Vulnerabilities > IBM > Low

DATE CVE VULNERABILITY TITLE RISK
2020-07-16 CVE-2019-4748 Cross-site Scripting vulnerability in IBM products
IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. 		3.5
3.5
2020-07-14 CVE-2020-4364 Cross-site Scripting vulnerability in IBM Qradar Security Information and Event Manager
IBM QRadar SIEM 7.3 and 7.4 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5
2020-07-01 CVE-2019-4676 Cleartext Storage of Sensitive Information vulnerability in IBM Security Identity Manager Virtual Appliance 7.0.2
IBM Security Identity Manager Virtual Appliance 7.0.2 stores user credentials in plain in clear text which can be read by a local user. 		2.1
2.1
2020-07-01 CVE-2020-4386 Race Condition vulnerability in IBM DB2
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local user to obtain sensitive information using a race condition of a symbolic link.
local
ibm CWE-362
1.9
1.9
2020-07-01 CVE-2020-4387 Race Condition vulnerability in IBM DB2
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local user to obtain sensitive information using a race condition of a symbolic link.
local
ibm CWE-362
1.9
1.9
2020-07-01 CVE-2020-4414 Incorrect Permission Assignment for Critical Resource vulnerability in IBM DB2
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local attacker to perform unauthorized actions on the system, caused by improper usage of shared memory.
local
low complexity
ibm CWE-732
3.6
3.6
2020-06-29 CVE-2020-4557 Cross-site Scripting vulnerability in IBM products
IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.5 and 8.6 are vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5
2020-06-26 CVE-2020-4223 Cross-site Scripting vulnerability in IBM Maximo Asset Management 7.6.0.10/7.6.1.1
IBM Maximo Asset Management 7.6.0.10 and 7.6.1.1 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5
2020-06-19 CVE-2020-4281 Cross-site Scripting vulnerability in IBM Doors Next and Rational Doors Next Generation
IBM DOORS Next Generation (DNG/RRC) 6.0.2, 6.0.6, 6.0.6.1, and 7.0 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5
2020-06-19 CVE-2020-4295 Cross-site Scripting vulnerability in IBM Doors Next and Rational Doors Next Generation
IBM DOORS Next Generation (DNG/RRC) 6.0.2, 6.0.6, 6.0.6.1, and 7.0 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5