Vulnerabilities > IBM > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-21 | CVE-2020-4579 | Unspecified vulnerability in IBM Datapower Gateway IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.12 could allow a remote attacker to cause a denial of service by sending a specially crafted HTTP/2 request with invalid characters. | 7.5 |
| 2020-09-16 | CVE-2020-4409 | Open Redirect vulnerability in IBM products IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow a remote attacker to conduct phishing attacks, using a tabnabbing attack. | 8.2 |
| 2020-09-15 | CVE-2020-4703 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Spectrum Protect Plus IBM Spectrum Protect Plus 10.1.0 through 10.1.6 Administrative Console could allow an authenticated attacker to upload arbitrary files which could be execute arbitrary code on the vulnerable server. | 8.0 |
| 2020-09-15 | CVE-2020-4521 | Deserialization of Untrusted Data vulnerability in IBM Maximo Asset Management IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in Java. | 8.8 |
| 2020-09-04 | CVE-2020-4545 | Untrusted Search Path vulnerability in IBM Aspera Connect 3.9.8/3.9.9 IBM Aspera Connect 3.9.9 could allow a remote attacker to execute arbitrary code on the system, caused by improper loading of Dynamic Link Libraries by the import feature. | 7.8 |
| 2020-09-03 | CVE-2020-4638 | Unspecified vulnerability in IBM API Connect IBM API Connect's API Manager 2018.4.1.0 through 2018.4.1.12 is vulnerable to privilege escalation. | 7.2 |
| 2020-09-01 | CVE-2012-3336 | SQL Injection vulnerability in IBM Infosphere Guardium 8.0/8.01/8.2 IBM InfoSphere Guardium 8.0, 8.01, and 8.2 is vulnerable to SQL injection. | 8.8 |
| 2020-08-28 | CVE-2020-4559 | Improper Input Validation vulnerability in IBM Spectrum Protect IBM Spectrum Protect 7.1 and 8.1 could allow an attacker to cause a denial of service due ti improper validation of user-supplied input. | 7.5 |
| 2020-08-27 | CVE-2020-4603 | Improper Privilege Management vulnerability in IBM Security Guardium Insights 2.0.1 IBM Security Guardium Insights 2.0.1 performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses. | 7.2 |
| 2020-08-27 | CVE-2020-4174 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Security Guardium Insights 2.0.1 IBM Security Guardium Insights 2.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |