Vulnerabilities > IBM > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-22 | CVE-2017-1422 | Information Exposure vulnerability in IBM Maas360 DTM 3.81 IBM MaaS360 DTM all versions up to 3.81 does not perform proper verification for user rights of certain applications which could disclose sensitive information. | 3.3 |
| 2017-07-21 | CVE-2017-1381 | Information Exposure vulnerability in IBM Websphere Application Server IBM WebSphere Application Server Proxy Server or On-demand-router (ODR) 7.0, 8.0, 8.5, 9.0 and could allow a local attacker to obtain sensitive information, caused by stale data being cached and then served. | 3.3 |
| 2017-07-05 | CVE-2017-1144 | Untrusted Search Path vulnerability in IBM Integration BUS and Websphere Message Broker IBM WebSphere Message Broker could allow a local user with specialized access to prevent the message broker from starting. | 2.5 |
| 2017-07-05 | CVE-2017-1176 | Information Exposure vulnerability in IBM Maximo Asset Management IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow a local user to obtain sensitive information due to inappropriate data retention of attachments. | 3.3 |
| 2017-07-05 | CVE-2016-0238 | Information Exposure vulnerability in IBM Security Guardium IBM Security Guardium 9.0, 9.1, 9.5, 10.0, and 10.1 transmits sensitive data in cleartext in the query of the request. | 3.7 |
| 2017-06-07 | CVE-2017-1125 | Information Exposure vulnerability in IBM Cognos Business Intelligence Server IBM Cognos Analytics 10.1 and 10.2 could allow a local user to craft a URL which could confirm the existence of and expose postial contents of a file. | 3.3 |
| 2017-05-15 | CVE-2016-5979 | Permissions, Privileges, and Access Controls vulnerability in IBM Distributed Marketing IBM Distributed Marketing 8.6, 9.0, and 10.0 could allow a privileged authenticated user to create an instance that gets created with security profile not valid for the templates, that results in the new instance not accessible for the intended user. | 2.7 |
| 2017-03-27 | CVE-2016-6102 | Information Exposure vulnerability in IBM Security KEY Lifecycle Manager IBM Tivoli Key Lifecycle Manager 2.5 and 2.6 stores sensitive information in URL parameters. | 3.7 |
| 2017-03-20 | CVE-2016-9697 | Information Exposure vulnerability in IBM Rational Rhapsody Design Manager An unspecified vulnerability in IBM Rhapsody DM 4.0, 5.0, and 6.0 could allow an attacker to perform a JSON Hijacking Attack. | 3.1 |
| 2017-03-08 | CVE-2017-1150 | Improper Privilege Management vulnerability in IBM DB2 10.1/10.5/11.1 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.1, 10.5, and 11.1 could allow an authenticated attacker with specialized access to tables that they should not be permitted to view. | 3.1 |