Vulnerabilities > IBM > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-09 | CVE-2016-9749 | Improper Input Validation vulnerability in IBM Campaign IBM Campaign 9.1.0, 9.1.2, 10.0, and 10.1 could allow an authenticated user with access to the local network to bypass security due to lack of input validation. | 2.1 |
| 2018-11-09 | CVE-2018-1799 | Unspecified vulnerability in IBM DB2 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local unprivileged user to overwrite files on the system which could cause damage to the database. | 3.6 |
| 2018-11-09 | CVE-2018-1842 | Improper Verification of Cryptographic Signature vulnerability in multiple products IBM Cognos Analytics 11 Configuration tool, under certain circumstances, will bypass OIDC namespace signature verification on its id_token. | 3.3 |
| 2018-11-02 | CVE-2017-1609 | Cross-site Scripting vulnerability in IBM Rational Quality Manager IBM Quality Manager (RQM) 5.0 through 5.0.2 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. | 3.5 |
| 2018-11-02 | CVE-2018-1788 | Information Exposure Through Log Files vulnerability in IBM Spectrum Protect Server IBM Spectrum Protect Server 7.1 and 8.1 could disclose highly sensitive information via trace logs to a local privileged user. | 2.1 |
| 2018-11-02 | CVE-2018-1876 | Information Exposure Through Log Files vulnerability in IBM Robotic Process Automation With Automation Anywhere 11.0 IBM Robotic Process Automation with Automation Anywhere 11 could under certain cases, display the password in a Control Room log file after installation. | 2.1 |
| 2018-11-02 | CVE-2018-1877 | Cleartext Storage of Sensitive Information vulnerability in IBM Robotic Process Automation With Automation Anywhere 11.0 IBM Robotic Process Automation with Automation Anywhere 11 could store highly sensitive information in the form of unencrypted passwords that would be available to a local user. | 2.1 |
| 2018-10-29 | CVE-2018-1766 | Cross-site Scripting vulnerability in IBM Rational Team Concert IBM Team Concert (RTC) 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. | 3.5 |
| 2018-10-24 | CVE-2018-1541 | Cross-site Scripting vulnerability in IBM Websphere Commerce IBM WebSphere Commerce Enterprise V7, V8, and V9 is vulnerable to cross-site scripting. | 3.5 |
| 2018-10-18 | CVE-2018-1518 | Inadequate Encryption Strength vulnerability in IBM products IBM InfoSphere Information Server 11.7 is affected by a weak password encryption vulnerability that could allow a local user to obtain highly sensitive information. | 2.1 |