Busca de CVEs

362.810 resultados
CVE-2026-11806HIGHIBM WebSphere Application Server Liberty is affected by a an arbitrary file read vulnerabilityEPSS 0.5%CVE-2026-11906MEDIUMIBM® Db2® federated server is vulnerable to a denial of service due to improper neutralization of special elements in the data query logic of XMLTable-derived columns by autheticated userEPSS 0.4%CVE-2026-12084MEDIUMIBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is susceptible to a Permissive Cross-domain Security Policy with Untrusted DomainsEPSS 0.1%CVE-2026-12085MEDIUMIBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is susceptable to an Insertion of Sensitive Information Into Sent Data vulnerabilityEPSS 0.2%CVE-2026-12086MEDIUMIBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is susceptible to a Insertion of Sensitive Information into Log File VulnerabilityEPSS 0.1%CVE-2026-13449HIGHXXE attack in IBM Business Automation Manager Open EditionsEPSS 0.4%CVE-2026-13759HIGHIBM WebSphere eXtreme Scale is affected by Insecure DeserilizationEPSS 0.3%CVE-2026-13772HIGHIBM WebSphere eXtreme Scale's OQL is affected by remote code executionEPSS 0.3%CVE-2026-13773MEDIUMIBM WebSphere eXtreme Scale is affected by server side request forgery when ORB is used as Transport ProtocolEPSS 3.0%CVE-2026-3602MEDIUMIBM App Connect Enterprise and IBM Integration Bus for z/OS toolkit is vulnerable to an sql injectionEPSS 0.2%CVE-2026-7663CRITICALUnauthenticated Cross-User MCP Resource Access and Tool Execution via Streamable Transport Authorization BypassEPSS 0.2%CVE-2026-7803CRITICALFlow Validation Bypass via Empty Component Type FieldEPSS 0.4%CVE-2026-7871CRITICALInsecure Deserialization in Redis Cache BackendEPSS 0.4%CVE-2026-7873CRITICALCode Injection Vulnerability in Code Validation EndpointEPSS 0.3%CVE-2026-7874CRITICALWeak Cryptographic Key Derivation Exposed All Stored CredentialsEPSS 0.2%CVE-2026-9002MEDIUMIBM WebSphere eXtremes Scale is affected by uncontrolled resource consumption when XDF is enabledEPSS 0.3%CVE-2026-9836LOWIBM DataStage Flow Designer application is affected by an information disclosure vulnerabilityEPSS 0.2%CVE-2026-58138CRITICALOrkes Conductor 3.21.21 < 3.30.2 Unauthenticated RCE via GraalVM Script EvaluatorsEPSS 0.9%CVE-2026-10513HIGHWebmention <= 5.8.0 - Unauthenticated Stored Cross-Site Scripting via MF2 'photo'/'url' Author PropertiesEPSS 0.2%CVE-2026-10655MEDIUMUse-after-free race in SNTP async client when closing the socket while the socket service is still polling itEPSS 0.2%