Vulnerabilities > IBM > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-23 | CVE-2021-38864 | Improper Certificate Validation vulnerability in IBM Security Verify Bridge IBM Security Verify Bridge 1.0.5.0 could allow a user to obtain sensitive information due to improper certificate validation. | 7.5 |
| 2021-09-21 | CVE-2021-29831 | XXE vulnerability in IBM products IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. | 8.1 |
| 2021-09-16 | CVE-2021-29825 | Unspecified vulnerability in IBM DB2 11.1/11.5 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) could disclose sensitive information when using ADMIN_CMD with LOAD or BACKUP. | 7.5 |
| 2021-09-15 | CVE-2021-29750 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Qradar Security Information and Event Manager 7.3.0/7.4.0 IBM QRadar SIEM 7.3 and 7.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
| 2021-08-31 | CVE-2021-29907 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Openpages With Watson IBM OpenPages with Watson 8.1 and 8.2 could allow an authenticated user to upload a file that could execute arbitrary code on the system. | 8.8 |
| 2021-08-30 | CVE-2021-29722 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM products IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
| 2021-08-30 | CVE-2021-29723 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM products IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
| 2021-08-26 | CVE-2021-29801 | Unspecified vulnerability in IBM AIX and Vios IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the kernel to gain root privileges. | 7.8 |
| 2021-08-23 | CVE-2021-29704 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Resilient Security Orchestration Automation and Response 38.0/38.2 IBM Security SOAR uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
| 2021-08-23 | CVE-2021-29802 | Improper Privilege Management vulnerability in IBM Resilient Security Orchestration Automation and Response IBM Security SOAR performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses. | 7.5 |