Vulnerabilities > IBM > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-25 | CVE-2019-4135 | Unspecified vulnerability in IBM Security Access Manager IBM Security Access Manager 9.0.1 through 9.0.6 is affected by a security vulnerability that could allow authenticated users to impersonate other users. | 8.8 |
| 2019-06-25 | CVE-2018-1858 | Cross-Site Request Forgery (CSRF) vulnerability in IBM API Connect IBM API Connect 5.0.0.0 through 5.0.8.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2019-06-19 | CVE-2019-4364 | Improper Neutralization of Formula Elements in a CSV File vulnerability in IBM products IBM Maximo Asset Management 7.6 is vulnerable to CSV injection, which could allow a remote authenticated attacker to execute arbirary commands on the system. | 8.0 |
| 2019-06-18 | CVE-2019-4142 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Cloud Private IBM Cloud Private 2.1.0, 3.1.0, 3.1.1, and 3.1.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2019-06-17 | CVE-2019-4103 | Unspecified vulnerability in IBM Tivoli Netcool/Impact 7.1.0 IBM Tivoli Netcool/Impact 7.1.0 allows for remote execution of command by low privileged User. low complexity ibm | 8.0 |
| 2019-06-17 | CVE-2018-1845 | XXE vulnerability in IBM products IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. | 7.1 |
| 2019-06-07 | CVE-2019-4069 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM products IBM Intelligent Operations Center (IOC) 5.1.0 through 5.2.0 does not properly validate file types, allowing an attacker to upload malicious content. | 8.8 |
| 2019-06-07 | CVE-2019-4068 | Improper Restriction of Excessive Authentication Attempts vulnerability in IBM products IBM Intelligent Operations Center (IOC) 5.1.0 through 5.2.0 is vulnerable to user enumeration, allowing an attacker to brute force into the system. | 7.5 |
| 2019-06-07 | CVE-2019-4067 | Weak Password Requirements vulnerability in IBM products IBM Intelligent Operations Center (IOC) 5.1.0 through 5.2.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. | 7.5 |
| 2019-06-07 | CVE-2019-4066 | Unspecified vulnerability in IBM products IBM Intelligent Operations Center (IOC) 5.1.0 through 5.2.0 could allow an authenciated user to create arbitrary users which could cause ID management issues and result in code execution. | 8.8 |