Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2021-39002

    IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.... Read more

    • Published: Dec. 09, 2021
    • Modified: Nov. 21, 2024

  • 5.9

    MEDIUM
    CVE-2021-39000

    IBM MQ Appliance 9.2 CD and 9.2 LTS could allow a local attacker to obtain sensitive information by inclusion of sensitive data within diagnostics. IBM X-Force ID: 213215.... Read more

    Affected Products : mq_appliance
    • Published: Nov. 30, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-38999

    IBM MQ Appliance could allow a local attacker to obtain sensitive information by inclusion of sensitive data within trace.... Read more

    Affected Products : mq_appliance
    • Published: Nov. 30, 2021
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2021-38997

    IBM API Connect V10.0.0.0 through V10.0.5.0, V10.0.1.0 through V10.0.1.7, and V2018.4.1.0 through 2018.4.1.19 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct vari... Read more

    Affected Products : api_connect
    • Published: Dec. 12, 2022
    • Modified: Nov. 21, 2024

  • 6.2

    MEDIUM
    CVE-2021-38996

    IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to cause a denial of service. IBM X-Force ID: 213076.... Read more

    Affected Products : aix vios
    • Published: Mar. 02, 2022
    • Modified: Nov. 21, 2024

  • 6.2

    MEDIUM
    CVE-2021-38995

    IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to cause a denial of service. IBM X-Force ID: 213073.... Read more

    Affected Products : aix vios
    • Published: Feb. 24, 2022
    • Modified: Nov. 21, 2024

  • 6.2

    MEDIUM
    CVE-2021-38994

    IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to cause a denial of service. IBM X-Force ID: 213072.... Read more

    Affected Products : aix vios
    • Published: Feb. 24, 2022
    • Modified: Nov. 21, 2024

  • 6.2

    MEDIUM
    CVE-2021-38993

    IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the smbcd daemon to cause a denial of service. IBM X-Force ID: 212962.... Read more

    Affected Products : aix vios
    • Published: Feb. 25, 2022
    • Modified: Nov. 21, 2024

  • 8.4

    HIGH
    CVE-2021-38991

    IBM AIX 7.0, 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the lscore command which could lead to code execution. IBM X-Force ID: 212953.... Read more

    Affected Products : aix vios
    • Published: Jan. 11, 2022
    • Modified: Nov. 21, 2024

  • 8.4

    HIGH
    CVE-2021-38990

    IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the mount command which could lead to code execution. IBM X-Force ID: 212952.... Read more

    Affected Products : aix vios
    • Published: Jan. 10, 2022
    • Modified: Nov. 21, 2024

  • 6.2

    MEDIUM
    CVE-2021-38989

    IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to cause a denial of service. IBM X-Force ID: 212951.... Read more

    Affected Products : aix vios
    • Published: Mar. 07, 2022
    • Modified: Nov. 21, 2024

  • 6.2

    MEDIUM
    CVE-2021-38988

    IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to cause a denial of service. IBM X-Force ID: 212950.... Read more

    Affected Products : aix vios
    • Published: Mar. 07, 2022
    • Modified: Nov. 21, 2024

  • 5.6

    MEDIUM
    CVE-2021-38986

    IBM MQ Appliance 9.2 CD and 9.2 LTS does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 212942.... Read more

    Affected Products : mq mq_appliance
    • Published: Mar. 01, 2022
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2021-38985

    IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.... Read more

    • Published: Nov. 12, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-38984

    IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 212793.... Read more

    • Published: Nov. 15, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-38983

    IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 212792.... Read more

    • Published: Nov. 15, 2021
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2021-38982

    IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials d... Read more

    • Published: Nov. 15, 2021
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2021-38981

    IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the syste... Read more

    • Published: Nov. 15, 2021
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2021-38980

    IBM Tivoli Key Lifecycle Manager (IBM Security Guardium Key Lifecycle Manager) 3.0, 3.0.1, 4.0, and 4.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information coul... Read more

    • Published: Nov. 23, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-38979

    IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 uses a one-way cryptographic hash against an input that should not be reversible, such as a password, but the software does not also use a salt as part of the input. IBM X-Force ID: 212785.... Read more

    • Published: Nov. 15, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 292803 Results