Total
34640 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-39006 | 2 Ibm, Linux | 2 Qradar Wincollect, Linux Kernel | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
IBM QRadar WinCollect Agent 10.0 and 10.0.1 could allow an attacker to obtain sensitive information due to missing best practices. IBM X-Force ID: 213549.
|
|||||
| CVE-2021-38996 | 1 Ibm | 2 Aix, Vios | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to cause a denial of service. IBM X-Force ID: 213076.
|
|||||
| CVE-2021-38995 | 1 Ibm | 2 Aix, Vios | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to cause a denial of service. IBM X-Force ID: 213073.
|
|||||
| CVE-2021-38994 | 1 Ibm | 2 Aix, Vios | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to cause a denial of service. IBM X-Force ID: 213072.
|
|||||
| CVE-2021-38993 | 1 Ibm | 2 Aix, Vios | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the smbcd daemon to cause a denial of service. IBM X-Force ID: 212962.
|
|||||
| CVE-2021-38991 | 1 Ibm | 2 Aix, Vios | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
IBM AIX 7.0, 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the lscore command which could lead to code execution. IBM X-Force ID: 212953.
|
|||||
| CVE-2021-38990 | 1 Ibm | 2 Aix, Vios | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the mount command which could lead to code execution. IBM X-Force ID: 212952.
|
|||||
| CVE-2021-38989 | 1 Ibm | 2 Aix, Vios | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
|
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to cause a denial of service. IBM X-Force ID: 212951.
|
|||||
| CVE-2021-38988 | 1 Ibm | 2 Aix, Vios | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
|
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to cause a denial of service. IBM X-Force ID: 212950.
|
|||||
| CVE-2021-38975 | 3 Ibm, Linux, Microsoft | 5 Aix, Security Guardium Key Lifecycle Manager, Security Key Lifecycle Manager and 2 more | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 could allow an authenticated user to to obtain sensitive information from a specially crafted HTTP request. IBM X-Force ID: 212780.
|
|||||
| CVE-2021-38974 | 3 Ibm, Linux, Microsoft | 5 Aix, Security Guardium Key Lifecycle Manager, Security Key Lifecycle Manager and 2 more | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 could allow an authenticated user to cause a denial of service using specially crafted HTTP requests. IBM X-Force ID: 212779.
|
|||||
| CVE-2021-38971 | 1 Ibm | 1 Data Virtualization On Cloud Pak For Data | 2024-11-21 | 4.0 MEDIUM | 4.9 MEDIUM |
|
IBM Data Virtualization on Cloud Pak for Data 1.3.0, 1.4.1, 1.5.0, 1.7.1 and 1.7.3 could allow an authorized user to bypass data masking rules and obtain sensitve information. IBM X-Force ID: 212620.
|
|||||
| CVE-2021-38958 | 1 Ibm | 1 Mq Appliance | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
IBM MQ Appliance 9.2 CD and 9.2 LTS is affected by a denial of service attack caused by a concurrency issue. IBM X-Force ID: 212042
|
|||||
| CVE-2021-38955 | 1 Ibm | 2 Aix, Vios | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
|
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a local user with elevated privileges to cause a denial of service due to a file creation vulnerability in the audit commands. IBM X-Force ID: 211825.
|
|||||
| CVE-2021-38954 | 3 Ibm, Linux, Microsoft | 4 Aix, Sterling B2b Integrator, Linux Kernel and 1 more | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
|
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5 and 6.1.0.0 through 6.1.1.0 could disclose sensitive version information that could aid in future attacks against the system. IBM X-Force ID: 211414.
|
|||||
| CVE-2021-38951 | 5 Hp, Ibm, Linux and 2 more | 8 Hp-ux, Aix, I and 5 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume all available CPU resources. IBM X-Force ID: 211405.
