Vulnerabilities > IBM > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-20 | CVE-2018-1796 | Unspecified vulnerability in IBM Informix Dynamic Server 12.10 IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user to load malicious libraries and gain root privileges. | 7.8 |
| 2019-08-05 | CVE-2019-3800 | Information Exposure vulnerability in multiple products CF CLI version prior to v6.45.0 (bosh release version 1.16.0) writes the client id and secret to its config file when the user authenticates with --client-credentials flag. | 7.8 |
| 2019-08-05 | CVE-2019-4473 | Uncontrolled Search Path Element vulnerability in IBM Java 7.0.0.0/7.1.4.50/8.0 Multiple binaries in IBM SDK, Java Technology Edition 7, 7R, and 8 on the AIX platform use insecure absolute RPATHs, which may facilitate code injection and privilege elevation by local users. | 7.8 |
| 2019-08-02 | CVE-2018-1987 | Improper Authentication vulnerability in IBM Data Protection IBM Spectrum Protect for Enterprise Resource Planning 7.1 and 8.1, if tracing is activated, the IBM Spectrum Protect node password may be displayed in plain text in the ERP trace file. | 7.8 |
| 2019-07-31 | CVE-2019-4165 | Unspecified vulnerability in IBM Storediq IBM StoreIQ 7.6.0.0. | 7.5 |
| 2019-07-30 | CVE-2019-4456 | XXE vulnerability in IBM Daeja Viewone IBM Daeja ViewONE Professional, Standard & Virtual 5.0.5 and 5.0.6 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. | 7.1 |
| 2019-07-30 | CVE-2019-4062 | XXE vulnerability in IBM I2 Intelligent Analysis Platform IBM i2 Intelligent Analyis Platform 9.0.0 through 9.1.1 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. | 7.1 |
| 2019-07-25 | CVE-2019-4415 | Unspecified vulnerability in IBM Cloud Private 3.1.1/3.1.2 IBM Cloud Private 3.1.1 and 3.1.2 could allow a local user to obtain elevated privileges due to improper security context constraints. | 7.8 |
| 2019-07-25 | CVE-2019-4212 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.2 and 7.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2019-07-22 | CVE-2019-4267 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM Spectrum Protect The IBM Spectrum Protect 7.1 and 8.1 Backup-Archive Client is vulnerable to a buffer overflow. | 7.8 |