Vulnerabilities > IBM > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-09 | CVE-2020-4790 | Improper Input Validation vulnerability in IBM Security Identity Governance and Intelligence 5.2.6 IBM Security Identity Governance and Intelligence 5.2.6 could allow a user to cause a denial of service due to improperly validating a supplied URL, rendering the application unusuable. | 3.3 |
| 2021-02-09 | CVE-2020-4791 | Information Exposure vulnerability in IBM Security Identity Governance and Intelligence 5.2.6 IBM Security Identity Governance and Intelligence 5.2.6 could allow an attacker to obtain sensitive information using main in the middle attacks due to improper certificate validation. | 1.8 |
| 2021-02-09 | CVE-2020-4996 | Unspecified vulnerability in IBM Security Identity Governance and Intelligence 5.2.6 IBM Security Identity Governance and Intelligence 5.2.6 could allow a local user to obtain sensitive information via the capturing of screenshots of authentication credentials. | 2.1 |
| 2021-02-05 | CVE-2020-4832 | Information Exposure vulnerability in IBM Powerha 7.2 IBM PowerHA 7.2 could allow a local attacker to obtain sensitive information from temporary directories after a discovery failure occurs. | 2.1 |
| 2021-02-04 | CVE-2020-4640 | Information Exposure vulnerability in IBM API Connect Certain IBM API Connect 10.0.0.0 through 10.0.1.0 and 2018.4.1.0 through 2018.4.1.13 configurations can result in sensitive information in the URL fragment identifiers. | 3.8 |
| 2021-02-04 | CVE-2020-4825 | Cross-site Scripting vulnerability in IBM API Connect IBM API Connect 10.0.0.0 through 10.0.1.0 and 2018.4.1.0 through 2018.4.1.13 is vulnerable to cross-site scripting. | 3.5 |
| 2021-02-04 | CVE-2020-5032 | Unspecified vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.3 and 7.4 in some configurations may be vulnerable to a temporary denial of service attack when sent particular payloads. low complexity ibm | 3.3 |
| 2021-01-27 | CVE-2020-4524 | Cross-site Scripting vulnerability in IBM products IBM Jazz Foundation products is vulnerable to cross-site scripting. | 3.5 |
| 2021-01-27 | CVE-2020-4547 | Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM products IBM Jazz Foundation products could allow a remote attacker to hijack the clicking action of the victim. | 3.5 |
| 2021-01-27 | CVE-2020-4787 | Server-Side Request Forgery (SSRF) vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.4.2 GA to 7.4.2 Patch 1, 7.4.0 to 7.4.1 Patch 1, and 7.3.0 to 7.3.3 Patch 5 is vulnerable to server side request forgery (SSRF). | 2.1 |