Vulnerabilities (CVE)

Filtered by vendor Linux Subscribe
Filtered by product Linux Kernel
Total 7714 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-20557 2 Ibm, Linux 2 Security Guardium, Linux Kernel 2024-11-21 9.0 HIGH 7.2 HIGH
IBM Security Guardium 11.2 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 199184.
CVE-2021-20552 3 Ibm, Linux, Microsoft 4 Aix, Sterling File Gateway, Linux Kernel and 1 more 2024-11-21 4.0 MEDIUM 4.3 MEDIUM
IBM Sterling File Gateway 6.0.0.0 through 6.1.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 199170.
CVE-2021-20551 3 Ibm, Linux, Microsoft 3 Jazz Team Server, Linux Kernel, Windows 2024-11-21 2.1 LOW 3.3 LOW
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 199149.
CVE-2021-20550 3 Ibm, Linux, Microsoft 4 Aix, Content Navigator, Linux Kernel and 1 more 2024-11-21 3.5 LOW 5.4 MEDIUM
IBM Content Navigator 3.0.CD is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 199168.
CVE-2021-20549 3 Ibm, Linux, Microsoft 4 Aix, Content Navigator, Linux Kernel and 1 more 2024-11-21 3.5 LOW 5.4 MEDIUM
IBM Content Navigator 3.0.CD is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 199167.
CVE-2021-20544 3 Ibm, Linux, Microsoft 3 Jazz Team Server, Linux Kernel, Windows 2024-11-21 4.0 MEDIUM 4.3 MEDIUM
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 198931.
CVE-2021-20543 3 Ibm, Linux, Microsoft 3 Jazz Team Server, Linux Kernel, Windows 2024-11-21 3.5 LOW 5.4 MEDIUM
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 198929.
CVE-2021-20515 5 Hp, Ibm, Linux and 2 more 6 Hp-ux, Aix, Informix Dynamic Server and 3 more 2024-11-21 4.6 MEDIUM 6.7 MEDIUM
IBM Informix Dynamic Server 14.10 is vulnerable to a stack based buffer overflow, caused by improper bounds checking. A local privileged user could overflow a buffer and execute arbitrary code on the system or cause a denial of service condition. IBM X-Force ID: 198366.
CVE-2021-20490 2 Ibm, Linux 2 Spectrum Protect Plus, Linux Kernel 2024-11-21 2.1 LOW 5.5 MEDIUM
IBM Spectrum Protect Plus 10.1.0 through 10.1.8 could allow a local user to cause a denial of service due to insecure file permission settings. IBM X-Force ID: 197791.
CVE-2021-20488 4 Ibm, Linux, Microsoft and 1 more 5 Aix, Security Identity Manager, Linux Kernel and 2 more 2024-11-21 3.5 LOW 6.5 MEDIUM
IBM Security Identity Manager 6.0.2 could allow an authenticated malicious user to change the passwords of other users in the Windows AD environment when IBM Security Identity Manager Windows Password Synch Plug-in is deployed and configured. IBM X-Force ID: 197789.
CVE-2021-20486 3 Ibm, Linux, Redhat 3 Cloud Pak For Data, Linux Kernel, Enterprise Linux 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
IBM Cloud Pak for Data 3.0 could allow an authenticated user to obtain sensitive information when installed with additional plugins. IBM X-Force ID: 197668.
CVE-2021-20483 4 Ibm, Linux, Microsoft and 1 more 5 Aix, Security Identity Manager, Linux Kernel and 2 more 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
IBM Security Identity Manager 6.0.2 is vulnerable to server-side request forgery (SSRF). By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to obtain sensitive data. IBM X-Force ID: 197591.
CVE-2021-20480 5 Hp, Ibm, Linux and 2 more 8 Hp-ux, Aix, I and 5 more 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
IBM WebSphere Application Server 7.0, 8.0, and 8.5 is vulnerable to server-side request forgery (SSRF). By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to obtain sensitive data. IBM X-Force ID: 197502.
CVE-2021-20448 3 Ibm, Linux, Microsoft 4 Aix, Content Navigator, Linux Kernel and 1 more 2024-11-21 3.5 LOW 5.4 MEDIUM
IBM Content Navigator 3.0.CD is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 196624.
CVE-2021-20446 3 Ibm, Linux, Microsoft 3 Maximo For Civil Infrastructure, Linux Kernel, Windows 2024-11-21 3.5 LOW 5.4 MEDIUM
IBM Maximo for Civil Infrastructure 7.6.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 196622.
CVE-2021-20445 3 Ibm, Linux, Microsoft 3 Maximo For Civil Infrastructure, Linux Kernel, Windows 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
IBM Maximo for Civil Infrastructure 7.6.2 could allow a user to obtain sensitive information due to insecure storeage of authentication credentials. IBM X-Force ID: 196621.
CVE-2021-20444 3 Ibm, Linux, Microsoft 3 Maximo For Civil Infrastructure, Linux Kernel, Windows 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
IBM Maximo for Civil Infrastructure 7.6.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 196620.
CVE-2021-20443 3 Ibm, Linux, Microsoft 3 Maximo For Civil Infrastructure, Linux Kernel, Windows 2024-11-21 6.5 MEDIUM 8.8 HIGH
IBM Maximo for Civil Infrastructure 7.6.2 includes executable functionality (such as a library) from a source that is outside of the intended control sphere. IBM X-Force ID: 196619.
CVE-2021-20433 2 Ibm, Linux 2 Security Guardium, Linux Kernel 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
IBM Security Guardium 11.3 could allow a an authenticated user to obtain sensitive information that could be used in further attacks against the system. IBM X-Force ID: 196345.
CVE-2021-20432 2 Ibm, Linux 2 Spectrum Protect Plus, Linux Kernel 2024-11-21 6.4 MEDIUM 6.5 MEDIUM
IBM Spectrum Protect Plus 10.1.0 through 10.1.7 uses Cross-Origin Resource Sharing (CORS) which could allow an attacker to carry out privileged actions and retrieve sensitive information as the domain name is not being limited to only trusted domains. IBM X-Force ID: 196344.