|
|||||
| CVE-2021-38950 | 1 Ibm | 1 Mq For Hpe Nonstop | 2024-11-21 | 4.4 MEDIUM | 7.8 HIGH |
|
IBM MQ on HPE NonStop 8.0.4 and 8.1.0 is vulnerable to a privilege escalation attack when SharedBindingsUserId is set to effective. IBM X-ForceID: 211404.
|
|||||
| CVE-2021-38941 | 2 Ibm, Linux | 2 Cloud Pak For Multicloud Management Monitoring, Linux Kernel | 2024-11-21 | 5.5 MEDIUM | 8.1 HIGH |
|
IBM CloudPak for Multicloud Monitoring 2.0 and 2.3 has a few containers running in privileged mode which is vulnerable to host information leakage or destruction if unauthorized access to these containers could execute arbitrary commands. IBM X-Force ID: 211048.
|
|||||
| CVE-2021-38937 | 1 Ibm | 1 Powervm Hypervisor | 2024-11-21 | 6.8 MEDIUM | 6.5 MEDIUM |
|
IBM PowerVM Hypervisor FW940, FW950, and FW1010 could allow an authenticated user to cause the system to crash using a specially crafted IBMi Hypervisor call. IBM X-Force ID: 210894.
|
|||||
| CVE-2021-38936 | 2 Ibm, Linux | 2 Qradar Security Information And Event Manager, Linux Kernel | 2024-11-21 | N/A | 4.9 MEDIUM |
|
IBM QRadar SIEM 7.3, 7.4, and 7.5 could disclose highly sensitive information to a privileged user. IBM X-Force ID: 210893.
|
|||||
| CVE-2021-38930 | 1 Ibm | 2 System Storage Ds8000 Management Console, System Storage Ds8000 Management Console Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
IBM System Storage DS8000 Management Console (HMC) R8.5 88.5x.x.x, R9.1 89.1x.0.0, and R9.2 89.2x.0.0 could allow a remote attacker to obtain sensitive information through unpublished URLs. IBM X-Force ID: 210331.
|
|||||
| CVE-2021-38929 | 1 Ibm | 2 System Storage Ds8000 Management Console, System Storage Ds8000 Management Console Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
IBM System Storage DS8000 Management Console (HMC) R8.5 88.5x.x.x, R9.1 89.1x.0.0, and R9.2 89.2x.0.0 could allow a remote attacker to obtain sensitive information through unpublished URLs. IBM X-Force ID: 210330.
|
|||||
| CVE-2021-38928 | 1 Ibm | 1 Sterling B2b Integrator | 2024-11-21 | N/A | 5.4 MEDIUM |
|
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 uses Cross-Origin Resource Sharing (CORS) which could allow an attacker to carry out privileged actions and retrieve sensitive information as the domain name is not being limited to only trusted domains. IBM X-Force ID: 210323.
|
|||||
| CVE-2021-38926 | 6 Hp, Ibm, Linux and 3 more | 7 Hp-ux, Aix, Db2 and 4 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local user to gain privileges due to allowing modification of columns of existing tasks. IBM X-Force ID: 210321.
|
|||||
| CVE-2021-38923 | 1 Ibm | 2 Powervm Hypervisor, Powervm Hypervisor Firmware | 2024-11-21 | 6.5 MEDIUM | 9.1 CRITICAL |
|
IBM PowerVM Hypervisor FW1010 could allow a privileged user to gain access to another VM due to assigning duplicate WWPNs. IBM X-Force ID: 210162.
|
|||||
| CVE-2021-38919 | 2 Ibm, Linux | 2 Qradar Security Information And Event Manager, Linux Kernel | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
IBM QRadar SIEM 7.3, 7.4, and 7.5 in some senarios may reveal authorized service tokens to other QRadar users. IBM X-Force ID: 210021
|
|||||
| CVE-2021-38918 | 1 Ibm | 1 Powervm Hypervisor | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
IBM PowerVM Hypervisor FW860, FW940, FW950, and FW1010, through a specific sequence of VM management operations could lead to a violation of the isolation between peer VMs. IBM X-Force ID: 210019.
