Total
10526 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-26639 | 2 Linux, Wisa | 2 Linux Kernel, Smart Wing Cms | 2022-08-24 | N/A | 7.5 HIGH |
| This vulnerability is caused by the lack of validation of input values for specific functions if WISA Smart Wing CMS. Remote attackers can use this vulnerability to leak all files in the server without logging in system. | |||||
| CVE-2022-22489 | 3 Ibm, Linux, Microsoft | 3 Mq, Linux Kernel, Windows | 2022-08-22 | N/A | 9.1 CRITICAL |
| IBM MQ 8.0, (9.0, 9.1, 9.2 LTS), and (9.1 and 9.2 CD) are vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 226339. | |||||
| CVE-2022-2075 | 3 Linux, Microsoft, Octopus | 3 Linux Kernel, Windows, Octopus Server | 2022-08-20 | N/A | 7.5 HIGH |
| In affected versions of Octopus Deploy it is possible to perform a Regex Denial of Service targeting the build information request validation. | |||||
| CVE-2022-2049 | 3 Linux, Microsoft, Octopus | 3 Linux Kernel, Windows, Octopus Server | 2022-08-20 | N/A | 7.5 HIGH |
| In affected versions of Octopus Deploy it is possible to perform a Regex Denial of Service via the package upload function. | |||||
| CVE-2022-2074 | 3 Linux, Microsoft, Octopus | 3 Linux Kernel, Windows, Octopus Server | 2022-08-20 | N/A | 7.5 HIGH |
| In affected versions of Octopus Deploy it is possible to perform a Regex Denial of Service using the Variable Project Template. | |||||
| CVE-2022-30532 | 3 Linux, Microsoft, Octopus | 3 Linux Kernel, Windows, Octopus Server | 2022-08-18 | N/A | 5.3 MEDIUM |
| In affected versions of Octopus Deploy, there is no logging of changes to artifacts within Octopus Deploy. | |||||
| CVE-2021-39086 | 5 Hp, Ibm, Linux and 2 more | 6 Hp-ux, Aix, Sterling File Gateway and 3 more | 2022-08-17 | N/A | 5.3 MEDIUM |
| IBM Sterling File Gateway 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 through 6.1.1.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 215889. | |||||
| CVE-2021-39087 | 5 Hp, Ibm, Linux and 2 more | 6 Hp-ux, Aix, Sterling B2b Integrator and 3 more | 2022-08-17 | N/A | 6.5 MEDIUM |
| IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 through 6.1.1.1 could allow an authenticated user to obtain sensitive information due to improper permission controls. IBM X-Force ID: 216109. | |||||
| CVE-2021-39085 | 5 Hp, Ibm, Linux and 2 more | 6 Hp-ux, Aix, Sterling B2b Integrator and 3 more | 2022-08-17 | N/A | 9.8 CRITICAL |
| IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 through 6.1.1.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 215888. | |||||
| CVE-2021-39035 | 5 Hp, Ibm, Linux and 2 more | 6 Hp-ux, Aix, Sterling B2b Integrator and 3 more | 2022-08-17 | N/A | 5.4 MEDIUM |
| IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 through 6.1.1.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 213965. | |||||
| CVE-2022-38221 | 3 Linux, Microsoft, The Isle Evrima Project | 3 Linux Kernel, Windows, The Isle Evrima | 2022-08-17 | N/A | 9.8 CRITICAL |
| A buffer overflow in the FTcpListener thread in The Isle Evrima (the dedicated server on Windows and Linux) 0.9.88.07 before 2022-08-12 allows a remote attacker to crash any server with an accessible RCON port, or possibly execute arbitrary code. | |||||
| CVE-1999-0195 | 2 Linux, Sgi | 2 Linux Kernel, Irix | 2022-08-17 | 5.0 MEDIUM | N/A |
| Denial of service in RPC portmapper allows attackers to register or unregister RPC services or spoof RPC services using a spoofed source IP address such as 127.0.0.1. | |||||
| CVE-1999-0171 | 1 Linux | 1 Linux Kernel | 2022-08-17 | 2.1 LOW | N/A |
| Denial of service in syslog by sending it a large number of superfluous messages. | |||||
| CVE-1999-0165 | 3 Bsdi, Linux, Sun | 5 Bsd Os, Linux Kernel, Nfs and 2 more | 2022-08-17 | 10.0 HIGH | N/A |
| NFS cache poisoning. | |||||
| CVE-1999-0461 | 2 Linux, Sgi | 2 Linux Kernel, Irix | 2022-08-17 | 10.0 HIGH | N/A |
| Versions of rpcbind including Linux, IRIX, and Wietse Venema's rpcbind allow a remote attacker to insert and delete entries by spoofing a source address. | |||||
| CVE-1999-0628 | 4 Freebsd, Ibm, Linux and 1 more | 4 Freebsd, Aix, Linux Kernel and 1 more | 2022-08-17 | 5.0 MEDIUM | N/A |
| The rwho/rwhod service is running, which exposes machine status and user information. | |||||
| CVE-1999-0317 | 1 Linux | 1 Linux Kernel | 2022-08-17 | 7.2 HIGH | N/A |
| Buffer overflow in Linux su command gives root access to local users. | |||||
| CVE-1999-0401 | 1 Linux | 1 Linux Kernel | 2022-08-17 | 3.7 LOW | N/A |
| A race condition in Linux 2.2.1 allows local users to read arbitrary memory from /proc files. | |||||
| CVE-1999-0414 | 1 Linux | 1 Linux Kernel | 2022-08-17 | 5.0 MEDIUM | N/A |
| In Linux before version 2.0.36, remote attackers can spoof a TCP connection and pass data to the application layer before fully establishing the connection. | |||||
| CVE-1999-0431 | 1 Linux | 1 Linux Kernel | 2022-08-17 | 5.0 MEDIUM | N/A |
| Linux 2.2.3 and earlier allow a remote attacker to perform an IP fragmentation attack, causing a denial of service. | |||||