Vulnerabilities > IBM > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-29 | CVE-2017-1376 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in IBM Operations Analytics Predictive Insights A flaw in the IBM J9 VM class verifier allows untrusted code to disable the security manager and elevate its privileges. | 9.8 |
| 2017-08-02 | CVE-2017-1383 | XXE vulnerability in IBM Infosphere Information Server 11.3/11.5/9.1 IBM InfoSphere Information Server 9.1, 11.3, and 11.5 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. | 9.1 |
| 2017-07-13 | CVE-2016-8964 | 7PK - Security Features vulnerability in IBM Bigfix Inventory and License Metric Tool IBM BigFix Inventory v9 9.2 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. | 9.8 |
| 2017-07-05 | CVE-2017-1253 | OS Command Injection vulnerability in IBM Security Guardium IBM Security Guardium 10.0 could allow a remote authenticated attacker to execute arbitrary commands on the system. | 9.9 |
| 2017-07-05 | CVE-2017-1175 | SQL Injection vulnerability in IBM Maximo Asset Management IBM Maximo Asset Management 7.1, 7.5, and 7.6 is vulnerable to SQL injection. | 9.8 |
| 2017-07-05 | CVE-2017-1269 | SQL Injection vulnerability in IBM Security Guardium IBM Security Guardium 10.0 and 10.1 is vulnerable to SQL injection. | 9.8 |
| 2017-06-15 | CVE-2017-1197 | Improper Restriction of Excessive Authentication Attempts vulnerability in IBM Bigfix Security Compliance Analytics 1.9.70 IBM BigFix Compliance (TEMA SUAv1 SCA SCM) uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. | 9.8 |
| 2017-06-08 | CVE-2016-6093 | Credentials Management vulnerability in IBM products IBM Tivoli Key Lifecycle Manager does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. | 9.8 |
| 2017-06-07 | CVE-2017-1196 | Weak Password Requirements vulnerability in IBM Bigfix Security Compliance Analytics 1.9.70 IBM BigFix Compliance (TEMA SUAv1 SCA SCM) 1.9.70 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. | 9.8 |
| 2017-06-07 | CVE-2016-6087 | Improper Input Validation vulnerability in IBM Domino IBM Domino 8.5 and 9.0 could allow an attacker to steal credentials using multiple sessions and large amounts of data using Domino TLS Key Exchange validation. | 9.8 |