cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score CVE-2023-35019,https://securityvulnerability.io/vulnerability/CVE-2023-35019,IBM Security Verify Governance command execution,"IBM Security Verify Governance and Identity Manager 10.0 are susceptible to a vulnerability that allows remote authenticated attackers to execute arbitrary commands. By sending specially crafted requests, attackers can manipulate system operations, potentially leading to unauthorized actions and compromising system integrity. Users of these products should take immediate action to apply security updates and prevent exploitation.",IBM,"Security Verify Governance, Identity Manager",7.2,HIGH,0.0012600000482052565,false,,false,false,false,,,false,false,,2023-07-31T01:15:00.000Z,0 CVE-2023-35016,https://securityvulnerability.io/vulnerability/CVE-2023-35016,IBM Security Verify Governance path traversal,"IBM Security Verify Governance, Identity Manager 10.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing ""dot dot"" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 257772.",IBM,"Security Verify Governance, Identity Manager",6.5,MEDIUM,0.0006300000241026282,false,,false,false,false,,,false,false,,2023-07-31T01:15:00.000Z,0 CVE-2022-22449,https://securityvulnerability.io/vulnerability/CVE-2022-22449,"IBM Security Verify Governance, Identity Manager information disclosure","IBM Security Verify Governance, Identity Manager 10.01 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 224915.",IBM,"Security Verify Governance, Identity Manager",5.3,MEDIUM,0.0009899999713525176,false,,false,false,false,,,false,false,,2022-12-22T21:26:07.329Z,0 CVE-2022-22457,https://securityvulnerability.io/vulnerability/CVE-2022-22457,"IBM Security Verify Governance, Identity Manager information disclosure","IBM Security Verify Governance, Identity Manager 10.0.1 stores sensitive information including user credentials in plain clear text which can be read by a local privileged user. IBM X-Force ID: 225007.",IBM,"Security Verify Governance, Identity Manager",5.3,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2022-12-22T21:20:51.390Z,0 CVE-2022-22458,https://securityvulnerability.io/vulnerability/CVE-2022-22458,"IBM Security Verify Governance, Identity Manager information disclosure"," IBM Security Verify Governance, Identity Manager 10.0.1 stores user credentials in plain clear text which can be read by a remote authenticated user. IBM X-Force ID: 225009. ",IBM,"Security Verify Governance, Identity Manager",6.3,MEDIUM,0.0010100000072270632,false,,false,false,false,,,false,false,,2022-12-22T21:14:32.564Z,0 CVE-2022-22456,https://securityvulnerability.io/vulnerability/CVE-2022-22456,"IBM Security Verify Governance, Identity Manager cross-site scripting"," IBM Security Verify Governance, Identity Manager 10.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 225004. ",IBM,"Security Verify Governance, Identity Manager",4.2,MEDIUM,0.0006500000017695129,false,,false,false,false,,,false,false,,2022-12-22T21:08:16.555Z,0 CVE-2022-22461,https://securityvulnerability.io/vulnerability/CVE-2022-22461,"IBM Security Verify Governance, Identity Manager information disclosure "," IBM Security Verify Governance, Identity Manager 10.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 225007. ",IBM,"Security Verify Governance, Identity Manager",5.9,MEDIUM,0.001019999966956675,false,,false,false,false,,,false,false,,2022-12-22T19:39:32.078Z,0 CVE-2022-35646,https://securityvulnerability.io/vulnerability/CVE-2022-35646,"IBM Security Verify Governance, Identity Manager security bypass"," IBM Security Verify Governance, Identity Manager 10.0.1 software component could allow an authenticated user to modify or cancel any other user's access request using man-in-the-middle techniques. IBM X-Force ID: 231096.  ",IBM,"Security Verify Governance, Identity Manager",5.9,MEDIUM,0.0007099999929778278,false,,false,false,false,,,false,false,,2022-12-22T19:08:08.335Z,0