Vulnerabilities > IBM > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-08 | CVE-2022-22465 | Unspecified vulnerability in IBM Security Verify Access IBM Security Access Manager Appliance 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 could allow a local user to obtain elevated privileges due to improper access permissions. | 7.8 |
| 2022-07-08 | CVE-2022-22476 | Authentication Bypass by Spoofing vulnerability in IBM Open Liberty and Websphere Application Server IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.7 and Open Liberty are vulnerable to identity spoofing by an authenticated user using a specially crafted request. | 8.8 |
| 2022-06-30 | CVE-2021-38941 | Unspecified vulnerability in IBM Cloud PAK for Multicloud Management Monitoring 2.0.0/2.3.0 IBM CloudPak for Multicloud Monitoring 2.0 and 2.3 has a few containers running in privileged mode which is vulnerable to host information leakage or destruction if unauthorized access to these containers could execute arbitrary commands. | 8.1 |
| 2022-06-30 | CVE-2022-22472 | Improper Preservation of Permissions vulnerability in IBM Spectrum Protect Plus Container Backup and Restore 10.1.10.2/10.1.5/10.1.7 IBM Spectrum Protect Plus Container Backup and Restore (10.1.5 through 10.1.10.2 for Kubernetes and 10.1.7 through 10.1.10.2 for Red Hat OpenShift) could allow a remote attacker to bypass IBM Spectrum Protect Plus role based access control restrictions, caused by improper disclosure of session information. | 8.8 |
| 2022-06-30 | CVE-2022-22474 | Unspecified vulnerability in IBM Spectrum Protect Client IBM Spectrum Protect 8.1.0.0 through 8.1.14.0 dsmcad, dsmc, and dsmcsvc processes incorrectly handle certain read operations on TCP/IP sockets. | 7.5 |
| 2022-06-24 | CVE-2022-22390 | Improper Privilege Management vulnerability in IBM DB2 IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 may be vulnerable to an information disclosure caused by improper privilege management when table function is used. | 7.5 |
| 2022-06-10 | CVE-2022-22479 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Spectrum Copy Data Management IBM Spectrum Copy Data Management 2.2.0.0through 2.2.15.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2022-06-07 | CVE-2020-36529 | Command Injection vulnerability in IBM Sevone Network Performance Management A vulnerability classified as critical has been found in SevOne Network Management System up to 5.7.2.22. | 8.8 |
| 2022-06-07 | CVE-2020-36530 | SQL Injection vulnerability in IBM Sevone Network Performance Management A vulnerability classified as critical was found in SevOne Network Management System up to 5.7.2.22. | 8.8 |
| 2022-06-07 | CVE-2020-36531 | Improper Neutralization of Formula Elements in a CSV File vulnerability in IBM Sevone Network Performance Management A vulnerability, which was classified as critical, has been found in SevOne Network Management System up to 5.7.2.22. | 8.8 |