Vulnerabilities > IBM > I2 Ibase
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-27 | CVE-2021-29868 | Insufficient Session Expiration vulnerability in IBM I2 Ibase 8.9.13/9.0.0 IBM i2 iBase 8.9.13 and 9.0.0 could allow a local attacker to obtain sensitive information due to insufficient session expiration. | 5.5 |
| 2021-07-26 | CVE-2020-4623 | Uncontrolled Search Path Element vulnerability in IBM I2 Ibase 8.9.13 IBM i2 iBase 8.9.13 could allow a local authenticated attacker to execute arbitrary code on the system, caused by a DLL search order hijacking flaw. | 6.5 |
| 2020-10-30 | CVE-2020-4588 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM I2 Ibase 8.9.13 IBM i2 iBase 8.9.13 could allow an attacker to upload arbitrary executable files which, when executed by an unsuspecting victim could result in code execution. | 7.8 |
| 2020-10-30 | CVE-2020-4584 | Information Exposure Through an Error Message vulnerability in IBM I2 Ibase 8.9.13 IBM i2 iBase 8.9.13 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 7.5 |