Vulnerabilities > IBM > Low

DATE CVE VULNERABILITY TITLE RISK
2019-02-04 CVE-2018-1962 Session Fixation vulnerability in IBM Security Identity Manager
IBM Security Identity Manager 7.0.1 Virtual Appliance does not invalidate session tokens when the logout button is pressed.
local
low complexity
ibm CWE-384
2.1
2.1
2019-01-15 CVE-2018-1772 Cross-site Scripting vulnerability in IBM Spss Analytic Server 3.1.1.1
IBM SPSS Analytic Server 3.1.1.1 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5
2019-01-08 CVE-2018-1918 Cross-site Scripting vulnerability in IBM Jazz Reporting Service
IBM Jazz Reporting Service (JRS) 6.0.3, 6.0.4, 6.0.5, and 6.0.6 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5
2019-01-08 CVE-2018-1993 Information Exposure vulnerability in IBM Spectrum Scale
IBM Spectrum Scale (GPFS) 4.1.1, 4.2.0, 4.2.1, 4.2.2, 4.2.3, and 5.0.0 where the use of Local Read Only Cache (LROC) is enabled may caused read operation on a file to return data from a different file.
local
low complexity
ibm CWE-200
2.1
2.1
2019-01-04 CVE-2018-1657 Cross-site Scripting vulnerability in IBM Rational Publishing Engine 2.1.2/6.0.5/6.0.6
IBM Publishing Engine 2.1.2, 6.0.5, and 6.0.6 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5
2019-01-04 CVE-2018-1951 Cross-site Scripting vulnerability in IBM Rational Publishing Engine 2.1.2/6.0.5/6.0.6
IBM Publishing Engine 2.1.2, 6.0.5, and 6.0.6 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5
2018-12-20 CVE-2018-1677 Improper Handling of Exceptional Conditions vulnerability in IBM Datapower Gateway
IBM DataPower Gateways 7.1, 7.2, 7.5, 7.5.1, 7.5.2, 7.6, and 7.7 and IBM MQ Appliance are vulnerable to a denial of service, caused by the improper handling of full file system.
local
low complexity
ibm CWE-755
2.1
2.1
2018-12-18 CVE-2018-1833 Unspecified vulnerability in IBM Event Streams 2018.3.0
IBM Event Streams 2018.3.0 could allow a remote attacker to submit an API request with a fake Host request header.
network
ibm
3.5
3.5
2018-12-17 CVE-2018-1889 Cross-site Scripting vulnerability in IBM Security Guardium
IBM Security Guardium 10.0 and 10.5 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5
2018-12-17 CVE-2018-1891 Cross-site Scripting vulnerability in IBM Security Guardium
IBM Security Guardium 10 and 10.5 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5