Vulnerabilities > IBM > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-07 | CVE-2020-4895 | Cross-site Scripting vulnerability in IBM Emptoris Strategic Supply Management IBM Emptoris Strategic Supply Management 10.1.0, 10.1.1, and 10.1.3 is vulnerable to stored cross-site scripting. | 3.5 |
| 2021-01-04 | CVE-2020-4909 | Cross-site Scripting vulnerability in IBM Cloud PAK System IBM Cloud Pak System 2.3 is vulnerable to cross-site scripting. | 3.5 |
| 2021-01-04 | CVE-2020-4910 | Cross-site Scripting vulnerability in IBM Cloud PAK System IBM Cloud Pak System 2.3 is vulnerable to cross-site scripting. | 3.5 |
| 2021-01-04 | CVE-2020-4913 | Insufficiently Protected Credentials vulnerability in IBM Cloud PAK System IBM Cloud Pak System 2.3 could reveal credential information in the HTTP response to a local privileged user. | 2.1 |
| 2021-01-04 | CVE-2020-4916 | Cross-site Scripting vulnerability in IBM Cloud PAK System IBM Cloud Pak System 2.3 is vulnerable to cross-site scripting. | 3.5 |
| 2021-01-04 | CVE-2020-4918 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Cloud PAK System IBM Cloud Pak System 2.3 could allow l local privileged user to disclose sensitive information due to an insecure direct object reference in sell service console for the Platform System Manager. | 2.1 |
| 2020-12-23 | CVE-2020-4642 | Unspecified vulnerability in IBM DB2 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow local attacker to cause a denial of service inside the "DB2 Management Service". | 2.1 |
| 2020-12-17 | CVE-2020-4845 | Cross-site Scripting vulnerability in IBM Security KEY Lifecycle Manager IBM Security Key Lifecycle Manager 3.0.1 and 4.0 is vulnerable to cross-site scripting. | 3.5 |
| 2020-12-16 | CVE-2020-4906 | Insecure Storage of Sensitive Information vulnerability in IBM Financial Transaction Manager for Multiplatform 3.2.4 IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 allows web pages to be stored locally which can be read by another user on the system. | 2.1 |
| 2020-11-30 | CVE-2020-4900 | Information Exposure Through Log Files vulnerability in IBM Business Automation Workflow 19.0.0.3 IBM Business Automation Workflow 19.0.0.3 stores potentially sensitive information in log files that could be read by a local user. | 2.1 |