CVSS: 7.8EPSS: 0%CPEs: 77EXPL: 0CVE-2022-28638
https://notcve.org/view.php?id=CVE-2022-28638
An isolated local disclosure of information and potential isolated local arbitrary code execution vulnerability that could potentially lead to a loss of confidentiality, integrity, and availability were discovered in HPE Integrated Lights-Out 5 (iLO 5) in Version: 2.71. Hewlett Packard Enterprise has provided updated firmware for HPE Integrated Lights-Out 5 (iLO 5) that addresses these security vulnerabilities. Se ha detectado una divulgación local aislada de información y una posible vulnerabilidad local aislada de ejecución de código arbitrario que podría conllevar a una pérdida de confidencialidad, integridad y disponibilidad en HPE Integrated Lights-Out 5 (iLO 5), en Versión: 2.71, . Hewlett Packard Enterprise ha proporcionado un firmware actualizado para HPE Integrated Lights-Out 5 (iLO 5) que aborda estas vulnerabilidades de seguridad • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04365en_us •
CVSS: 8.8EPSS: 0%CPEs: 77EXPL: 0CVE-2022-28640
https://notcve.org/view.php?id=CVE-2022-28640
A potential local adjacent arbitrary code execution vulnerability that could potentially lead to a loss of confidentiality, integrity, and availability was discovered in HPE Integrated Lights-Out 5 (iLO 5) in Version: 2.71. Hewlett Packard Enterprise has provided updated firmware for HPE Integrated Lights-Out 5 (iLO 5) that addresses this security vulnerability. Se ha detectado una potencial vulnerabilidad de ejecución de código arbitrario local adyacente que podría conllevar a una pérdida de confidencialidad, integridad y disponibilidad en HPE Integrated Lights-Out 5 (iLO 5) en versión: 2.71. Hewlett Packard Enterprise ha proporcionado un firmware actualizado para HPE Integrated Lights-Out 5 (iLO 5) que aborda esta vulnerabilidad de seguridad • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04365en_us •
CVSS: 6.5EPSS: 0%CPEs: 14EXPL: 0CVE-2022-35637
https://notcve.org/view.php?id=CVE-2022-35637
IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a denial of service after entering a malformed SQL statement into the Db2expln tool. IBM X-Force ID: 230823. IBM Db2 para Linux, UNIX y Windows versiones 9.7, 10.1, 10.5, 11.1 y 11.5, es vulnerable a una denegación de servicio tras introducir una sentencia SQL malformada en la herramienta Db2expln. IBM X-Force ID: 230823 • https://exchange.xforce.ibmcloud.com/vulnerabilities/230823 https://security.netapp.com/advisory/ntap-20230921-0003 https://www.ibm.com/support/pages/node/6618775 •
CVSS: 5.4EPSS: 0%CPEs: 11EXPL: 0CVE-2022-34336
https://notcve.org/view.php?id=CVE-2022-34336
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 229714. IBM WebSphere Application Server versiones 7.0, 8.0, 8.5 y 9.0 es vulnerable a un ataque de tipo cross-site scripting. Esta vulnerabilidad permite a usuarios incrustar código JavaScript arbitrario en la interfaz de usuario web, alterando así la funcionalidad prevista y conllevando potencialmente a una divulgación de credenciales dentro de una sesión confiable. • https://exchange.xforce.ibmcloud.com/vulnerabilities/229714 https://www.ibm.com/support/pages/node/6619699 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 20EXPL: 0CVE-2022-22483
https://notcve.org/view.php?id=CVE-2022-22483
IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to an information disclosure in some scenarios due to unauthorized access caused by improper privilege management when CREATE OR REPLACE command is used. IBM X-Force ID: 225979. IBM Db2 para Linux, UNIX y Windows versiones 9.7, 10.1, 10.5, 11.1 y 11.5, es vulnerable a una divulgación de información en algunos escenarios debido a un acceso no autorizado causado por una administración de privilegios inapropiada cuando es usado el comando CREATE OR REPLACE. IBM X-Force ID: 225979 • https://exchange.xforce.ibmcloud.com/vulnerabilities/225979 https://security.netapp.com/advisory/ntap-20230921-0004 https://www.ibm.com/support/pages/node/6618779 • CWE-269: Improper Privilege Management •