Vulnerabilities > IBM > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-07 | CVE-2018-1413 | Cross-site Scripting vulnerability in multiple products IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. | 3.5 |
| 2018-05-01 | CVE-2013-4040 | Permission Issues vulnerability in IBM Tivoli Application Dependency Discovery Manager IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2.x before 7.2.1.5 and 7.2.x before 7.2.2.0 on Unix use weak permissions (755) for unspecified configuration and log files, which allows local users to obtain sensitive information by reading the files. | 2.1 |
| 2018-05-01 | CVE-2018-1502 | Cross-site Scripting vulnerability in IBM Content Manager 8.4.3/8.5 IBM Content Manager Enterprise Edition Resource Manager 8.4.3 and 9.5 is vulnerable to cross-site scripting. | 3.5 |
| 2018-04-30 | CVE-2018-1430 | Cross-site Scripting vulnerability in IBM API Connect IBM API Connect 5.0.0.0 through 5.0.8.2 is vulnerable to cross-site scripting. | 3.5 |
| 2018-04-27 | CVE-2013-5391 | Cryptographic Issues vulnerability in IBM Mobile Foundation and Worklight IBM Worklight Consumer and Enterprise Editions 5.0.x before 5.0.6 Fix Pack 2 and 6.0.x before 6.0.0 Fix Pack 2, and Mobile Foundation Consumer and Enterprise Editions 5.0.x before 5.0.6 Fix Pack 2 and 6.0.0 Fix Pack 2 make it easier for attackers to defeat cryptographic protection mechanisms by leveraging improper initialization of the pseudo random number generator (PRNG) in Android and use of the Java Cryptography Architecture (JCA) by a Worklight program. | 3.5 |
| 2018-04-27 | CVE-2014-0841 | Inadequate Encryption Strength vulnerability in IBM Rational Focal Point IBM Rational Focal Point 6.4.0, 6.4.1, 6.5.1, 6.5.2, and 6.6.0 use a weak algorithm to hash passwords, which makes it easier for context-dependent attackers to obtain cleartext values via a brute-force attack. | 2.1 |
| 2018-04-26 | CVE-2017-1724 | Cross-site Scripting vulnerability in IBM products IBM Security QRadar SIEM 7.2 and 7.3 is vulnerable to cross-site scripting. | 3.5 |
| 2018-04-25 | CVE-2014-0872 | Information Exposure vulnerability in IBM Security KEY Lifecycle Manager 2.5.0 The installation process in IBM Security Key Lifecycle Manager 2.5 stores unencrypted credentials, which might allow local users to obtain sensitive information by leveraging root access. | 1.5 |
| 2018-04-25 | CVE-2017-1750 | Cross-site Scripting vulnerability in IBM Jazz Reporting Service IBM Jazz Reporting Service (JRS) 5.0 through 5.0.2 and 6.0 through 6.0.5 is vulnerable to cross-site scripting. | 3.5 |
| 2018-04-25 | CVE-2018-1363 | Cross-site Scripting vulnerability in IBM Jazz Reporting Service IBM Jazz Reporting Service (JRS) 5.0 through 5.0.2 and 6.0 through 6.0.5 is vulnerable to cross-site scripting. | 3.5 |