Vulnerabilities > IBM
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-05 | CVE-2016-0238 | Information Exposure vulnerability in IBM Security Guardium IBM Security Guardium 9.0, 9.1, 9.5, 10.0, and 10.1 transmits sensitive data in cleartext in the query of the request. | 3.7 |
| 2017-06-29 | CVE-2017-1310 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM Informix Dynamic Server 12.10 IBM Informix Dynamic Server 12.1 could allow an authenticated user to cause a buffer overflow that would write large assertion fail files to the server. | 6.5 |
| 2017-06-28 | CVE-2017-1106 | Cross-site Scripting vulnerability in IBM Curam Social Program Management IBM Curam Social Program Management 5.2, 6.0, and 7.0 is vulnerable to cross-site scripting. | 5.4 |
| 2017-06-27 | CVE-2017-1328 | Unspecified vulnerability in IBM API Connect IBM API Connect 5.0.0.0 - 5.0.6.0 could allow a remote attacker to bypass security restrictions of the api, caused by improper handling of security policy. | 5.3 |
| 2017-06-27 | CVE-2017-1322 | XXE vulnerability in IBM API Connect IBM API Connect 5.0.6.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. | 8.2 |
| 2017-06-27 | CVE-2017-1297 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM products IBM DB2 for Linux, UNIX and Windows 9.2, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) is vulnerable to a stack-based buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code. | 7.3 |
| 2017-06-27 | CVE-2017-1234 | Cross-site Scripting vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar 7.2 and 7.3 is vulnerable to cross-site scripting. | 5.4 |
| 2017-06-27 | CVE-2017-1105 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM products IBM DB2 for Linux, UNIX and Windows 9.2, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) is vulnerable to a buffer overflow that could allow a local user to overwrite DB2 files or cause a denial of service. | 7.1 |
| 2017-06-27 | CVE-2016-9972 | Permissions, Privileges, and Access Controls vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar 7.2 and 7.3 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. | 5.9 |
| 2017-06-27 | CVE-2016-9738 | 7PK - Security Features vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar 7.2 and 7.3 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. | 7.5 |