Vulnerabilities > IBM > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-02 | CVE-2019-4088 | Unspecified vulnerability in IBM Spectrum Protect Operations Center IBM Spectrum Protect Servers 7.1 and 8.1 and Storage Agents could allow a local attacker to gain elevated privileges on the system, caused by loading a specially crafted library loaded by the dsmqsan module. | 7.8 |
| 2019-07-01 | CVE-2019-4322 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM DB2 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. | 7.8 |
| 2019-07-01 | CVE-2019-4298 | Unspecified vulnerability in IBM Robotic Process Automation With Automation Anywhere IBM Robotic Process Automation with Automation Anywhere 11 uses a high privileged PostgreSQL account for database access which could allow a local user to perform actions they should not have privileges to execute. | 7.1 |
| 2019-07-01 | CVE-2019-4154 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM DB2 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. | 7.8 |
| 2019-06-28 | CVE-2019-4269 | Information Exposure Through an Error Message vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin Console could allow a remote attacker to obtain sensitive information when a specially crafted url causes a stack trace to be dumped. | 7.5 |
| 2019-06-27 | CVE-2019-4252 | Path Traversal vulnerability in IBM products IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 could allow a remote attacker to traverse directories on the system. | 7.5 |
| 2019-06-26 | CVE-2019-4241 | Unspecified vulnerability in IBM Pureapplication System IBM PureApplication System 2.2.3.0 through 2.2.5.3 could allow an authenticated user with local access to bypass authentication and obtain administrative access. | 7.8 |
| 2019-06-26 | CVE-2019-4235 | Weak Password Requirements vulnerability in IBM Pureapplication System IBM PureApplication System 2.2.3.0 through 2.2.5.3 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. | 7.5 |
| 2019-06-26 | CVE-2019-4224 | SQL Injection vulnerability in IBM Pureapplication System IBM PureApplication System 2.2.3.0 through 2.2.5.3 is vulnerable to SQL injection. | 8.8 |
| 2019-06-25 | CVE-2019-4145 | Unspecified vulnerability in IBM Security Access Manager IBM Security Access Manager 9.0.1 through 9.0.6 could reveal highly sensitive in specialized conditions to a local user which could be used in further attacks against the system. | 7.1 |