|
|||||
| CVE-2021-38917 | 1 Ibm | 1 Powervm Hypervisor | 2024-11-21 | 9.4 HIGH | 9.1 CRITICAL |
|
IBM PowerVM Hypervisor FW860, FW940, and FW950 could allow an attacker that gains service access to the FSP can read and write arbitrary host system memory through a series of carefully crafted service procedures. IBM X-Force ID: 210018.
|
|||||
| CVE-2021-38905 | 2 Ibm, Netapp | 2 Cognos Analytics, Oncommand Insight | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
|
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 could allow an authenticated user to view report pages that they should not have access to. IBM X-Force ID: 209697.
|
|||||
| CVE-2021-38904 | 2 Ibm, Netapp | 2 Cognos Analytics, Oncommand Insight | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 could allow a remote attacker to obtain credentials from a user's browser via incorrect autocomplete settings. IBM X-Force ID: 209693.
|
|||||
| CVE-2021-38899 | 1 Ibm | 1 Cloud Pak For Data | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
|
IBM Cloud Pak for Data 2.5 could allow a local user with special privileges to obtain highly sensitive information. IBM X-Force ID: 209575.
|
|||||
| CVE-2021-38887 | 1 Ibm | 1 Infosphere Information Server | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information from application response requests that could be used in further attacks against the system. IBM X-Force ID: 209401.
|
|||||
| CVE-2021-38882 | 2 Ibm, Linux | 2 Spectrum Scale, Linux Kernel | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
|
IBM Spectrum Scale 5.1.0 through 5.1.1.1 could allow a privileged admin to destroy filesystem audit logging records before expiration time. IBM X-Force ID: 209164.
|
|||||
| CVE-2021-38875 | 1 Ibm | 1 Mq | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
IBM MQ 8.0, 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.1 CD, and 9.2 CD is vulnerable to a denial of service attack caused by an error processing messages. IBM X-Force ID: 208398.
|
|||||
| CVE-2021-38874 | 2 Ibm, Linux | 2 Qradar Security Information And Event Manager, Linux Kernel | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
|
IBM QRadar SIEM 7.3, 7.4, and 7.5 allows for users to access information across tenant and domain boundaries in some situations. IBM X-Force ID: 208397.
|
|||||
| CVE-2021-38872 | 1 Ibm | 1 Datapower Gateway | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
IBM DataPower Gateway 10.0.2.0, 10.0.3.0, 10.0.1.0 through 10.0.1.4, and 2018.4.1.0 through 2018.4.1.17 could allow a remote user to cause a denial of service by consuming resources with multiple requests. IBM X-Force ID: 208348.
|
|||||
| CVE-2021-38859 | 3 Apple, Ibm, Microsoft | 3 Macos, Security Verify Privilege On-premises, Windows | 2024-11-21 | N/A | 4.3 MEDIUM |
|
IBM Security Verify Privilege On-Premises 11.5 could allow a user to obtain version number information using a specially crafted HTTP request that could be used in further attacks against the system. IBM X-Force ID: 207899.
|
|||||
| CVE-2021-38834 | 1 Easy-mock Project | 1 Easy Mock | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
easy-mock v1.5.0-v1.6.0 allows remote attackers to bypass the vm2 sandbox and execute arbitrary system commands through special js code.
|
|||||
| CVE-2021-38788 | 1 Allwinnertech | 2 Android Q Sdk, R818 | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
The Background service in Allwinner R818 SoC Android Q SDK V1.0 is used to manage background applications. Malicious apps can use the interface provided by the service to set the number of applications allowed to run in the background to 0 and add themselves to the whitelist, so that once other applications enter the background, they will be forcibly stopped by the system, causing a denial of service.
|
|||||
| CVE-2021-38672 | 1 Microsoft | 2 Windows 11, Windows Server 2022 | 2024-11-21 | 5.2 MEDIUM | 8.0 HIGH |
|
Windows Hyper-V Remote Code Execution Vulnerability
|
|||||