Vulnerabilities > IBM > Low

DATE CVE VULNERABILITY TITLE RISK
2018-06-22 CVE-2018-1655 Information Exposure vulnerability in IBM AIX
IBM AIX 5.3, 6.1, 7.1, and 7.2 contains a vulnerability in the rmsock command that may be used to expose kernel memory.
local
low complexity
ibm CWE-200
2.1
2.1
2018-06-15 CVE-2018-1419 Unspecified vulnerability in IBM Websphere MQ
IBM WebSphere MQ 8.0 and 9.0, when configured to use a PAM module for authentication, could allow a user to cause a deadlock in the IBM MQ PAM code which could result in a denial of service.
network
ibm
3.5
3.5
2018-05-31 CVE-2018-1496 Cross-site Scripting vulnerability in IBM Content Navigator
IBM Content Navigator 2.0.3, 3.0.0, 3.0.1, 3.0.2, and 3.0.3 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5
2018-05-25 CVE-2018-1449 Unspecified vulnerability in IBM DB2
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 contains a vulnerability that could allow a local user to overwrite arbitrary files owned by the DB2 instance owner.
local
low complexity
ibm linux microsoft
3.6
3.6
2018-05-25 CVE-2018-1450 Unspecified vulnerability in IBM DB2
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 contains a vulnerability that could allow a local user to overwrite arbitrary files owned by the DB2 instance owner.
local
low complexity
ibm linux microsoft
3.6
3.6
2018-05-25 CVE-2018-1451 Unspecified vulnerability in IBM DB2
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 contains a vulnerability that could allow a local user to overwrite arbitrary files owned by the DB2 instance owner.
local
low complexity
ibm linux microsoft
3.6
3.6
2018-05-25 CVE-2018-1452 Unspecified vulnerability in IBM DB2
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 contains a vulnerability that could allow a local user to overwrite arbitrary files owned by the DB2 instance owner.
local
low complexity
ibm linux microsoft
3.6
3.6
2018-05-17 CVE-2018-1461 Cross-site Scripting vulnerability in IBM products
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) are vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5
2018-05-17 CVE-2018-1465 Information Exposure vulnerability in IBM products
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to obtain the private key which could make intercepting GUI communications possible.
network
ibm CWE-200
3.5
3.5
2018-05-17 CVE-2018-1466 Inadequate Encryption Strength vulnerability in IBM products
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products (6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) use weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
ibm CWE-326
3.5
3.5