Vulnerabilities > IBM > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-25 | CVE-2020-4609 | Classic Buffer Overflow vulnerability in IBM Security Verify Privilege Manager IBM Security Sevret Server (IBM Security Verify Privilege Manager 10.8.2) is vulnerable to a buffer overflow, caused by improper bounds checking. | 7.8 |
| 2021-06-25 | CVE-2020-4610 | Improper Validation of Integrity Check Value vulnerability in IBM Security Verify Privilege Manager IBM Security Secret Server (IBM Security Verify Privilege Manager 10.8.2 ) could allow a local user to execute code due to improper integrity checks. | 7.8 |
| 2021-06-24 | CVE-2020-4945 | Incorrect Permission Assignment for Critical Resource vulnerability in IBM DB2 11.5 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 could allow an authenticated user to overwrite arbirary files due to improper group permissions. | 8.1 |
| 2021-06-24 | CVE-2021-29703 | Unspecified vulnerability in IBM DB2 Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to a denial of service as the server terminates abnormally when executing a specially crafted SELECT statement. | 7.5 |
| 2021-06-17 | CVE-2021-29706 | Unspecified vulnerability in IBM AIX 7.1.0 IBM AIX 7.1 could allow a non-privileged local user to exploit a vulnerability in the trace facility to expose sensitive information or cause a denial of service. | 7.1 |
| 2021-06-16 | CVE-2021-20566 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Resilient Security Orchestration Automation and Response 38.0 IBM Resilient SOAR V38.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
| 2021-06-16 | CVE-2021-29702 | Injection vulnerability in IBM DB2 Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1.4 and 11.5.5 is vulnerable to a denial of service as the server terminates abnormally when executing a specially crafted SELECT statement. | 7.5 |
| 2021-06-11 | CVE-2021-29754 | Unspecified vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a privilege escalation vulnerability when using the SAML Web Inbound Trust Association Interceptor (TAI). | 8.8 |
| 2021-06-07 | CVE-2021-20517 | Path Traversal vulnerability in IBM Websphere Application Server ND IBM WebSphere Application Server Network Deployment 8.5 and 9.0 could allow a remote authenticated attacker to traverse directories. | 8.8 |
| 2021-06-03 | CVE-2021-20380 | Unspecified vulnerability in IBM Qradar Advisor With Watson IBM QRadar Advisor With Watson App 1.1 through 2.5 as used on IBM QRadar SIEM 7.4 could allow a remote user to obtain sensitive information from HTTP requests that could aid in further attacks against the system. | 7.5 |