Filtered by vendor Linux Subscriptions
Filtered by product Linux Kernel Subscriptions
Total 10427 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-23477 5 Hp, Ibm, Linux and 2 more 8 Hp-ux, Aix, I and 5 more 2025-03-25 8.1 High
IBM WebSphere Application Server 8.5 and 9.0 traditional could allow a remote attacker to execute arbitrary code on the system with a specially crafted sequence of serialized objects. IBM X-Force ID: 245513.
CVE-2022-42439 4 Ibm, Linux, Microsoft and 1 more 6 Aix, App Connect Enterprise, App Connect Enterprise Certified Container and 3 more 2025-03-25 6.8 Medium
IBM App Connect Enterprise 11.0.0.17 through 11.0.0.19 and 12.0.4.0 and 12.0.5.0 contains an unspecified vulnerability in the Discovery Connector nodes which may cause a 3rd party system’s credentials to be exposed to a privileged attacker. IBM X-Force ID: 238211.
CVE-2023-52429 2 Fedoraproject, Linux 2 Fedora, Linux Kernel 2025-03-25 5.5 Medium
dm_table_create in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to (in alloc_targets) allocate more than INT_MAX bytes, and crash, because of a missing check for struct dm_ioctl.target_count.
CVE-2022-42444 3 Ibm, Linux, Microsoft 4 Aix, App Connect Enterprise, Linux Kernel and 1 more 2025-03-25 4.9 Medium
IBM App Connect Enterprise 11.0.0.8 through 11.0.0.19 and 12.0.1.0 through 12.0.5.0 is vulnerable to a buffer overflow. A remote privileged user could overflow a buffer and cause the application to crash. IBM X-Force ID: 238538.
CVE-2021-39016 3 Ibm, Linux, Microsoft 4 Engineering Lifecycle Optimization - Publishing, Engineering Lifecycle Optimization Publishing, Linux Kernel and 1 more 2025-03-25 4.3 Medium
IBM Engineering Lifecycle Optimization - Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 does not sufficiently monitor or control transmitted network traffic volume, so that an actor can cause the software to transmit more traffic than should be allowed for that actor. IBM X-Force ID: 213722.
CVE-2021-39028 3 Ibm, Linux, Microsoft 4 Engineering Lifecycle Optimization - Publishing, Engineering Lifecycle Optimization Publishing, Linux Kernel and 1 more 2025-03-25 5.4 Medium
IBM Engineering Lifecycle Optimization - Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 213866.
CVE-2021-39018 3 Ibm, Linux, Microsoft 4 Engineering Lifecycle Optimization - Publishing, Engineering Lifecycle Optimization Publishing, Linux Kernel and 1 more 2025-03-25 4.3 Medium
IBM Engineering Lifecycle Optimization - Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could disclose sensitive information in a SQL error message that could aid in further attacks against the system. IBM X-Force ID: 213726.
CVE-2021-39017 3 Ibm, Linux, Microsoft 4 Engineering Lifecycle Optimization - Publishing, Engineering Lifecycle Optimization Publishing, Linux Kernel and 1 more 2025-03-25 6.5 Medium
IBM Engineering Lifecycle Optimization - Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could allow a remote attacker to upload arbitrary files, caused by improper access controls. IBM X-Force ID: 213725.
CVE-2021-39019 3 Ibm, Linux, Microsoft 4 Engineering Lifecycle Optimization - Publishing, Engineering Lifecycle Optimization Publishing, Linux Kernel and 1 more 2025-03-25 6.5 Medium
IBM Engineering Lifecycle Optimization - Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could disclose highly sensitive information through an HTTP GET request to an authenticated user. IBM X-Force ID: 213728.
CVE-2021-39015 3 Ibm, Linux, Microsoft 4 Engineering Lifecycle Optimization - Publishing, Engineering Lifecycle Optimization Publishing, Linux Kernel and 1 more 2025-03-25 5.4 Medium
IBM Engineering Lifecycle Optimization - Publishing 7.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 213655.
CVE-2023-23475 3 Ibm, Linux, Microsoft 4 Aix, Infosphere Information Server, Linux Kernel and 1 more 2025-03-25 4.6 Medium
IBM Infosphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 245423.
CVE-2022-42436 4 Ibm, Linux, Microsoft and 1 more 7 Aix, I, Linux On Ibm Z and 4 more 2025-03-25 4 Medium
IBM MQ 8.0.0, 9.0.0, 9.1.0, 9.2.0, 9.3.0 Managed File Transfer could allow a local user to obtain sensitive information from diagnostic files. IBM X-Force ID: 238206.
CVE-2022-35720 3 Ibm, Linux, Microsoft 6 Aix, Linux On Ibm Z, Sterling External Authentication Server and 3 more 2025-03-25 2.3 Low
IBM Sterling External Authentication Server 6.1.0 and IBM Sterling Secure Proxy 6.0.3 uses weaker than expected cryptographic algorithms during installation that could allow a local attacker to decrypt sensitive information. IBM X-Force ID: 231373.
CVE-2022-43869 2 Ibm, Linux 3 Elastic Storage System, Spectrum Scale, Linux Kernel 2025-03-25 6.5 Medium
IBM Spectrum Scale (5.1.0.0 through 5.1.2.8 and 5.1.3.0 through 5.1.5.1) and IBM Elastic Storage System (6.1.0.0 through 6.1.2.4 and 6.1.3.0 through 6.1.4.1) could allow an authenticated user to cause a denial of service through the GUI using a format string attack. IBM X-Force ID: 239539.
CVE-2022-42438 2 Ibm, Linux 2 Cloud Pak For Multicloud Management Monitoring, Linux Kernel 2025-03-25 7.5 High
IBM Cloud Pak for Multicloud Management Monitoring 2.0 and 2.3 allows users without admin roles access to admin functions by specifying direct URL paths. IBM X-Force ID: 238210.
CVE-2022-34362 3 Ibm, Linux, Microsoft 5 Aix, Linux On Ibm Z, Sterling Secure Proxy and 2 more 2025-03-24 4.6 Medium
IBM Sterling Secure Proxy 6.0.3 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 230523.
CVE-2023-0575 4 Apple, Linux, Microsoft and 1 more 5 Iphone Os, Macos, Linux Kernel and 2 more 2025-03-24 7.2 High
External Control of Critical State Data, Improper Control of Generation of Code ('Code Injection') vulnerability in YugaByte, Inc. Yugabyte DB on Windows, Linux, MacOS, iOS (DevopsBase.Java:execCommand, TableManager.Java:runCommand modules) allows API Manipulation, Privilege Abuse. This vulnerability is associated with program files backup.Py. This issue affects Yugabyte DB: Lesser then 2.2.0.0
CVE-2024-5591 3 Ibm, Linux, Microsoft 3 Jazz Foundation, Linux Kernel, Windows 2025-03-21 4.3 Medium
IBM Jazz Foundation 7.0.2, 7.0.3, and 7.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system.
CVE-2024-41780 3 Ibm, Linux, Microsoft 3 Jazz Foundation, Linux Kernel, Windows 2025-03-21 4.2 Medium
IBM Jazz Foundation 7.0.2, 7.0.3, and 7.1.0 could could allow a physical user to obtain sensitive information due to not masking passwords during entry.
CVE-2024-41768 3 Ibm, Linux, Microsoft 4 Engineering Lifecycle Optimization - Publishing, Engineering Lifecycle Optimization Publishing, Linux Kernel and 1 more 2025-03-21 6.5 Medium
IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 could allow a remote attacker to cause an unhandled SSL exception which could leave the connection in an unexpected or insecure state.