Vulnerabilities > IBM > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-26 | CVE-2021-29672 | Out-of-bounds Write vulnerability in IBM products IBM Spectrum Protect Client 8.1.0.0-8 through 1.11.0 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking when processing the current locale settings. | 7.8 |
| 2021-04-21 | CVE-2021-20501 | Unspecified vulnerability in IBM I IBM i 7.1, 7.2, 7.3, and 7.4 SMTP allows a network attacker to send emails to non-existent local-domain recipients to the SMTP server, caused by using a non-default configuration. | 8.2 |
| 2021-04-21 | CVE-2021-20454 | XXE vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. | 8.2 |
| 2021-04-20 | CVE-2021-20453 | XXE vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 8.0, 8.5, and 9.0 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. | 8.2 |
| 2021-04-19 | CVE-2021-20527 | Command Injection vulnerability in IBM Resilient IBM Resilient SOAR V38.0 could allow a privileged user to create create malicious scripts that could be executed as another user. | 7.2 |
| 2021-04-12 | CVE-2020-4965 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM products IBM Jazz Team Server products use weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
| 2021-03-30 | CVE-2021-20502 | XXE vulnerability in IBM products IBM Jazz Foundation Products are vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. | 7.1 |
| 2021-03-30 | CVE-2021-20482 | XXE vulnerability in IBM Cloud PAK for Automation 20.0.2/20.0.3 IBM Cloud Pak for Automation 20.0.2 and 20.0.3 IF002 are vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. | 7.1 |
| 2021-03-24 | CVE-2020-5015 | Unspecified vulnerability in IBM Elastic Storage Server and Elastic Storage System IBM Elastic Storage System 6.0.0 through 6.0.1.2 and IBM Elastic Storage Server 5.3.0 through 5.3.6.2 could allow a remote attacker to cause a denial of service by sending malformed UDP requests. | 7.5 |
| 2021-03-15 | CVE-2020-4184 | Improper Privilege Management vulnerability in IBM Security Guardium 11.2 IBM Security Guardium 11.2 performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses. | 7.3 |