Vulnerabilities > IBM > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-04-25 | CVE-2019-4146 | Unspecified vulnerability in IBM Sterling B2B Integrator 6.0.0.0/6.0.0.1 IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1 could allow an authenticated user to obtain sensitive document information under unusual circumstances. | 3.1 |
2019-04-02 | CVE-2018-1623 | Information Exposure vulnerability in IBM Security Privileged Identity Manager 2.1.1 IBM Security Privileged Identity Manager Virtual Appliance 2.2.1 allows web pages to be stored locally which can be read by another user on the system. | 3.3 |
2019-02-04 | CVE-2018-1962 | Session Fixation vulnerability in IBM Security Identity Manager IBM Security Identity Manager 7.0.1 Virtual Appliance does not invalidate session tokens when the logout button is pressed. | 3.3 |
2019-01-08 | CVE-2018-1993 | Information Exposure vulnerability in IBM Spectrum Scale IBM Spectrum Scale (GPFS) 4.1.1, 4.2.0, 4.2.1, 4.2.2, 4.2.3, and 5.0.0 where the use of Local Read Only Cache (LROC) is enabled may caused read operation on a file to return data from a different file. | 3.3 |
2018-12-13 | CVE-2018-1804 | Session Fixation vulnerability in IBM Security Access Manager IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 does not set the secure attribute on authorization tokens or session cookies. | 3.7 |
2018-12-12 | CVE-2018-1484 | Session Fixation vulnerability in IBM Bigfix Platform IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 does not set the secure attribute on authorization tokens or session cookies. | 3.7 |
2018-12-06 | CVE-2018-1505 | Information Exposure vulnerability in IBM I2 Enterprise Insight Analysis 2.1.7/2.1.8 IBM i2 Enterprise Insight Analysis 2.1.7 allows web pages to be stored locally which can be read by another user on the system. | 3.3 |
2018-12-05 | CVE-2018-1568 | Information Exposure vulnerability in IBM Qradar Incident Forensics IBM QRadar SIEM 7.2 and 7.3 allows web pages to be stored locally which can be read by another user on the system. | 3.3 |
2018-11-09 | CVE-2016-9749 | Improper Input Validation vulnerability in IBM Campaign IBM Campaign 9.1.0, 9.1.2, 10.0, and 10.1 could allow an authenticated user with access to the local network to bypass security due to lack of input validation. | 3.3 |
2018-11-09 | CVE-2018-1842 | Improper Verification of Cryptographic Signature vulnerability in multiple products IBM Cognos Analytics 11 Configuration tool, under certain circumstances, will bypass OIDC namespace signature verification on its id_token. | 3.6 |