Vulnerabilities > IBM > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-15 | CVE-2019-4012 | SQL Injection vulnerability in IBM products IBM BigFix WebUI Profile Management 6 and Software Distribution 23 is vulnerable to SQL injection. | 9.8 |
| 2019-04-10 | CVE-2019-4013 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Bigfix Platform IBM BigFix Platform 9.5 could allow any authenticated user to upload any file to any location on the server with root privileges. | 9.9 |
| 2019-04-10 | CVE-2018-1994 | SQL Injection vulnerability in IBM products IBM InfoSphere Information Server 11.5 and 11.7 is vulnerable to SQL injection. | 9.8 |
| 2019-04-08 | CVE-2019-4155 | Unspecified vulnerability in IBM API Connect IBM API Connect's Developer Portal 2018.1 and 2018.4.1.3 is impacted by a privilege escalation vulnerability when integrated with an OpenID Connect (OIDC) user registry. | 9.8 |
| 2019-03-05 | CVE-2019-4032 | SQL Injection vulnerability in IBM Financial Transaction Manager IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.1.0 is vulnerable to SQL injection. | 9.8 |
| 2019-02-21 | CVE-2018-1944 | Use of Hard-coded Credentials vulnerability in IBM Security Identity Governance and Intelligence IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. | 9.8 |
| 2019-02-15 | CVE-2019-4059 | Insufficiently Protected Credentials vulnerability in IBM Rational Clearcase IBM Rational ClearCase 1.0.0.0 GIT connector does not sufficiently protect the document database password. | 9.8 |
| 2019-02-15 | CVE-2018-1727 | XXE vulnerability in IBM Infosphere Information Server IBM InfoSphere Information Server 9.1, 11.3, 11.5, and 11.7 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. | 9.1 |
| 2019-02-07 | CVE-2019-4008 | Information Exposure Through Log Files vulnerability in IBM API Connect API Connect V2018.1 through 2018.4.1.1 is impacted by access token leak. | 9.8 |
| 2019-01-14 | CVE-2018-1969 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Security Identity Manager IBM Security Identity Manager 6.0.0 allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment. | 9.9 |