Vulnerabilities > IBM > Low

DATE CVE VULNERABILITY TITLE RISK
2021-03-11 CVE-2020-4976 Incorrect Default Permissions vulnerability in multiple products
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local user to read and write specific files due to weak file permissions.
local
low complexity
ibm netapp CWE-276
3.6
3.6
2021-03-11 CVE-2021-20336 Cross-site Scripting vulnerability in IBM Tivoli Netcool/Omnibus Webgui 8.1.0
IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored cross-site scripting.
network
ibm CWE-79
3.5
3.5
2021-03-10 CVE-2020-4717 Link Following vulnerability in IBM Spss Modeler
A vulnerability exists in IBM SPSS Modeler Subscription Installer that allows a user with create symbolic link permission to write arbitrary file in another protected path during product installation.
local
low complexity
ibm CWE-59
2.1
2.1
2021-03-10 CVE-2020-5016 Path Traversal vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories on the system.
network
ibm CWE-22
3.5
3.5
2021-03-04 CVE-2020-4856 Cross-site Scripting vulnerability in IBM products
IBM Engineering products are vulnerable to stored cross-site scripting.
network
ibm CWE-79
3.5
3.5
2021-03-04 CVE-2020-4857 Cross-site Scripting vulnerability in IBM products
IBM Engineering products are vulnerable to stored cross-site scripting.
network
ibm CWE-79
3.5
3.5
2021-03-04 CVE-2020-4863 Cross-site Scripting vulnerability in IBM products
IBM Engineering products are vulnerable to stored cross-site scripting.
network
ibm CWE-79
3.5
3.5
2021-03-04 CVE-2020-4866 Cross-site Scripting vulnerability in IBM products
IBM Engineering products are vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5
2021-03-04 CVE-2020-4975 Cross-site Scripting vulnerability in IBM products
IBM Engineering products are vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5
2021-03-04 CVE-2021-20340 Cross-site Scripting vulnerability in IBM products
IBM Engineering products are vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5