Vulnerabilities > IBM > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-27 | CVE-2020-4358 | Cross-site Scripting vulnerability in IBM Spectrum Scale IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 is vulnerable to cross-site scripting. | 3.5 |
| 2020-05-19 | CVE-2020-4298 | Cross-site Scripting vulnerability in IBM products IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting. | 3.5 |
| 2020-05-17 | CVE-2020-4345 | SQL Injection vulnerability in IBM I 7.2/7.3/7.4 IBM i 7.2, 7.3, and 7.4 users running complex SQL statements under a specific set of circumstances may allow a local user to obtain sensitive information that they should not have access to. | 1.9 |
| 2020-05-12 | CVE-2020-4195 | Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM API Connect IBM API Connect V2018.4.1.0 through 2018.4.1.10 could allow a remote attacker to hijack the clicking action of the victim. | 3.5 |
| 2020-05-06 | CVE-2019-4266 | Improper Privilege Management vulnerability in IBM Maximo Anywhere IBM Maximo Anywhere 7.6.2.0, 7.6.2.1, 7.6.3.0, and 7.6.3.1 does not have device jailbreak detection which could result in an attacker gaining sensitive information about the device. | 2.1 |
| 2020-05-06 | CVE-2020-4384 | Cross-site Scripting vulnerability in IBM products IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting. | 3.5 |
| 2020-04-29 | CVE-2019-4286 | Information Exposure vulnerability in IBM Maximo Anywhere IBM Maximo Anywhere 7.6.2.0, 7.6.2.1, 7.6.3.0, and 7.6.3.1 could disclose highly senstiive user information to an authenticated user with physical access to the device. | 2.1 |
| 2020-04-29 | CVE-2019-4288 | Information Exposure vulnerability in IBM Maximo Anywhere IBM Maximo Anywhere 7.6.2.0, 7.6.2.1, 7.6.3.0, and 7.6.3.1 could disclose highly senstiive user information to an authenticated user with physical access to the device. | 2.1 |
| 2020-04-23 | CVE-2019-4668 | Insufficiently Protected Credentials vulnerability in IBM Urbancode Deploy IBM UrbanCode Deploy (UCD) 7.0.4.0 stores user credentials in plain in clear text which can be read by a local user. | 2.1 |
| 2020-04-23 | CVE-2019-4735 | Information Exposure vulnerability in IBM Maas360 3.96.62 IBM MaaS360 3.96.62 for iOS could allow an attacker with physical access to the device to obtain sensitive information from the agent outside of the container. | 2.1 |