Vulnerabilities > IBM > Low

DATE CVE VULNERABILITY TITLE RISK
2021-11-08 CVE-2020-4153 Cross-site Scripting vulnerability in IBM Qradar Network Security
IBM QRadar Network Security 5.4.0 and 5.5.0 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
2021-11-02 CVE-2021-29771 Cross-site Scripting vulnerability in IBM Infosphere Information Server 11.7
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
2021-10-27 CVE-2021-29868 Insufficient Session Expiration vulnerability in IBM I2 Ibase 8.9.13/9.0.0
IBM i2 iBase 8.9.13 and 9.0.0 could allow a local attacker to obtain sensitive information due to insufficient session expiration.
local
low complexity
ibm CWE-613
2.1
2021-10-27 CVE-2021-29713 Cross-site Scripting vulnerability in IBM products
IBM Jazz Team Server products are vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
2021-10-27 CVE-2021-29673 Cross-site Scripting vulnerability in IBM products
IBM Jazz Team Server products are vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
2021-10-19 CVE-2021-29912 Cross-site Scripting vulnerability in IBM Security Risk Manager on Cp4S 1.7.0.0
IBM Security Risk Manager on CP4S 1.7.0.0 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
2021-10-18 CVE-2021-29878 Cross-site Scripting vulnerability in IBM Business Automation Workflow
IBM Business Automation Workflow 18.0, 19.0, 20.0, and 21.0 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
2021-10-15 CVE-2020-4951 Information Exposure vulnerability in multiple products
IBM Cognos Analytics 11.1.7 and 11.2.0 contains locally cached browser data, that could allow a local attacker to obtain sensitive information.
local
low complexity
ibm netapp CWE-200
2.1
2021-10-08 CVE-2021-29906 Unspecified vulnerability in IBM APP Connect Enterprise Certified Container
IBM App Connect Enterprise Certified Container 1.0, 1.1, 1.2, 1.3, 1.4 and 1.5 could disclose sensitive information to a local user when it is configured to use an IBM Cloud API key to connect to cloud-based connectors.
local
ibm
1.9
2021-10-07 CVE-2021-20571 Cross-site Scripting vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator 5.2.0.0 through 6.1.1.0 is vulnerable to stored cross-site scripting.
network
ibm CWE-79
3.5