.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 210163. | ||||
| CVE-2021-38921 | 1 Ibm | 1 Security Verify Access | 2024-11-21 | 7.5 High |
| IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 210067. | ||||
| CVE-2021-38919 | 2 Ibm, Linux | 2 Qradar Security Information And Event Manager, Linux Kernel | 2024-11-21 | 7.5 High |
| IBM QRadar SIEM 7.3, 7.4, and 7.5 in some senarios may reveal authorized service tokens to other QRadar users. IBM X-Force ID: 210021 | ||||
| CVE-2021-38918 | 1 Ibm | 1 Powervm Hypervisor | 2024-11-21 | 7.5 High |
| IBM PowerVM Hypervisor FW860, FW940, FW950, and FW1010, through a specific sequence of VM management operations could lead to a violation of the isolation between peer VMs. IBM X-Force ID: 210019. | ||||
| CVE-2021-38891 | 4 Ibm, Linux, Microsoft and 1 more | 5 Aix, Sterling Connect\, Linux Kernel and 2 more | 2024-11-21 | 7.5 High |
| IBM Sterling Connect:Direct Web Services 1.0 and 6.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 209508. | ||||
| CVE-2021-38890 | 4 Ibm, Linux, Microsoft and 1 more | 5 Aix, Sterling Connect\, Linux Kernel and 2 more | 2024-11-21 | 7.5 High |
| IBM Sterling Connect:Direct Web Services 1.0 and 6.0 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 209507. | ||||
| CVE-2021-38886 | 2 Ibm, Netapp | 2 Cognos Analytics, Oncommand Insight | 2024-11-21 | 8.8 High |
| IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 209399. | ||||
| CVE-2021-38878 | 2 Ibm, Linux | 2 Qradar Security Information And Event Manager, Linux Kernel | 2024-11-21 | 7.5 High |
| IBM QRadar 7.3, 7.4, and 7.5 could allow a malicious actor to impersonate an actor due to key exchange without entity authentication. IBM X-Force ID: 208756. | ||||
| CVE-2021-38873 | 1 Ibm | 1 Planning Analytics | 2024-11-21 | 7.8 High |
| IBM Planning Analytics 2.0 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 208396. | ||||
| CVE-2021-38872 | 1 Ibm | 1 Datapower Gateway | 2024-11-21 | 7.5 High |
| IBM DataPower Gateway 10.0.2.0, 10.0.3.0, 10.0.1.0 through 10.0.1.4, and 2018.4.1.0 through 2018.4.1.17 could allow a remote user to cause a denial of service by consuming resources with multiple requests. IBM X-Force ID: 208348. | ||||
| CVE-2021-38864 | 1 Ibm | 1 Security Verify Bridge | 2024-11-21 | 7.5 High |
| IBM Security Verify Bridge 1.0.5.0 could allow a user to obtain sensitive information due to improper certificate validation. IBM X-Force ID: 208155. | ||||
| CVE-2021-38862 | 1 Ibm | 1 Data Risk Manager | 2024-11-21 | 7.5 High |
| IBM Data Risk Manager (iDNA) 2.0.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 207980. | ||||
| CVE-2021-38847 | 1 S-cart | 1 S-cart | 2024-11-21 | 8.8 High |
| S-Cart v6.4.1 and below was discovered to contain an arbitrary file upload vulnerability in the Editor module on the Admin panel. This vulnerability allows attackers to execute arbitrary code via a crafted IMG file. | ||||
| CVE-2021-38841 | 1 Simple Water Refilling Station Management System Project | 1 Simple Water Refilling Station Management System | 2024-11-21 | 8.8 High |
| Remote Code Execution can occur in Simple Water Refilling Station Management System 1.0 via the System Logo option on the system_info page in classes/SystemSettings.php with an update_settings action. | ||||
| CVE-2021-38834 | 1 Easy-mock Project | 1 Easy Mock | 2024-11-21 | 8.8 High |
| easy-mock v1.5.0-v1.6.0 allows remote attackers to bypass the vm2 sandbox and execute arbitrary system commands through special js code. | ||||
| CVE-2021-38789 | 1 Allwinnertech | 2 Android Q Sdk, R818 | 2024-11-21 | 7.5 High |
| Allwinner R818 SoC Android Q SDK V1.0 is affected by an incorrect access control vulnerability that does not check the caller's permission, in which a third-party app could change system settings. | ||||