Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.6

    MEDIUM
    CVE-2022-22412

    IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could allow a user with access to the local host (client machine) to obtain a login access token. IBM X-Force ID: 223019.... Read more

    Affected Products : robotic_process_automation windows
    • Published: Jul. 26, 2022
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2022-22411

    IBM Spectrum Scale Data Access Services (DAS) 5.1.3.1 could allow an authenticated user to insert code which could allow the attacker to manipulate cluster resources due to excessive permissions. IBM X-Force ID: 223016.... Read more

    • Published: Aug. 10, 2022
    • Modified: Nov. 21, 2024

  • 7.2

    HIGH
    CVE-2022-22410

    IBM Watson Query with Cloud Pak for Data as a Service could allow an authenticated user to obtain sensitive information that would allow them to examine or alter system configurations or data sources connected to the service. IBM X-Force ID: 222763.... Read more

    Affected Products : watson_query
    • Published: Apr. 06, 2022
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2022-22409

    IBM Aspera Faspex 5.0.5 could allow a remote attacker to gather sensitive information about the web application, caused by an insecure configuration. IBM X-Force ID: 222592.... Read more

    Affected Products : linux_kernel aspera_faspex
    • Published: Sep. 08, 2023
    • Modified: Nov. 21, 2024

  • 5.9

    MEDIUM
    CVE-2022-22405

    IBM Aspera Faspex 5.0.5 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the m... Read more

    Affected Products : linux_kernel aspera_faspex
    • Published: Sep. 08, 2023
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2022-22404

    IBM App Connect Enterprise Certified Container Dashboard UI (IBM App Connect Enterprise Certified Container 1.5, 2.0, 2.1, 3.0, and 3.1) may be vulnerable to denial of service due to excessive rate limiting.... Read more

    • Published: Apr. 01, 2022
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2022-22402

    IBM Aspera Faspex 5.0.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session... Read more

    Affected Products : linux_kernel aspera_faspex
    • Published: Sep. 08, 2023
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2022-22401

    IBM Aspera Faspex 5.0.5 could allow a remote attacker to gather or persuade a naive user to supply sensitive information. IBM X-Force ID: 222567.... Read more

    Affected Products : linux_kernel aspera_faspex
    • Published: Sep. 08, 2023
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2022-22396

    Credentials are printed in clear text in the IBM Spectrum Protect Plus 10.1.0.0 through 10.1.9.3 virgo log file in certain cases. Credentials could be the remote vSnap, offload targets, or VADP credentials depending on the operation performed. Credentials... Read more

    Affected Products : spectrum_protect_plus linux_kernel
    • Published: Jun. 06, 2022
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2022-22394

    The IBM Spectrum Protect 8.1.14.000 server could allow a remote attacker to bypass security restrictions, caused by improper enforcement of access controls. By signing in, an attacker could exploit this vulnerability to bypass security and gain unauthoriz... Read more

    • Published: Mar. 21, 2022
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2022-22393

    IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.5 , with the adminCenter-1.0 feature configured, could allow an authenticated user to issue a request to obtain the status of HTTP/HTTPS ports which are accessible by the application server.... Read more

    Affected Products : websphere_application_server
    • Published: May. 13, 2022
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2022-22392

    IBM Planning Analytics Local 2.0 could allow an attacker to upload arbitrary executable files which, when executed by an unsuspecting victim could result in code execution. IBM X-Force ID: 222066.... Read more

    Affected Products : planning_analytics_workspace
    • Published: Apr. 25, 2022
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2022-22391

    IBM Aspera High-Speed Transfer 4.3.1 and earlier could allow an authenticated user to obtain information from non sensitive operating system files that they should not have access to. IBM X-Force ID: 222059.... Read more

    • Published: Apr. 14, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2022-22390

    IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 may be vulnerable to an information disclosure caused by improper privilege management when table function is used. IBM X-Force ID: 221973.... Read more

    Affected Products : linux_kernel db2 windows unix
    • Published: Jun. 24, 2022
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2022-22389

    IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a denial of service as the server may terminate abnormally when executing specially crafted SQL statements by an authenticated user. IBM X-Force ID: 2219740.... Read more

    Affected Products : linux_kernel db2 windows unix
    • Published: Jun. 24, 2022
    • Modified: Nov. 21, 2024

  • 5.9

    MEDIUM
    CVE-2022-22386

    IBM Security Verify Privilege On-Premises 11.5 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive inform... Read more

    • Published: Oct. 17, 2023
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2022-22385

    IBM Security Verify Privilege On-Premises 11.5 could disclose sensitive information to an attacked due to the transmission of data in clear text. IBM X-Force ID: 221962. ... Read more

    • Published: Oct. 17, 2023
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2022-22384

    IBM Security Verify Privilege On-Premises 11.5 could allow an attacker to modify messages returned from the server due to hazardous input validation. IBM X-Force ID: 221961. ... Read more

    • Published: Oct. 17, 2023
    • Modified: Nov. 21, 2024

  • 5.0

    MEDIUM
    CVE-2022-22380

    IBM Security Verify Privilege On-Premises 11.5 could allow an attacker to spoof a trusted entity due to improperly validating certificates. IBM X-Force ID: 221957. ... Read more

    • Published: Oct. 17, 2023
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2022-22377

    IBM Security Verify Privilege On-Premises 11.5 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive informa... Read more

    • Published: Oct. 17, 2023
    • Modified: Nov. 21, 2024
Showing 20 of 294848 Results