Show filters
1,202 Total Results
Displaying 171-180 of 1,202
Sort by:
Attacker Value
Unknown
CVE-2022-21935
Disclosure Date: June 14, 2022 (last updated February 23, 2025)
A vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 allows unverified password change.
0
Attacker Value
Unknown
CVE-2022-21937
Disclosure Date: June 14, 2022 (last updated February 23, 2025)
Under certain circumstances, a vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 could allow a user to inject malicious code into the web interface.
0
Attacker Value
Unknown
CVE-2022-21938
Disclosure Date: June 14, 2022 (last updated February 23, 2025)
Under certain circumstances, a vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 could allow a user to inject malicious code into the MUI Graphics web interface.
0
Attacker Value
Unknown
CVE-2022-22365
Disclosure Date: May 19, 2022 (last updated October 07, 2023)
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0, with the Ajax Proxy Web Application (AjaxProxy.war) deployed, is vulnerable to spoofing by allowing a man-in-the-middle attacker to spoof SSL server hostnames. IBM X-Force ID: 220904.
0
Attacker Value
Unknown
CVE-2022-22475
Disclosure Date: May 16, 2022 (last updated October 07, 2023)
IBM WebSphere Application Server Liberty and Open Liberty 17.0.0.3 through 22.0.0.5 are vulnerable to identity spoofing by an authenticated user. IBM X-Force ID: 225603.
0
Attacker Value
Unknown
CVE-2022-22393
Disclosure Date: May 12, 2022 (last updated October 07, 2023)
IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.5 , with the adminCenter-1.0 feature configured, could allow an authenticated user to issue a request to obtain the status of HTTP/HTTPS ports which are accessible by the application server. IBM X-Force ID: 222078.
0
Attacker Value
Unknown
CVE-2022-29611
Disclosure Date: May 11, 2022 (last updated February 23, 2025)
SAP NetWeaver Application Server for ABAP and ABAP Platform do not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.
0
Attacker Value
Unknown
CVE-2022-29610
Disclosure Date: May 11, 2022 (last updated February 23, 2025)
SAP NetWeaver Application Server ABAP allows an authenticated attacker to upload malicious files and delete (theme) data, which could result in Stored Cross-Site Scripting (XSS) attack.
0
Attacker Value
Unknown
CVE-2022-21934
Disclosure Date: May 05, 2022 (last updated February 23, 2025)
Under certain circumstances an authenticated user could lock other users out of the system or take over their accounts in Metasys ADS/ADX/OAS server 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS server 11 versions prior to 11.0.2.
0
Attacker Value
Unknown
CVE-2021-36207
Disclosure Date: April 28, 2022 (last updated February 23, 2025)
Under certain circumstances improper privilege management in Metasys ADS/ADX/OAS servers versions 10 and 11 could allow an authenticated user to elevate their privileges to administrator.
0
