Vulnerabilities > IBM > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-10 | CVE-2022-22426 | Unspecified vulnerability in IBM Spectrum Copy Data Management IBM Spectrum Copy Data Management Admin 2.2.0.0 through 2.2.15.0 could allow a local attacker to bypass authentication restrictions, caused by the lack of proper session management. | 3.3 |
| 2022-03-14 | CVE-2022-22348 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Spectrum Protect Operations Center IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.13.xxx is vulnerable to reverse tabnabbing where it could allow a page linked to from within Operations Center to rewrite it. | 2.4 |
| 2022-02-16 | CVE-2019-4352 | Unspecified vulnerability in IBM Maximo Anywhere 7.6.4.0 IBM Maximo Anywhere 7.6.4.0 applications could allow obfuscation of the application source code. low complexity ibm | 2.4 |
| 2022-01-26 | CVE-2021-29846 | Insufficient Session Expiration vulnerability in IBM Security Guardium Insights 3.0.0 IBM Security Guardium Insights 3.0 could allow an authenticated user to obtain sensitive information due to insufficient session expiration. | 2.7 |
| 2022-01-10 | CVE-2021-38894 | Information Exposure Through an Error Message vulnerability in IBM Security Verify Access 10.0.0/10.0.1.0/10.0.2.0 IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 2.7 |
| 2021-11-12 | CVE-2021-38973 | Improper Input Validation vulnerability in IBM products IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly. | 2.7 |
| 2021-10-15 | CVE-2020-4951 | Information Exposure vulnerability in multiple products IBM Cognos Analytics 11.1.7 and 11.2.0 contains locally cached browser data, that could allow a local attacker to obtain sensitive information. | 3.3 |
| 2021-09-23 | CVE-2021-20377 | Information Exposure Through an Error Message vulnerability in IBM Security Guardium 11.3 IBM Security Guardium 11.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 2.7 |
| 2021-09-23 | CVE-2020-4809 | Insecure Storage of Sensitive Information vulnerability in IBM Edge Application Manager 4.2 IBM Edge 4.2 allows web pages to be stored locally which can be read by another user on the system. | 3.3 |
| 2021-09-23 | CVE-2020-4805 | Insecure Storage of Sensitive Information vulnerability in IBM Edge Application Manager 4.2 IBM Edge 4.2 allows web pages to be stored locally which can be read by another user on the system. | 3.3 |