Vulnerabilities > IBM > Low

DATE CVE VULNERABILITY TITLE RISK
2021-07-01 CVE-2020-4935 Cross-site Scripting vulnerability in IBM Datacap Navigator 9.1.7
IBM Datacap Fastdoc Capture (IBM Datacap Navigator 9.1.7 ) is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
2021-06-29 CVE-2021-20490 Incorrect Default Permissions vulnerability in IBM Spectrum Protect Plus
IBM Spectrum Protect Plus 10.1.0 through 10.1.8 could allow a local user to cause a denial of service due to insecure file permission settings.
local
low complexity
ibm CWE-276
2.1
2021-06-29 CVE-2021-20477 Cross-site Scripting vulnerability in IBM Planning Analytics 2.0
IBM Planning Analytics 2.0 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
2021-06-28 CVE-2021-29751 Unspecified vulnerability in IBM products
IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.5 and 8.6 could allow an authenticated user to obtain sensitive information about another user under nondefault configurations.
network
ibm
3.5
2021-06-28 CVE-2021-29693 Unspecified vulnerability in IBM AIX and Vios
IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a local user that is in the with elevated group privileges to cause a denial of service due to a vulnerability in the lpd daemon.
local
low complexity
ibm
2.1
2021-06-25 CVE-2021-29677 Cross-site Scripting vulnerability in IBM Security Verify
IBM Security Verify (IBM Security Verify Privilege Vault 10.9.66) is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
2021-06-24 CVE-2021-20579 Information Exposure vulnerability in IBM DB2
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a user who can create a view or inline SQL function to obtain sensitive information when AUTO_REVAL is set to DEFFERED_FORCE.
network
ibm CWE-200
3.5
2021-06-24 CVE-2020-4885 Link Following vulnerability in IBM DB2 11.5
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 could allow a local user to access and change the configuration of Db2 due to a race condition of a symbolic link,.
local
ibm CWE-59
1.9
2021-06-17 CVE-2021-29706 Unspecified vulnerability in IBM AIX 7.1.0
IBM AIX 7.1 could allow a non-privileged local user to exploit a vulnerability in the trace facility to expose sensitive information or cause a denial of service.
local
low complexity
ibm
3.6
2021-06-16 CVE-2021-20567 Missing Encryption of Sensitive Data vulnerability in IBM Resilient Security Orchestration Automation and Response 38.0
IBM Resilient SOAR V38.0 could allow a local privileged attacker to obtain sensitive information due to improper or nonexisting encryption.IBM X-Force ID: 199239.
local
low complexity
ibm CWE-311
2.1