Filtered by vendor Hp Subscriptions
Filtered by product Hp-ux Subscriptions
Total 469 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-31772 5 Hp, Ibm, Linux and 2 more 8 Hp-ux, Aix, I and 5 more 2024-11-21 5.3 Medium
IBM MQ 8.0, 9.0 LTS, 9.1 CD, 9.1 LTS, 9.2 CD, and 9.2 LTS could allow an authenticated and authorized user to cause a denial of service to the MQTT channels. IBM X-Force ID: 228335.
CVE-2022-28623 3 Hp, Hpe, Redhat 3 Hp-ux, Icewall Sso Certd, Enterprise Linux 2024-11-21 9.8 Critical
Security vulnerabilities in HPE IceWall SSO 10.0 certd could be exploited remotely to allow SQL injection or unauthorized data injection. HPE has provided the following updated modules to resolve these vulnerabilities. HPE IceWall SSO version 10.0 certd library Patch 9 for RHEL and HPE IceWall SSO version 10.0 certd library Patch 9 for HP-UX.
CVE-2022-22483 5 Hp, Ibm, Linux and 2 more 6 Hp-ux, Aix, Db2 and 3 more 2024-11-21 6.5 Medium
IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to an information disclosure in some scenarios due to unauthorized access caused by improper privilege management when CREATE OR REPLACE command is used. IBM X-Force ID: 225979.
CVE-2022-22478 6 Apple, Hp, Ibm and 3 more 7 Macos, Hp-ux, Aix and 4 more 2024-11-21 5.5 Medium
IBM Spectrum Protect Client 8.1.0.0 through 8.1.14.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 225886.
CVE-2022-22477 5 Hp, Ibm, Linux and 2 more 8 Hp-ux, Aix, I and 5 more 2024-11-21 6.1 Medium
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 225605.
CVE-2022-22473 5 Hp, Ibm, Linux and 2 more 8 Hp-ux, Aix, I and 5 more 2024-11-21 5.3 Medium
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to obtain sensitive information caused by improper handling of Administrative Console data. This information could be used in further attacks against the system. IBM X-Force ID: 225347.
CVE-2022-22318 5 Hp, Ibm, Linux and 2 more 7 Hp-ux, Aix, Curam Social Program Management and 4 more 2024-11-21 9.8 Critical
IBM Curam Social Program Management 8.0.0 and 8.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.
CVE-2022-22317 5 Hp, Ibm, Linux and 2 more 7 Hp-ux, Aix, Curam Social Program Management and 4 more 2024-11-21 9.8 Critical
IBM Curam Social Program Management 8.0.0 and 8.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 218281.
CVE-2022-22310 6 Apple, Hp, Ibm and 3 more 9 Macos, Hp-ux, Aix and 6 more 2024-11-21 6.5 Medium
IBM WebSphere Application Server Liberty 21.0.0.10 through 21.0.0.12 could provide weaker than expected security. A remote attacker could exploit this weakness to obtain sensitive information and gain unauthorized access to JAX-WS applications. IBM X-Force ID: 217224.
CVE-2021-39087 5 Hp, Ibm, Linux and 2 more 6 Hp-ux, Aix, Sterling B2b Integrator and 3 more 2024-11-21 6.5 Medium
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 through 6.1.1.1 could allow an authenticated user to obtain sensitive information due to improper permission controls. IBM X-Force ID: 216109.
CVE-2021-39086 5 Hp, Ibm, Linux and 2 more 6 Hp-ux, Aix, Sterling File Gateway and 3 more 2024-11-21 5.3 Medium
IBM Sterling File Gateway 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 through 6.1.1.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 215889.
CVE-2021-39085 5 Hp, Ibm, Linux and 2 more 6 Hp-ux, Aix, Sterling B2b Integrator and 3 more 2024-11-21 9.8 Critical
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 through 6.1.1.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 215888.
CVE-2021-39048 4 Hp, Ibm, Linux and 1 more 6 Hp-ux, Aix, Spectrum Protect Backup-archive Client and 3 more 2024-11-21 5.5 Medium
IBM Spectrum Protect Client 7.1 and 8.1 is vulnerable to a stack based buffer overflow, caused by improper bounds checking. A local attacker could exploit this vulnerability and cause a denial of service. IBM X-Force ID: 214438.
CVE-2021-39035 5 Hp, Ibm, Linux and 2 more 6 Hp-ux, Aix, Sterling B2b Integrator and 3 more 2024-11-21 5.4 Medium
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 through 6.1.1.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 213965.
CVE-2021-39002 6 Hp, Ibm, Linux and 3 more 7 Hp-ux, Aix, Db2 and 4 more 2024-11-21 7.5 High
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
CVE-2021-38951 5 Hp, Ibm, Linux and 2 more 8 Hp-ux, Aix, I and 5 more 2024-11-21 7.5 High
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume all available CPU resources. IBM X-Force ID: 211405.
CVE-2021-38949 5 Hp, Ibm, Linux and 2 more 8 Hp-ux, Aix, I and 5 more 2024-11-21 5.5 Medium
IBM MQ 7.5, 8.0, 9.0 LTS, 9.1 CD, and 9.1 LTS stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 211403.
CVE-2021-38931 6 Hp, Ibm, Linux and 3 more 7 Hp-ux, Aix, Db2 and 4 more 2024-11-21 6.5 Medium
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.1, and 11.5 is vulnerable to an information disclosure as a result of a connected user having indirect read access to a table where they are not authorized to select from. IBM X-Force ID: 210418.
CVE-2021-38926 6 Hp, Ibm, Linux and 3 more 7 Hp-ux, Aix, Db2 and 4 more 2024-11-21 5.5 Medium
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local user to gain privileges due to allowing modification of columns of existing tasks. IBM X-Force ID: 210321.
CVE-2021-29777 5 Hp, Ibm, Linux and 2 more 6 Hp-ux, Aix, Db2 and 3 more 2024-11-21 6.5 Medium
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5, under specific circumstance of a table being dropped while being accessed in another session, could allow an authenticated user to cause a denial of srevice IBM X-Force ID: 203031.