7.8CVSS
7.7AI Score
0.0004EPSS
7CVSS
6.9AI Score
0.0004EPSS
7CVSS
6.9AI Score
0.0004EPSS
7.8CVSS
7.7AI Score
0.0004EPSS
7CVSS
6.9AI Score
0.0004EPSS
8.8CVSS
8.8AI Score
0.0004EPSS
8.8CVSS
8.8AI Score
0.0004EPSS
7.8CVSS
6.3AI Score
0.0004EPSS
7.8CVSS
6.4AI Score
0.0004EPSS
7.8CVSS
8.5AI Score
0.0004EPSS
7.8CVSS
8.8AI Score
0.0004EPSS
IBM Integration Bus for z/OS 10.1 through 10.1.0.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: ...
6.5CVSS
6.4AI Score
0.0004EPSS
7.8CVSS
7.9AI Score
0.0004EPSS
5.5CVSS
6.1AI Score
0.0004EPSS
7.8CVSS
8AI Score
0.0004EPSS
5.5CVSS
5.9AI Score
0.0004EPSS
7.8CVSS
7.9AI Score
0.0004EPSS
7.8CVSS
7.9AI Score
0.0004EPSS
5.5CVSS
5.9AI Score
0.0004EPSS
7.3CVSS
7.5AI Score
0.0004EPSS
7CVSS
7.9AI Score
0.0005EPSS
5.5CVSS
6.1AI Score
0.0005EPSS
8.8CVSS
9.1AI Score
0.002EPSS
4.6CVSS
5.3AI Score
0.001EPSS
6.8CVSS
7.2AI Score
0.001EPSS
Improper Verification of Cryptographic Signature vulnerability in Snow Software Inventory Agent on MacOS, Snow Software Inventory Agent on Windows, Snow Software Inventory Agent on Linux allows File Manipulation through Snow Update Packages.This issue affects Inventory Agent: through 6.12.0;...
7.8CVSS
5.5AI Score
0.0004EPSS
Improper Input Validation vulnerability in OpenText AppBuilder on Windows, Linux allows Probe System Files. AppBuilder configuration files are viewable by unauthenticated users. This issue affects AppBuilder: from 21.2 before...
5.3CVSS
5.4AI Score
0.001EPSS
Improper Input Validation vulnerability in OpenText AppBuilder on Windows, Linux allows Probe System Files. An authenticated AppBuilder user with the ability to create or manage existing databases can leverage them to exploit the AppBuilder server - including access to its local file system. This.....
7.1CVSS
6.7AI Score
0.0005EPSS
Improper Restriction of XML External Entity Reference vulnerability in OpenText AppBuilder on Windows, Linux allows Server Side Request Forgery, Probe System Files. AppBuilder's XML processor is vulnerable to XML External Entity Processing (XXE), allowing an authenticated user to upload specially.....
6.5CVSS
6.3AI Score
0.0005EPSS
Improper Input Validation vulnerability in OpenText AppBuilder on Windows, Linux allows OS Command Injection. The AppBuilder's Scheduler functionality that facilitates creation of scheduled tasks is vulnerable to command injection. This allows authenticated users to inject arbitrary operating...
8.8CVSS
8.9AI Score
0.0005EPSS
Improper Input Validation, Files or Directories Accessible to External Parties vulnerability in OpenText AppBuilder on Windows, Linux allows Probe System Files. An unauthenticated or authenticated user can abuse a page of AppBuilder to read arbitrary files on the server on which it is hosted. ...
7.5CVSS
7.4AI Score
0.001EPSS
IIBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 could allow an authenticated user with CONNECT privileges to cause a denial of service using a specially crafted query. IBM X-Force ID: ...
6.5CVSS
6.2AI Score
0.001EPSS
IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.1, 10.5, and 11.1 could allow an authenticated user with CONNECT privileges to cause a denial of service using a specially crafted query. IBM X-Force ID: ...
6.5CVSS
6.2AI Score
0.001EPSS
IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1 and 11.5 could allow an authenticated user with CONNECT privileges to cause a denial of service using a specially crafted query. IBM X-Force ID: ...
6.5CVSS
6.1AI Score
0.001EPSS
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to an insecure cryptographic algorithm and to information disclosure in stack trace under exceptional conditions. IBM X-Force ID: ...
7.5CVSS
6.9AI Score
0.001EPSS
IBM Db2 10.1, 10.5, and 11.1 could allow a remote user to execute arbitrary code caused by installing like named jar files across multiple databases. A user could exploit this by installing a malicious jar file that overwrites the existing like named jar file in another database. IBM X-Force...
6.5CVSS
6.7AI Score
0.001EPSS
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5 under certain circumstances could allow an authenticated user to the database to cause a denial of service when a statement is run on columnar tables. IBM X-Force ID: ...
6.5CVSS
6.2AI Score
0.001EPSS
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 could allow an authenticated user with CONNECT privileges to cause a denial of service using a specially crafted query. IBM X-Force ID: ...
6.5CVSS
6.2AI Score
0.001EPSS
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 federated server is vulnerable to a denial of service when a specially crafted cursor is used. IBM X-Force ID: ...
7.5CVSS
7.2AI Score
0.001EPSS
IBM OpenPages with Watson 8.3 and 9.0 could allow remote attacker to bypass security restrictions, caused by insufficient authorization checks. By authenticating as an OpenPages user and using non-public APIs, an attacker could exploit this vulnerability to bypass security and gain unauthorized...
8.8CVSS
8.4AI Score
0.001EPSS
IBM Sterling Control Center 6.3.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: ...
5.4CVSS
5.2AI Score
0.001EPSS
IBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in a OpenPages environment using Native authentication. If OpenPages is using Native authentication an attacker with access to the OpenPages database could through a series of specially crafted steps could exploit...
8.1CVSS
7.9AI Score
0.0005EPSS
Generation of Error Message Containing Sensitive Information vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Agent modules).This issue affects Hitachi Device Manager: before...
7.5CVSS
7.5AI Score
0.001EPSS
Missing Password Field Masking vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Agent component).This issue affects Hitachi Device Manager: before...
7.5CVSS
7.5AI Score
0.001EPSS
NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where, when it is launched with the non-default command line option --model-control explicit, an attacker may use the model load API to cause a relative path traversal. A successful exploit of this vulnerability may lead....
8.8CVSS
8.8AI Score
0.001EPSS
7.8CVSS
8AI Score
0.0005EPSS
7.8CVSS
8AI Score
0.0005EPSS
IBM Aspera Console 3.4.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: ...
7.2CVSS
5.8AI Score
0.0004EPSS
IBM Security Guardium Key Lifecycle Manager 4.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: .....
5.4CVSS
5AI Score
0.0004EPSS