Vulnerabilities > IBM > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-12 | CVE-2021-38973 | Improper Input Validation vulnerability in IBM products IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly. | 2.7 |
| 2021-10-15 | CVE-2020-4951 | Information Exposure vulnerability in multiple products IBM Cognos Analytics 11.1.7 and 11.2.0 contains locally cached browser data, that could allow a local attacker to obtain sensitive information. | 3.3 |
| 2021-09-23 | CVE-2021-20377 | Information Exposure Through an Error Message vulnerability in IBM Security Guardium 11.3 IBM Security Guardium 11.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 2.7 |
| 2021-09-23 | CVE-2020-4809 | Insecure Storage of Sensitive Information vulnerability in IBM Edge Application Manager 4.2 IBM Edge 4.2 allows web pages to be stored locally which can be read by another user on the system. | 3.3 |
| 2021-09-23 | CVE-2020-4805 | Insecure Storage of Sensitive Information vulnerability in IBM Edge Application Manager 4.2 IBM Edge 4.2 allows web pages to be stored locally which can be read by another user on the system. | 3.3 |
| 2021-09-23 | CVE-2020-4803 | Insecure Storage of Sensitive Information vulnerability in IBM Edge Application Manager 4.2 IBM Edge 4.2 allows web pages to be stored locally which can be read by another user on the system. | 3.3 |
| 2021-07-20 | CVE-2021-20478 | Unspecified vulnerability in IBM Cloud PAK System 2.3 IBM Cloud Pak System 2.3 could allow a local user in some situations to view the artifacts of another user in self service console. | 3.3 |
| 2021-07-15 | CVE-2021-20534 | Open Redirect vulnerability in IBM Security Verify Access 10.0.0 IBM Security Verify Access Docker 10.0.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 3.5 |
| 2021-07-15 | CVE-2021-20523 | Information Exposure Through an Error Message vulnerability in IBM Security Verify Access 10.0.0 IBM Security Verify Access Docker 10.0.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 2.7 |
| 2021-07-15 | CVE-2021-20499 | Information Exposure Through an Error Message vulnerability in IBM Security Verify Access 10.0.0 IBM Security Verify Access Docker 10.0.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 2.7 |